public class TlsServerImpl
extends org.bouncycastle.crypto.tls.DefaultTlsServer
TlsServer
for the purposes of supporting DTLS-SRTP.cipherFactory, clientECPointFormats, clientExtensions, clientVersion, context, eccCipherSuitesOffered, encryptThenMACOffered, maxFragmentLengthOffered, namedCurves, offeredCipherSuites, offeredCompressionMethods, selectedCipherSuite, selectedCompressionMethod, serverECPointFormats, serverExtensions, serverVersion, supportedSignatureAlgorithms, truncatedHMacOffered
Constructor and Description |
---|
TlsServerImpl(DtlsPacketTransformer packetTransformer)
Initializes a new TlsServerImpl instance.
|
Modifier and Type | Method and Description |
---|---|
org.bouncycastle.crypto.tls.CertificateRequest |
getCertificateRequest() |
(package private) int |
getChosenProtectionProfile()
Gets the SRTPProtectionProfile negotiated between this DTLS-SRTP
server and its client.
|
protected int[] |
getCipherSuites()
Overrides the super implementation to explicitly specify cipher suites
which we know to be supported by Bouncy Castle and provide Perfect
Forward Secrecy.
|
(package private) org.bouncycastle.crypto.tls.TlsContext |
getContext()
Gets the TlsContext with which this TlsServer has been
initialized.
|
protected org.bouncycastle.crypto.tls.ProtocolVersion |
getMaximumVersion()
The implementation of TlsServerImpl always returns
ProtocolVersion.DTLSv10 because ProtocolVersion.DTLSv12
does not work with the Bouncy Castle Crypto APIs at the time of this
writing.
|
protected org.bouncycastle.crypto.tls.ProtocolVersion |
getMinimumVersion() |
protected org.bouncycastle.crypto.tls.TlsEncryptionCredentials |
getRSAEncryptionCredentials()
Depending on the selectedCipherSuite, DefaultTlsServer
will require either rsaEncryptionCredentials or
rsaSignerCredentials neither of which is implemented by
DefaultTlsServer.
|
protected org.bouncycastle.crypto.tls.TlsSignerCredentials |
getRSASignerCredentials()
Depending on the selectedCipherSuite, DefaultTlsServer
will require either rsaEncryptionCredentials or
rsaSignerCredentials neither of which is implemented by
DefaultTlsServer.
|
java.util.Hashtable |
getServerExtensions()
Includes the use_srtp extension in the DTLS extended server
hello.
|
void |
init(org.bouncycastle.crypto.tls.TlsServerContext context)
Overrides the super implementation as a simple means of detecting that
the security-related negotiations between the local and the remote
enpoints are starting.
|
void |
notifyAlertRaised(short alertLevel,
short alertDescription,
java.lang.String message,
java.lang.Throwable cause)
Forwards to
packetTransformer . |
void |
notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) |
void |
processClientExtensions(java.util.Hashtable clientExtensions)
Makes sure that the DTLS extended client hello contains the
use_srtp extension.
|
createDHEKeyExchange, createDHKeyExchange, createECDHEKeyExchange, createECDHKeyExchange, createRSAKeyExchange, getCredentials, getDHParameters, getDSASignerCredentials, getECDSASignerCredentials, getKeyExchange
allowEncryptThenMAC, allowTruncatedHMac, checkServerExtensions, getCertificateStatus, getCipher, getCompression, getCompressionMethods, getNewSessionTicket, getSelectedCipherSuite, getSelectedCompressionMethod, getServerSupplementalData, getServerVersion, notifyClientVersion, notifyFallback, notifyOfferedCipherSuites, notifyOfferedCompressionMethods, processClientSupplementalData, supportsClientECCCapabilities
notifyAlertReceived, notifyHandshakeComplete, notifySecureRenegotiation, shouldUseGMTUnixTime
public TlsServerImpl(DtlsPacketTransformer packetTransformer)
packetTransformer
- the PacketTransformer which is
initializing the new instancepublic org.bouncycastle.crypto.tls.CertificateRequest getCertificateRequest()
getCertificateRequest
in interface org.bouncycastle.crypto.tls.TlsServer
getCertificateRequest
in class org.bouncycastle.crypto.tls.AbstractTlsServer
int getChosenProtectionProfile()
protected int[] getCipherSuites()
getCipherSuites
in class org.bouncycastle.crypto.tls.DefaultTlsServer
org.bouncycastle.crypto.tls.TlsContext getContext()
protected org.bouncycastle.crypto.tls.ProtocolVersion getMaximumVersion()
getMaximumVersion
in class org.bouncycastle.crypto.tls.AbstractTlsServer
protected org.bouncycastle.crypto.tls.ProtocolVersion getMinimumVersion()
getMinimumVersion
in class org.bouncycastle.crypto.tls.AbstractTlsServer
protected org.bouncycastle.crypto.tls.TlsEncryptionCredentials getRSAEncryptionCredentials() throws java.io.IOException
getRSAEncryptionCredentials
in class org.bouncycastle.crypto.tls.DefaultTlsServer
java.io.IOException
protected org.bouncycastle.crypto.tls.TlsSignerCredentials getRSASignerCredentials() throws java.io.IOException
getRSASignerCredentials
in class org.bouncycastle.crypto.tls.DefaultTlsServer
java.io.IOException
public java.util.Hashtable getServerExtensions() throws java.io.IOException
getServerExtensions
in interface org.bouncycastle.crypto.tls.TlsServer
getServerExtensions
in class org.bouncycastle.crypto.tls.AbstractTlsServer
java.io.IOException
public void init(org.bouncycastle.crypto.tls.TlsServerContext context)
init
in interface org.bouncycastle.crypto.tls.TlsServer
init
in class org.bouncycastle.crypto.tls.AbstractTlsServer
public void notifyAlertRaised(short alertLevel, short alertDescription, java.lang.String message, java.lang.Throwable cause)
packetTransformer
.notifyAlertRaised
in interface org.bouncycastle.crypto.tls.TlsPeer
notifyAlertRaised
in class org.bouncycastle.crypto.tls.AbstractTlsPeer
public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) throws java.io.IOException
notifyClientCertificate
in interface org.bouncycastle.crypto.tls.TlsServer
notifyClientCertificate
in class org.bouncycastle.crypto.tls.AbstractTlsServer
java.io.IOException
public void processClientExtensions(java.util.Hashtable clientExtensions) throws java.io.IOException
processClientExtensions
in interface org.bouncycastle.crypto.tls.TlsServer
processClientExtensions
in class org.bouncycastle.crypto.tls.AbstractTlsServer
java.io.IOException
Jitsi, the OpenSource Java VoIP and Instant Messaging client.
Distributable under Apache license.