org.bouncycastle.tls.TlsAuthentication Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of bctls-fips Show documentation

The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified and used appropriately.

There is a newer version: 2.0.19

Show newest version

package org.bouncycastle.tls;

import java.io.IOException;

/**
 * Base interface to provide TLS authentication credentials.
 */
public interface TlsAuthentication
{
    /**
     * Called by the protocol handler to report the server certificate
     * Note: this method is responsible for certificate verification and validation
     *
     * @param serverCertificate the server certificate received
     * @throws IOException
     */
    void notifyServerCertificate(TlsServerCertificate serverCertificate)
        throws IOException;

    /**
     * Return client credentials in response to server's certificate request. The returned value may
     * be null, or else it MUST implement exactly one of {@link TlsCredentialedAgreement},
     * {@link TlsCredentialedDecryptor}, or {@link TlsCredentialedSigner}, depending on the key
     * exchange that was negotiated and the details of the {@link CertificateRequest}.
     *
     * @param certificateRequest
     *            details of the certificate request
     * @return a TlsCredentials object or null for no client authentication
     * @throws IOException
     */
    TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
        throws IOException;
}