All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.tls.TlsContext Maven / Gradle / Ivy

Go to download

The Bouncy Castle Java APIs for the TLS, including a JSSE provider. The APIs are designed primarily to be used in conjunction with the BC FIPS provider. The APIs may also be used with other providers although if being used in a FIPS context it is the responsibility of the user to ensure that any other providers used are FIPS certified and used appropriately.

There is a newer version: 2.0.19
Show newest version
package org.bouncycastle.tls;

import org.bouncycastle.tls.crypto.TlsCrypto;
import org.bouncycastle.tls.crypto.TlsNonceGenerator;

/**
 * Base interface for a TLS context implementation.
 */
public interface TlsContext
{
    TlsCrypto getCrypto();

    TlsNonceGenerator getNonceGenerator();

    SecurityParameters getSecurityParameters();

    SecurityParameters getSecurityParametersConnection();

    SecurityParameters getSecurityParametersHandshake();

    /**
     * Return true if this context is for a server, false otherwise.
     *
     * @return true for a server based context, false for a client based one.
     */
    boolean isServer();

    ProtocolVersion[] getClientSupportedVersions();

    ProtocolVersion getClientVersion();

    ProtocolVersion getRSAPreMasterSecretVersion();

    ProtocolVersion getServerVersion();

    /**
     * Used to get the resumable session, if any, used by this connection. Only available after the
     * handshake has successfully completed.
     * 
     * @return A {@link TlsSession} representing the resumable session used by this connection, or
     *         null if no resumable session available.
     * @see TlsPeer#notifyHandshakeComplete()
     */
    TlsSession getResumableSession();

    /**
     * Used to get the session information for this connection. Only available after the handshake
     * has successfully completed. Use {@link TlsSession#isResumable()} to find out if the session
     * is resumable.
     * 
     * @return A {@link TlsSession} representing the session used by this connection.
     * @see TlsPeer#notifyHandshakeComplete()
     */
    TlsSession getSession();

    Object getUserObject();

    void setUserObject(Object userObject);

    /**
     * Export the value of the specified channel binding. Only available after the handshake has
     * successfully completed.
     * 
     * @param channelBinding
     *            A {@link ChannelBinding} constant specifying the channel binding to export.
     * @return A copy of the channel binding data as a {@link byte[]}, or null if the binding could
     *         not be determined.
     */
    byte[] exportChannelBinding(int channelBinding);

    /**
     * Export (early data) keying material according to RFC 5705: "Keying Material Exporters for
     * TLS", as updated for TLS 1.3 (RFC 8446). NOTE: for use in settings where an exporter is
     * needed for 0-RTT data.
     *
     * @param asciiLabel
     *            indicates which application will use the exported keys.
     * @param context_value
     *            allows the application using the exporter to mix its own data with the TLS PRF for
     *            the exporter output.
     * @param length
     *            the number of bytes to generate.
     * @return a pseudorandom bit string of 'length' bytes generated from the
     *         (exporter_)master_secret.
     */
    byte[] exportEarlyKeyingMaterial(String asciiLabel, byte[] context_value, int length);

    /**
     * Export keying material according to RFC 5705: "Keying Material Exporters for TLS", as updated
     * for TLS 1.3 (RFC 8446) when negotiated.
     *
     * @param asciiLabel
     *            indicates which application will use the exported keys.
     * @param context_value
     *            allows the application using the exporter to mix its own data with the TLS PRF for
     *            the exporter output.
     * @param length
     *            the number of bytes to generate.
     * @return a pseudorandom bit string of 'length' bytes generated from the
     *         (exporter_)master_secret.
     */
    byte[] exportKeyingMaterial(String asciiLabel, byte[] context_value, int length);
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy