Table of Contents

Interface TlsServer

Namespace
Org.BouncyCastle.Tls
Assembly
BouncyCastle.Cryptography.dll

Interface describing a TLS server endpoint.

public interface TlsServer : TlsPeer
Inherited Members

Methods

GetCertificateRequest() 

CertificateRequest GetCertificateRequest()

Returns

CertificateRequest

Exceptions

IOException

GetCertificateStatus() 

CertificateStatus GetCertificateStatus()

Returns

CertificateStatus

A CertificateStatus to be sent to the client (or null for none).

Remarks

This method will be called (only) if the server included an extension of type "status_request" with empty "extension_data" in the extended server hello. See RFC 3546 3.6. Certificate Status Request. If a non-null CertificateStatus is returned, it is sent to the client as a handshake message of type "certificate_status".

Exceptions

IOException

GetCredentials()

Return server credentials to use.

TlsCredentials GetCredentials()

Returns

TlsCredentials

a TlsCredentials object or null for anonymous key exchanges.

Remarks

The returned value may be null, or else it MUST implement exactly one of TlsCredentialedAgreement, TlsCredentialedDecryptor, or TlsCredentialedSigner, depending on the key exchange that was negotiated.

Exceptions

IOException

GetDHConfig() 

TlsDHConfig GetDHConfig()

Returns

TlsDHConfig

Exceptions

IOException

GetECDHConfig() 

TlsECConfig GetECDHConfig()

Returns

TlsECConfig

Exceptions

IOException

GetExternalPsk(IList<PskIdentity>)

Return the external PSK to select from the ClientHello.

TlsPskExternal GetExternalPsk(IList<PskIdentity> identities)

Parameters

identities IList<PskIdentity>

an IList<T> of PskIdentity instances.

Returns

TlsPskExternal

The TlsPskExternal corresponding to the selected identity, or null to not select any.

Remarks

WARNING: EXPERIMENTAL FEATURE, UNSTABLE API Note that this will only be called when TLS 1.3 or higher is amongst the offered protocol versions, and one or more PSKs are actually offered.

GetNewSessionID() 

byte[] GetNewSessionID()

Returns

byte[]

GetNewSessionTicket()

RFC 5077 3.3. NewSessionTicket Handshake Message.

NewSessionTicket GetNewSessionTicket()

Returns

NewSessionTicket

The ticket.

Remarks

This method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 4. Recommended Ticket Construction for recommended format and protection.

Exceptions

IOException

GetPskIdentityManager() 

TlsPskIdentityManager GetPskIdentityManager()

Returns

TlsPskIdentityManager

Exceptions

IOException

GetSelectedCipherSuite() 

int GetSelectedCipherSuite()

Returns

int

Exceptions

IOException

GetServerExtensions() 

IDictionary<int, byte[]> GetServerExtensions()

Returns

IDictionary<int, byte[]>

(Int32 -> byte[])

Exceptions

IOException

GetServerExtensionsForConnection(IDictionary<int, byte[]>) 

void GetServerExtensionsForConnection(IDictionary<int, byte[]> serverExtensions)

Parameters

serverExtensions IDictionary<int, byte[]>

(Int32 -> byte[])

Exceptions

IOException

GetServerSupplementalData() 

IList<SupplementalDataEntry> GetServerSupplementalData()

Returns

IList<SupplementalDataEntry>

(SupplementalDataEntry)

Exceptions

IOException

GetServerVersion() 

ProtocolVersion GetServerVersion()

Returns

ProtocolVersion

Exceptions

IOException

GetSessionToResume(byte[])

Return the specified session, if available.

TlsSession GetSessionToResume(byte[] sessionID)

Parameters

sessionID byte[]

the ID of the session to resume.

Returns

TlsSession

A TlsSession with the specified session ID, or null.

Remarks

Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.

See Also

GetSrpLoginParameters() 

TlsSrpLoginParameters GetSrpLoginParameters()

Returns

TlsSrpLoginParameters

Exceptions

IOException

GetSupportedGroups() 

int[] GetSupportedGroups()

Returns

int[]

Exceptions

IOException

Init(TlsServerContext) 

void Init(TlsServerContext context)

Parameters

context TlsServerContext

NotifyClientCertificate(Certificate)

Called by the protocol handler to report the client certificate, only if GetCertificateRequest() returned non-null.

void NotifyClientCertificate(Certificate clientCertificate)

Parameters

clientCertificate Certificate

the effective client certificate (may be an empty chain).

Remarks

Note: this method is responsible for certificate verification and validation.

Exceptions

IOException

NotifyClientVersion(ProtocolVersion) 

void NotifyClientVersion(ProtocolVersion clientVersion)

Parameters

clientVersion ProtocolVersion

Exceptions

IOException

NotifyFallback(bool) 

void NotifyFallback(bool isFallback)

Parameters

isFallback bool

Exceptions

IOException

NotifyOfferedCipherSuites(int[]) 

void NotifyOfferedCipherSuites(int[] offeredCipherSuites)

Parameters

offeredCipherSuites int[]

Exceptions

IOException

NotifySession(TlsSession) 

void NotifySession(TlsSession session)

Parameters

session TlsSession

ProcessClientExtensions(IDictionary<int, byte[]>) 

void ProcessClientExtensions(IDictionary<int, byte[]> clientExtensions)

Parameters

clientExtensions IDictionary<int, byte[]>

(Int32 -> byte[])

Exceptions

IOException

ProcessClientSupplementalData(IList<SupplementalDataEntry>) 

void ProcessClientSupplementalData(IList<SupplementalDataEntry> clientSupplementalData)

Parameters

clientSupplementalData IList<SupplementalDataEntry>

(SupplementalDataEntry)

Exceptions

IOException