Package org.jitsi.impl.neomedia.transform.dtls

Class TlsServerImpl

  • All Implemented Interfaces:
    org.bouncycastle.tls.TlsPeer, org.bouncycastle.tls.TlsServer
    public class TlsServerImpl
extends org.bouncycastle.tls.DefaultTlsServer
    Implements TlsServer for the purposes of supporting DTLS-SRTP.
    Author:
    Lyubomir Marinov

    • Field Summary

      • Fields inherited from class org.bouncycastle.tls.AbstractTlsServer

        certificateStatusRequest, cipherSuites, clientExtensions, clientProtocolNames, clientSentECPointFormats, context, encryptThenMACOffered, maxFragmentLengthOffered, offeredCipherSuites, protocolVersions, selectedCipherSuite, selectedProtocolName, serverExtensions, statusRequestV2, truncatedHMacOffered, trustedCAKeys

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      org.bouncycastle.tls.CertificateRequest getCertificateRequest()
      int[] getCipherSuites()
      Overrides the super implementation to explicitly specify cipher suites which we know to be supported by Bouncy Castle and provide Perfect Forward Secrecy.
      Hashtable getServerExtensions()
      Includes the use_srtp extension in the DTLS extended server hello.
      void notifyAlertRaised​(short alertLevel, short alertDescription, String message, Throwable cause)
      Forwards to packetTransformer.
      void notifyClientCertificate​(org.bouncycastle.tls.Certificate clientCertificate)
      void notifyHandshakeComplete()  
      void processClientExtensions​(Hashtable clientExtensions)
      Makes sure that the DTLS extended client hello contains the use_srtp extension.

      • Methods inherited from class org.bouncycastle.tls.DefaultTlsServer

        getCredentials, getDSASignerCredentials, getECDSASignerCredentials, getRSAEncryptionCredentials, getRSASignerCredentials, getSupportedCipherSuites

      • Methods inherited from class org.bouncycastle.tls.AbstractTlsServer

        allowCertificateStatus, allowEncryptThenMAC, allowMultiCertStatus, allowTruncatedHMac, allowTrustedCAIndication, checkServerExtensions, getAllowedClientCertificateTypes, getCertificateStatus, getDetailMessageNoCipherSuite, getDHConfig, getECDHConfig, getExternalPSK, getMaximumNegotiableCurveBits, getMaximumNegotiableFiniteFieldBits, getNewConnectionID, getNewSessionID, getNewSessionTicket, getProtocolNames, getProtocolVersions, getPSKIdentityManager, getSelectedCipherSuite, getServerExtensionsForConnection, getServerSupplementalData, getServerVersion, getSessionToResume, getSRPLoginParameters, getSupportedGroups, init, isSelectableCipherSuite, notifyClientVersion, notifyFallback, notifyHandshakeBeginning, notifyOfferedCipherSuites, notifySession, preferLocalCipherSuites, preferLocalClientCertificateTypes, processClientSupplementalData, selectCipherSuite, selectDH, selectDHDefault, selectECDH, selectECDHDefault, selectProtocolName, selectProtocolName, shouldSelectProtocolNameEarly

      • Methods inherited from class org.bouncycastle.tls.AbstractTlsPeer

        allowLegacyResumption, cancel, getCrypto, getHandshakeResendTimeMillis, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getMaxCertificateChainLength, getMaxHandshakeMessageSize, getPskKeyExchangeModes, getRenegotiationPolicy, getSupportedVersions, notifyAlertReceived, notifyCloseHandle, notifyConnectionClosed, notifySecureRenegotiation, requiresCloseNotify, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime

      • Methods inherited from interface org.bouncycastle.tls.TlsPeer

        allowLegacyResumption, cancel, getCrypto, getHandshakeResendTimeMillis, getHandshakeTimeoutMillis, getHeartbeat, getHeartbeatPolicy, getKeyExchangeFactory, getMaxCertificateChainLength, getMaxHandshakeMessageSize, getPskKeyExchangeModes, getRenegotiationPolicy, notifyAlertReceived, notifyCloseHandle, notifyConnectionClosed, notifySecureRenegotiation, requiresCloseNotify, requiresExtendedMasterSecret, shouldCheckSigAlgOfPeerCerts, shouldUseExtendedMasterSecret, shouldUseExtendedPadding, shouldUseGMTUnixTime

    • Constructor Detail

      • TlsServerImpl

        public TlsServerImpl​(DtlsPacketTransformer packetTransformer)
        Initializes a new TlsServerImpl instance.
        Parameters:
        packetTransformer - the PacketTransformer which is initializing the new instance

    • Method Detail

      • getCertificateRequest

        public org.bouncycastle.tls.CertificateRequest getCertificateRequest()
        Specified by:
        getCertificateRequest in interface org.bouncycastle.tls.TlsServer
        Overrides:
        getCertificateRequest in class org.bouncycastle.tls.AbstractTlsServer

      • getCipherSuites

        public int[] getCipherSuites()
        Overrides the super implementation to explicitly specify cipher suites which we know to be supported by Bouncy Castle and provide Perfect Forward Secrecy.
        Specified by:
        getCipherSuites in interface org.bouncycastle.tls.TlsPeer
        Overrides:
        getCipherSuites in class org.bouncycastle.tls.AbstractTlsServer

      • getServerExtensions

        public Hashtable getServerExtensions()
                              throws IOException
        Includes the use_srtp extension in the DTLS extended server hello.
        Specified by:
        getServerExtensions in interface org.bouncycastle.tls.TlsServer
        Overrides:
        getServerExtensions in class org.bouncycastle.tls.AbstractTlsServer
        Throws:
        IOException

      • notifyAlertRaised

        public void notifyAlertRaised​(short alertLevel,
                              short alertDescription,
                              String message,
                              Throwable cause)
        Forwards to packetTransformer.
        Specified by:
        notifyAlertRaised in interface org.bouncycastle.tls.TlsPeer
        Overrides:
        notifyAlertRaised in class org.bouncycastle.tls.AbstractTlsPeer

      • notifyHandshakeComplete

        public void notifyHandshakeComplete()
        Specified by:
        notifyHandshakeComplete in interface org.bouncycastle.tls.TlsPeer
        Overrides:
        notifyHandshakeComplete in class org.bouncycastle.tls.AbstractTlsPeer

      • notifyClientCertificate

        public void notifyClientCertificate​(org.bouncycastle.tls.Certificate clientCertificate)
                             throws IOException
        Specified by:
        notifyClientCertificate in interface org.bouncycastle.tls.TlsServer
        Overrides:
        notifyClientCertificate in class org.bouncycastle.tls.AbstractTlsServer
        Throws:
        IOException

      • processClientExtensions

        public void processClientExtensions​(Hashtable clientExtensions)
                             throws IOException
        Makes sure that the DTLS extended client hello contains the use_srtp extension.
        Specified by:
        processClientExtensions in interface org.bouncycastle.tls.TlsServer
        Overrides:
        processClientExtensions in class org.bouncycastle.tls.AbstractTlsServer
        Throws:
        IOException