public TlsKeyExchange getKeyExchange() throws IOException { switch (selectedCipherSuite) { case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: return createSRPKeyExchange(KeyExchangeAlgorithm.SRP); case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: return createSRPKeyExchange(KeyExchangeAlgorithm.SRP_RSA); case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: return createSRPKeyExchange(KeyExchangeAlgorithm.SRP_DSS); default: /* * Note: internal error here; the TlsProtocol implementation verifies that the * server-selected cipher suite was in the list of client-offered cipher suites, so if * we now can't produce an implementation, we shouldn't have offered it! */ throw new TlsFatalAlert(AlertDescription.internal_error); } }
public void processServerExtensions(Hashtable serverExtensions) throws IOException { if (!TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsSRPUtils.EXT_SRP, AlertDescription.illegal_parameter)) { if (requireSRPServerExtension()) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } } super.processServerExtensions(serverExtensions); }
public void processServerExtensions(Hashtable serverExtensions) throws IOException { if (!TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsSRPUtils.EXT_SRP, AlertDescription.illegal_parameter)) { if (requireSRPServerExtension()) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } } super.processServerExtensions(serverExtensions); }
public TlsKeyExchange getKeyExchange() throws IOException { int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite); switch (keyExchangeAlgorithm) { case KeyExchangeAlgorithm.SRP: case KeyExchangeAlgorithm.SRP_DSS: case KeyExchangeAlgorithm.SRP_RSA: return createSRPKeyExchange(keyExchangeAlgorithm); default: /* * Note: internal error here; the TlsProtocol implementation verifies that the * server-selected cipher suite was in the list of client-offered cipher suites, so if * we now can't produce an implementation, we shouldn't have offered it! */ throw new TlsFatalAlert(AlertDescription.internal_error); } }