protected void checkReceivedChangeCipherSpec(boolean expected) throws IOException { if (expected != receivedChangeCipherSpec) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } }
public byte[] generatePremasterSecret() throws IOException { if (this.premasterSecret == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } byte[] tmp = this.premasterSecret; this.premasterSecret = null; return tmp; }
public TlsAuthentication getAuthentication() throws IOException { /* * Note: This method is not called unless a server certificate is sent, which may be the * case e.g. for SRP_DSS or SRP_RSA key exchange. */ throw new TlsFatalAlert(AlertDescription.internal_error); }
protected TlsSignerCredentials getRSASignerCredentials() throws IOException { throw new TlsFatalAlert(AlertDescription.internal_error); }
public void skipServerCredentials() throws IOException { if (keyExchange != KeyExchangeAlgorithm.ECDH_anon) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } }
public void notifySecureRenegotiation(boolean secureRenegotiation) throws IOException { if (!secureRenegotiation) { /* * RFC 5746 3.4/3.6. In this case, some clients/servers may want to terminate the handshake instead * of continuing; see Section 4.1/4.3 for discussion. */ throw new TlsFatalAlert(AlertDescription.handshake_failure); } }
public void notifyClientCertificate(Certificate clientCertificate) throws IOException { throw new TlsFatalAlert(AlertDescription.internal_error); }
public TlsAuthentication getAuthentication() throws IOException { /* * Note: This method is not called unless a server certificate is sent, which may be the * case e.g. for RSA_PSK key exchange. */ throw new TlsFatalAlert(AlertDescription.internal_error); }
public TlsAuthentication getAuthentication() throws IOException { /* * Note: This method is not called unless a server certificate is sent, which may be the * case e.g. for SRP_DSS or SRP_RSA key exchange. */ throw new TlsFatalAlert(AlertDescription.internal_error); }
void receivedReadCipherSpec() throws IOException { if (pendingCompression == null || pendingCipher == null) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } this.readCompression = this.pendingCompression; this.readCipher = this.pendingCipher; this.readSeqNo = new SequenceNumber(); }
public static void checkUint16(int i) throws IOException { if (!isValidUint16(i)) { throw new TlsFatalAlert(AlertDescription.internal_error); } }
public static void checkUint24(int i) throws IOException { if (!isValidUint24(i)) { throw new TlsFatalAlert(AlertDescription.internal_error); } }
public static byte[] createSRPExtension(byte[] identity) throws IOException { if (identity == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } return TlsUtils.encodeOpaque8(identity); }
public byte[] generateServerKeyExchange() throws IOException { if (requiresServerKeyExchange()) { throw new TlsFatalAlert(AlertDescription.internal_error); } return null; }
public void skipServerKeyExchange() throws IOException { if (requiresServerKeyExchange()) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } }
public static byte[] createHeartbeatExtension(HeartbeatExtension heartbeatExtension) throws IOException { if (heartbeatExtension == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } ByteArrayOutputStream buf = new ByteArrayOutputStream(); heartbeatExtension.encode(buf); return buf.toByteArray(); }
public void processServerCredentials(TlsCredentials serverCredentials) throws IOException { if (!(serverCredentials instanceof TlsEncryptionCredentials)) { throw new TlsFatalAlert(AlertDescription.internal_error); } processServerCertificate(serverCredentials.getCertificate()); this.serverCredentials = (TlsEncryptionCredentials)serverCredentials; }
protected RSAKeyParameters validateRSAPublicKey(RSAKeyParameters key) throws IOException { // TODO What is the minimum bit length required? // key.getModulus().bitLength(); if (!key.getExponent().isProbablePrime(2)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } return key; } }
public static DHParameters receiveDHParameters(TlsDHVerifier dhVerifier, InputStream input) throws IOException { DHParameters dhParameters = readDHParameters(input); if (!dhVerifier.accept(dhParameters)) { throw new TlsFatalAlert(AlertDescription.insufficient_security); } return dhParameters; }
protected void refuseRenegotiation() throws IOException { /* * RFC 5746 4.5 SSLv3 clients that refuse renegotiation SHOULD use a fatal * handshake_failure alert. */ if (TlsUtils.isSSL(getContext())) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } raiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported"); }