-
Notifications
You must be signed in to change notification settings - Fork 7
/
TLSClient.java
127 lines (106 loc) · 3.11 KB
/
TLSClient.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package my.tls;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.util.Hashtable;
import org.bouncycastle.crypto.tls.DefaultTlsClient;
import org.bouncycastle.crypto.tls.ExtensionType;
import org.bouncycastle.crypto.tls.ProtocolVersion;
import org.bouncycastle.crypto.tls.TlsAuthentication;
import org.bouncycastle.crypto.tls.TlsECCUtils;
import org.bouncycastle.crypto.tls.TlsSession;
import org.bouncycastle.crypto.tls.TlsUtils;
public class TLSClient extends DefaultTlsClient {
protected String host = "";
protected int port;
protected TLSSocket tlsSocket;
protected TLSAuthentication tlsAuthentication;
/**
* コンストラクタ
* @param host
* @param port
*/
public TLSClient(String host, int port, TLSSocket sock) {
super();
this.host = host;
this.port = port;
this.tlsSocket = sock;
this.tlsAuthentication = new TLSAuthentication(this);
}
public TLSSocket getTlsSocket() {
return tlsSocket;
}
/**
* host を取得します
* @return host
*/
public String getHost() {
return host;
}
/**
* host を設定します
* @param host
*/
public void setHost(String host) {
this.host = host;
}
public int getPort() {
return port;
}
public void setPort(int port) {
this.port = port;
}
/**
* session を取得します
* @return session
*/
public TlsSession getSession() {
return context.getResumableSession();
}
public boolean isTLSv12() {
return TlsUtils.isTLSv12(context);
}
public int getSelectedCipherSuite() {
return selectedCipherSuite;
}
public ProtocolVersion getProtocol() {
return context.getServerVersion();
}
@Override
public Hashtable<Integer, byte[]> getClientExtensions() throws IOException {
Hashtable<Integer, byte[]> clientExtensions = super.getClientExtensions();
if (clientExtensions == null) {
clientExtensions = new Hashtable<Integer, byte[]>();
}
// add hostname
byte[] hostname = host.getBytes("UTF-8");
ByteArrayOutputStream baos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(baos);
dos.writeShort(hostname.length+3); // entry size
dos.writeByte(0); // name type = hostname
dos.writeShort(hostname.length);
dos.write(hostname);
dos.close();
clientExtensions.put(ExtensionType.server_name, baos.toByteArray());
return clientExtensions;
}
@Override
protected boolean allowUnexpectedServerExtension(Integer extensionType, byte[] extensionData) throws IOException {
switch (extensionType.intValue()) {
case ExtensionType.ec_point_formats:
/*
* Exception added based on field reports that some servers send Supported
* Point Format Extension even when not negotiating an ECC cipher suite.
* If present, we still require that it is a valid ECPointFormatList.
*/
TlsECCUtils.readSupportedPointFormatsExtension(extensionData);
return true;
default:
return super.allowUnexpectedServerExtension(extensionType, extensionData);
}
}
@Override
public TlsAuthentication getAuthentication() throws IOException {
return this.tlsAuthentication;
}
}