Tolerate unexpected ec_point_formats in ServerHello

author: Peter Dettman <peter.dettman@bouncycastle.org> 2017-09-05 12:42:19 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2017-09-05 12:42:19 +0700
commit: 606dae9bd0682a30fe97de5d03833d16ffbec5d0 (patch)
tree: 15d1b2c6af567cebefcc5885c4986684bc7e7d38
parent: Add expiry test case to PgpKeyRingTest (diff)
download: BouncyCastle.NET-ed25519-606dae9bd0682a30fe97de5d03833d16ffbec5d0.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs
index be4702e5e..bddbab87f 100644
--- a/crypto/src/crypto/tls/AbstractTlsClient.cs
+++ b/crypto/src/crypto/tls/AbstractTlsClient.cs
@@ -42,6 +42,16 @@ namespace Org.BouncyCastle.Crypto.Tls
                  */
                 TlsEccUtilities.ReadSupportedEllipticCurvesExtension(extensionData);
                 return true;
+
+            case ExtensionType.ec_point_formats:
+                /*
+                 * Exception added based on field reports that some servers send this even when they
+                 * didn't negotiate an ECC cipher suite. If present, we still require that it is a valid
+                 * ECPointFormatList.
+                 */
+                TlsEccUtilities.ReadSupportedPointFormatsExtension(extensionData);
+                return true;
+
             default:
                 return false;
             }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2017-09-05 12:42:19 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2017-09-05 12:42:19 +0700
commit	606dae9bd0682a30fe97de5d03833d16ffbec5d0 (patch)
tree	15d1b2c6af567cebefcc5885c4986684bc7e7d38
parent	Add expiry test case to PgpKeyRingTest (diff)
download	BouncyCastle.NET-ed25519-606dae9bd0682a30fe97de5d03833d16ffbec5d0.tar.xz