diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-06-20 19:20:48 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-06-20 19:20:48 +0700 |
| commit | db8fc39475cd412796139247f2ebdf8b1c3d3f43 (patch) | |
| tree | ccdd77054c6b0c5a6ef2c8e1af734ecc6ce23f2c | |
| parent | Update SecObjectIdentifiers (diff) | |
| download | BouncyCastle.NET-ed25519-db8fc39475cd412796139247f2ebdf8b1c3d3f43.tar.xz | |
Fix renegotiation after resumption handshakes
- see https://github.com/bcgit/bc-java/issues/1430
| -rw-r--r-- | crypto/src/tls/TlsClientProtocol.cs | 2 | ||||
| -rw-r--r-- | crypto/src/tls/TlsServerProtocol.cs | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs index d26f60ef1..8e31fa6c8 100644 --- a/crypto/src/tls/TlsClientProtocol.cs +++ b/crypto/src/tls/TlsClientProtocol.cs @@ -345,7 +345,7 @@ namespace Org.BouncyCastle.Tls if (!IsLegacyConnectionState()) throw new TlsFatalAlert(AlertDescription.internal_error); - if (securityParameters.IsResumedSession) + if (securityParameters.IsResumedSession && type != HandshakeType.hello_request) { if (type != HandshakeType.finished || m_connectionState != CS_SERVER_HELLO) throw new TlsFatalAlert(AlertDescription.unexpected_message); diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs index 72c1b2ea5..c7a250042 100644 --- a/crypto/src/tls/TlsServerProtocol.cs +++ b/crypto/src/tls/TlsServerProtocol.cs @@ -866,7 +866,7 @@ namespace Org.BouncyCastle.Tls if (!IsLegacyConnectionState()) throw new TlsFatalAlert(AlertDescription.internal_error); - if (securityParameters.IsResumedSession) + if (securityParameters.IsResumedSession && type != HandshakeType.client_hello) { if (type != HandshakeType.finished || m_connectionState != CS_SERVER_FINISHED) throw new TlsFatalAlert(AlertDescription.unexpected_message); |