diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-07-10 16:35:20 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-07-10 16:35:20 +0700 |
| commit | 45fc4e6a632828759cd5c1cc688ebfde1091e47c (patch) | |
| tree | 347a5f524fceb96a97904a145868485dffd93d91 | |
| parent | DTLS: refactoring around extended_master_secret (diff) | |
| download | BouncyCastle.NET-ed25519-45fc4e6a632828759cd5c1cc688ebfde1091e47c.tar.xz | |
DTLS: Fixed server support for client_certificate_type extension.
| -rw-r--r-- | crypto/Readme.html | 1 | ||||
| -rw-r--r-- | crypto/src/tls/DtlsServerProtocol.cs | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html index d79baafb1..27745b848 100644 --- a/crypto/Readme.html +++ b/crypto/Readme.html @@ -335,6 +335,7 @@ <li>AsconEngine: Fixed a buffering bug when decrypting across multiple ProcessBytes calls (ascon128a unaffected).</li> <li>DTLS: Fixed an exception during server handshake when 1.2 is negotiated and the ClientHello contained no extensions.</li> <li>HC128Engine now strictly requires 128 bits of IV.</li> + <li>DTLS: Fixed server support for client_certificate_type extension.</li> </ul> <h5>Additional Features and Functionality</h5> <ul> diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs index 0116bb9e6..8b2d9db2c 100644 --- a/crypto/src/tls/DtlsServerProtocol.cs +++ b/crypto/src/tls/DtlsServerProtocol.cs @@ -712,7 +712,7 @@ namespace Org.BouncyCastle.Tls Certificate.ParseOptions options = new Certificate.ParseOptions() { CertificateType = TlsExtensionsUtilities.GetClientCertificateTypeExtensionServer( - state.clientExtensions, CertificateType.X509), + state.serverExtensions, CertificateType.X509), MaxChainLength = state.server.GetMaxCertificateChainLength(), }; |