diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-03-16 13:11:30 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2023-04-13 17:16:19 +0700 |
commit | 931368e3fbf4611ed717f7cfe47bc884c4409876 (patch) | |
tree | 63ef941b75667dbea1f74b32321fe06ffa29191c /crypto/src/tls/AbstractTlsServer.cs | |
parent | RFC 9146: Add registry entries (diff) | |
download | BouncyCastle.NET-ed25519-931368e3fbf4611ed717f7cfe47bc884c4409876.tar.xz |
RFC 9146: connection_id extension negotiation
Diffstat (limited to 'crypto/src/tls/AbstractTlsServer.cs')
-rw-r--r-- | crypto/src/tls/AbstractTlsServer.cs | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/crypto/src/tls/AbstractTlsServer.cs b/crypto/src/tls/AbstractTlsServer.cs index 3c62793b6..9f107d905 100644 --- a/crypto/src/tls/AbstractTlsServer.cs +++ b/crypto/src/tls/AbstractTlsServer.cs @@ -217,6 +217,16 @@ namespace Org.BouncyCastle.Tls return null; } + /// <summary>RFC 9146 DTLS connection ID.</summary> + /// <remarks> + /// This method will be called if a connection_id extension was sent by the client. + /// If the return value is non-null, the server will send this connection ID to the client to use in future packets. + /// As future communication doesn't include the connection IDs length, this should either be fixed-length + /// or include the connection ID's length. (see explanation in RFC 9146 4. "cid:") + /// </remarks> + /// <returns>The connection ID to use.</returns> + protected virtual byte[] GetNewConnectionID() => null; + public virtual void Init(TlsServerContext context) { this.m_context = context; @@ -587,6 +597,22 @@ namespace Org.BouncyCastle.Tls { TlsExtensionsUtilities.AddAlpnExtensionServer(serverExtensions, m_selectedProtocolName); } + + if (ProtocolVersion.DTLSv12.Equals(m_context.ServerVersion)) + { + /* + * RFC 9146 3. When a DTLS session is resumed or renegotiated, the "connection_id" extension is + * negotiated afresh. + */ + if (m_clientExtensions.ContainsKey(ExtensionType.connection_id)) + { + var serverConnectionID = GetNewConnectionID(); + if (serverConnectionID != null) + { + TlsExtensionsUtilities.AddConnectionIDExtension(m_serverExtensions, serverConnectionID); + } + } + } } public virtual IList<SupplementalDataEntry> GetServerSupplementalData() |