summary refs log tree commit diff
path: root/crypto/src/tls/DtlsClientProtocol.cs
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-07-13 16:02:08 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-07-13 16:02:08 +0700
commit5c755417ddb98738a8550707d2c436f707cf9f45 (patch)
treec56e51b88b241fee6e1a1c89da430ef005ab44cc /crypto/src/tls/DtlsClientProtocol.cs
parent(D)TLS: Clean up redundant resumption checks (diff)
downloadBouncyCastle.NET-ed25519-5c755417ddb98738a8550707d2c436f707cf9f45.tar.xz
(D)TLS: Refactoring around CertificateType support
Diffstat (limited to 'crypto/src/tls/DtlsClientProtocol.cs')
-rw-r--r--crypto/src/tls/DtlsClientProtocol.cs13


1 files changed, 6 insertions, 7 deletions
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs
index 88ebbb636..2b132f564 100644
--- a/crypto/src/tls/DtlsClientProtocol.cs
+++ b/crypto/src/tls/DtlsClientProtocol.cs
@@ -653,19 +653,13 @@ namespace Org.BouncyCastle.Tls
                 throw new TlsFatalAlert(AlertDescription.handshake_failure);
             }
 
-            TlsClientContextImpl clientContext = state.clientContext;
-            SecurityParameters securityParameters = clientContext.SecurityParameters;
-
             MemoryStream buf = new MemoryStream(body, false);
 
-            CertificateRequest certificateRequest = CertificateRequest.Parse(clientContext, buf);
+            CertificateRequest certificateRequest = CertificateRequest.Parse(state.clientContext, buf);
 
             TlsProtocol.AssertEmpty(buf);
 
             state.certificateRequest = TlsUtilities.ValidateCertificateRequest(certificateRequest, state.keyExchange);
-
-            securityParameters.m_clientCertificateType = TlsExtensionsUtilities.GetClientCertificateTypeExtensionServer(
-                state.serverExtensions, CertificateType.X509);
         }
 
         /// <exception cref="IOException"/>
@@ -1036,6 +1030,11 @@ namespace Org.BouncyCastle.Tls
                         securityParameters.m_statusRequestVersion = 1;
                     }
 
+                    securityParameters.m_clientCertificateType = TlsUtilities.ProcessClientCertificateTypeExtension(
+                        sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter);
+                    securityParameters.m_serverCertificateType = TlsUtilities.ProcessServerCertificateTypeExtension(
+                        sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter);
+
                     state.expectSessionTicket = TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions,
                         ExtensionType.session_ticket, AlertDescription.illegal_parameter);
                 }

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-20 09:19:52 +0000