Add TlsPeer.IgnoreCorruptDtlsRecords

- property controls behaviour when bad_record_mac thrown for DTLS record. - defaults to 'false' (don't ignore i.e. fail the connection) - see https://github.com/bcgit/bc-csharp/pull/279
author: Peter Dettman <peter.dettman@bouncycastle.org> 2022-11-05 21:43:59 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2022-11-05 21:43:59 +0700
commit: 51628afb7a6a9979bcd736af04fd0e01656ef26d (patch)
tree: a7ffc3e79721168954cc7bf13790a9e74a47d8e3 /crypto/src/tls/TlsPeer.cs
parent: Preprocessor symbol cleanup (diff)
download: BouncyCastle.NET-ed25519-51628afb7a6a9979bcd736af04fd0e01656ef26d.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/crypto/src/tls/TlsPeer.cs b/crypto/src/tls/TlsPeer.cs
index ef2837135..04d66d38f 100644
--- a/crypto/src/tls/TlsPeer.cs
+++ b/crypto/src/tls/TlsPeer.cs
@@ -119,5 +119,12 @@ namespace Org.BouncyCastle.Tls
         /// </remarks>
         /// <returns>the <see cref="HeartbeatMode"/> value.</returns>
         short GetHeartbeatPolicy();
+
+        /// <summary>Indicates whether a DTLS connection should ignore corrupt records (bad_record_mac) instead of
+        /// failing the connection.</summary>
+        /// <remarks>Called only once at the start of a connection and applies throughout.</remarks>
+        /// <returns>The value <c>true</c> to ignore corrupt DTLS records, or <c>false</c> to fail the connection.
+        /// </returns>
+        bool IgnoreCorruptDtlsRecords { get; }
     }
 }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2022-11-05 21:43:59 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2022-11-05 21:43:59 +0700
commit	51628afb7a6a9979bcd736af04fd0e01656ef26d (patch)
tree	a7ffc3e79721168954cc7bf13790a9e74a47d8e3 /crypto/src/tls/TlsPeer.cs
parent	Preprocessor symbol cleanup (diff)
download	BouncyCastle.NET-ed25519-51628afb7a6a9979bcd736af04fd0e01656ef26d.tar.xz