Rework TLS 1.3 verifiers

author: Peter Dettman <peter.dettman@bouncycastle.org> 2022-05-05 17:09:14 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2022-05-05 17:09:14 +0700
commit: 66bea84d9d009eace8144628954a962601673f69 (patch)
tree: 1ed888c7d164f4229375e91289d75e436dc7f674 /crypto/src/tls/TlsServerProtocol.cs
parent: Change method to property (diff)
download: BouncyCastle.NET-ed25519-66bea84d9d009eace8144628954a962601673f69.tar.xz
1 files changed, 2 insertions, 4 deletions
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index 0ab8a7a98..523fc0030 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -1281,13 +1281,11 @@ namespace Org.BouncyCastle.Tls
             if (null == clientCertificate || clientCertificate.IsEmpty)
                 throw new TlsFatalAlert(AlertDescription.internal_error);
 
-            // TODO[tls13] Actual structure is 'CertificateVerify' in RFC 8446, consider adding for clarity
-            DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsServerContext, buf);
+            CertificateVerify certificateVerify = CertificateVerify.Parse(m_tlsServerContext, buf);
 
             AssertEmpty(buf);
 
-            TlsUtilities.Verify13CertificateVerifyClient(m_tlsServerContext, m_certificateRequest, certificateVerify,
-                m_handshakeHash);
+            TlsUtilities.Verify13CertificateVerifyClient(m_tlsServerContext, m_handshakeHash, certificateVerify);
         }
 
         /// <exception cref="IOException"/>
author	Peter Dettman <peter.dettman@bouncycastle.org>	2022-05-05 17:09:14 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2022-05-05 17:09:14 +0700
commit	66bea84d9d009eace8144628954a962601673f69 (patch)
tree	1ed888c7d164f4229375e91289d75e436dc7f674 /crypto/src/tls/TlsServerProtocol.cs
parent	Change method to property (diff)
download	BouncyCastle.NET-ed25519-66bea84d9d009eace8144628954a962601673f69.tar.xz