Improve TLS handshake hash tracking

author: Peter Dettman <peter.dettman@bouncycastle.org> 2022-05-10 18:19:08 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2022-05-10 18:19:08 +0700
commit: 3ad16da3f107f766a8ba50eb85906040f25bde95 (patch)
tree: 975935fda793934585007219f6b4afcb1e2eaf12 /crypto/src/tls/TlsServerProtocol.cs
parent: Minor SignatureAlgorithm additions (diff)
download: BouncyCastle.NET-ed25519-3ad16da3f107f766a8ba50eb85906040f25bde95.tar.xz
1 files changed, 12 insertions, 9 deletions
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index a21ae69cd..f32ecc2da 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -899,16 +899,15 @@ namespace Org.BouncyCastle.Tls
 
                     ServerHello serverHello = GenerateServerHello(clientHello, buf);
                     m_handshakeHash.NotifyPrfDetermined();
-                    if (!ProtocolVersion.TLSv12.Equals(securityParameters.NegotiatedVersion))
-                    {
-                        m_handshakeHash.SealHashAlgorithms();
-                    }
 
                     if (TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion))
                     {
+                        m_handshakeHash.SealHashAlgorithms();
+
                         if (serverHello.IsHelloRetryRequest())
                         {
                             TlsUtilities.AdjustTranscriptForRetry(m_handshakeHash);
+
                             SendServerHelloMessage(serverHello);
                             this.m_connectionState = CS_SERVER_HELLO_RETRY_REQUEST;
 
@@ -1032,7 +1031,14 @@ namespace Org.BouncyCastle.Tls
                             {
                                 TlsUtilities.TrackHashAlgorithms(m_handshakeHash, securityParameters.ServerSigAlgs);
 
-                                if (!m_tlsServerContext.Crypto.HasAllRawSignatureAlgorithms())
+                                if (m_tlsServerContext.Crypto.HasAnyStreamVerifiers(securityParameters.ServerSigAlgs))
+                                {
+                                    m_handshakeHash.ForceBuffering();
+                                }
+                            }
+                            else
+                            {
+                                if (m_tlsServerContext.Crypto.HasAnyStreamVerifiersLegacy(m_certificateRequest.CertificateTypes))
                                 {
                                     m_handshakeHash.ForceBuffering();
                                 }
@@ -1040,10 +1046,7 @@ namespace Org.BouncyCastle.Tls
                         }
                     }
 
-                    if (ProtocolVersion.TLSv12.Equals(securityParameters.NegotiatedVersion))
-                    {
-                        m_handshakeHash.SealHashAlgorithms();
-                    }
+                    m_handshakeHash.SealHashAlgorithms();
 
                     if (null != m_certificateRequest)
                     {
author	Peter Dettman <peter.dettman@bouncycastle.org>	2022-05-10 18:19:08 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2022-05-10 18:19:08 +0700
commit	3ad16da3f107f766a8ba50eb85906040f25bde95 (patch)
tree	975935fda793934585007219f6b4afcb1e2eaf12 /crypto/src/tls/TlsServerProtocol.cs
parent	Minor SignatureAlgorithm additions (diff)
download	BouncyCastle.NET-ed25519-3ad16da3f107f766a8ba50eb85906040f25bde95.tar.xz