TLS: refactoring around extended_master_secret

- especially the interaction with session resumption and the methods relating to use of EMS.
author: Peter Dettman <peter.dettman@bouncycastle.org> 2023-07-05 11:14:17 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2023-07-05 11:14:17 +0700
commit: e604b3112a7c44a9e7b1fdc90d066f037763a404 (patch)
tree: 7ac96049edfd7afa412b9c6dbfc7313be14e8475 /crypto/src/tls/TlsUtilities.cs
parent: TLS: extra client validation of ServerHello parameters (diff)
download: BouncyCastle.NET-ed25519-e604b3112a7c44a9e7b1fdc90d066f037763a404.tar.xz
1 files changed, 16 insertions, 7 deletions
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index 7337e9f52..2f95e71ab 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -1156,17 +1156,26 @@ namespace Org.BouncyCastle.Tls
             return new TlsSessionImpl(sessionID, sessionParameters);
         }
 
-        internal static bool IsExtendedMasterSecretOptionalDtls(ProtocolVersion[] activeProtocolVersions)
+        internal static bool IsExtendedMasterSecretOptional(ProtocolVersion protocolVersion)
         {
-            return ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.DTLSv12)
-                || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.DTLSv10);
+            ProtocolVersion tlsVersion = protocolVersion.GetEquivalentTlsVersion();
+
+            return ProtocolVersion.TLSv12.Equals(tlsVersion)
+                || ProtocolVersion.TLSv11.Equals(tlsVersion)
+                || ProtocolVersion.TLSv10.Equals(tlsVersion);
         }
 
-        internal static bool IsExtendedMasterSecretOptionalTls(ProtocolVersion[] activeProtocolVersions)
+        internal static bool IsExtendedMasterSecretOptional(ProtocolVersion[] protocolVersions)
         {
-            return ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv12)
-                || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv11)
-                || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv10);
+            if (protocolVersions != null)
+            {
+                for (int i = 0; i < protocolVersions.Length; ++i)
+                {
+                    if (IsExtendedMasterSecretOptional(protocolVersions[i]))
+                        return true;
+                }
+            }
+            return false;
         }
 
         public static bool IsNullOrContainsNull(object[] array)
author	Peter Dettman <peter.dettman@bouncycastle.org>	2023-07-05 11:14:17 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2023-07-05 11:14:17 +0700
commit	e604b3112a7c44a9e7b1fdc90d066f037763a404 (patch)
tree	7ac96049edfd7afa412b9c6dbfc7313be14e8475 /crypto/src/tls/TlsUtilities.cs
parent	TLS: extra client validation of ServerHello parameters (diff)
download	BouncyCastle.NET-ed25519-e604b3112a7c44a9e7b1fdc90d066f037763a404.tar.xz