diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-05-30 00:36:32 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-05-30 00:36:32 +0700 |
| commit | 2cb589c0cbd7188ef3f2f70305f13d2eab9ffe60 (patch) | |
| tree | 203822e7e601694d5f9ccaece3657c56581c4bb3 /crypto/src/tls | |
| parent | bzip2 fixes and perf. opts. (diff) | |
| download | BouncyCastle.NET-ed25519-2cb589c0cbd7188ef3f2f70305f13d2eab9ffe60.tar.xz | |
Set randoms before extensions processing
- see https://github.com/bcgit/bc-java/issues/1167
Diffstat (limited to 'crypto/src/tls')
| -rw-r--r-- | crypto/src/tls/DtlsClientProtocol.cs | 14 | ||||
| -rw-r--r-- | crypto/src/tls/TlsClientProtocol.cs | 12 | ||||
| -rw-r--r-- | crypto/src/tls/TlsServerProtocol.cs | 40 |
3 files changed, 33 insertions, 33 deletions
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs index fd9985ab5..fd71a07ed 100644 --- a/crypto/src/tls/DtlsClientProtocol.cs +++ b/crypto/src/tls/DtlsClientProtocol.cs @@ -418,6 +418,13 @@ namespace Org.BouncyCastle.Tls context.SetClientVersion(client_version); + { + bool useGmtUnixTime = ProtocolVersion.DTLSv12.IsEqualOrLaterVersionOf(client_version) + && state.client.ShouldUseGmtUnixTime(); + + securityParameters.m_clientRandom = TlsProtocol.CreateRandomBlock(useGmtUnixTime, state.clientContext); + } + byte[] session_id = TlsUtilities.GetSessionID(state.tlsSession); bool fallback = state.client.IsFallback(); @@ -471,13 +478,6 @@ namespace Org.BouncyCastle.Tls throw new TlsFatalAlert(AlertDescription.internal_error); } - { - bool useGmtUnixTime = ProtocolVersion.DTLSv12.IsEqualOrLaterVersionOf(client_version) - && state.client.ShouldUseGmtUnixTime(); - - securityParameters.m_clientRandom = TlsProtocol.CreateRandomBlock(useGmtUnixTime, state.clientContext); - } - // Cipher Suites (and SCSV) { /* diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs index ba2b565ca..399d8c9b8 100644 --- a/crypto/src/tls/TlsClientProtocol.cs +++ b/crypto/src/tls/TlsClientProtocol.cs @@ -1638,6 +1638,12 @@ namespace Org.BouncyCastle.Tls bool offeringTlsV12Minus = ProtocolVersion.TLSv12.IsEqualOrLaterVersionOf(earliestVersion); bool offeringTlsV13Plus = ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(latestVersion); + { + bool useGmtUnixTime = !offeringTlsV13Plus && m_tlsClient.ShouldUseGmtUnixTime(); + + securityParameters.m_clientRandom = CreateRandomBlock(useGmtUnixTime, m_tlsClientContext); + } + EstablishSession(offeringTlsV12Minus ? m_tlsClient.GetSessionToResume() : null); m_tlsClient.NotifySessionToResume(m_tlsSession); @@ -1710,12 +1716,6 @@ namespace Org.BouncyCastle.Tls throw new TlsFatalAlert(AlertDescription.internal_error); } - { - bool useGmtUnixTime = !offeringTlsV13Plus && m_tlsClient.ShouldUseGmtUnixTime(); - - securityParameters.m_clientRandom = CreateRandomBlock(useGmtUnixTime, m_tlsClientContext); - } - // NOT renegotiating { /* diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs index c90ef4109..88bc9d5fa 100644 --- a/crypto/src/tls/TlsServerProtocol.cs +++ b/crypto/src/tls/TlsServerProtocol.cs @@ -187,6 +187,15 @@ namespace Org.BouncyCastle.Tls } else { + { + securityParameters.m_serverRandom = CreateRandomBlock(false, m_tlsServerContext); + + if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) + { + TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); + } + } + this.m_clientExtensions = clientHelloExtensions; securityParameters.m_secureRenegotiation = false; @@ -230,15 +239,6 @@ namespace Org.BouncyCastle.Tls TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext); { - securityParameters.m_serverRandom = CreateRandomBlock(false, m_tlsServerContext); - - if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) - { - TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); - } - } - - { // TODO[tls13] Constrain selection when PSK selected int cipherSuite = m_tlsServer.GetSelectedCipherSuite(); @@ -460,6 +460,17 @@ namespace Org.BouncyCastle.Tls m_recordStream.SetWriteVersion(serverVersion); + { + bool useGmtUnixTime = m_tlsServer.ShouldUseGmtUnixTime(); + + securityParameters.m_serverRandom = CreateRandomBlock(useGmtUnixTime, m_tlsServerContext); + + if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) + { + TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); + } + } + this.m_clientExtensions = clientHello.Extensions; byte[] clientRenegExtData = TlsUtilities.GetExtensionData(m_clientExtensions, ExtensionType.renegotiation_info); @@ -557,17 +568,6 @@ namespace Org.BouncyCastle.Tls TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext); { - bool useGmtUnixTime = m_tlsServer.ShouldUseGmtUnixTime(); - - securityParameters.m_serverRandom = CreateRandomBlock(useGmtUnixTime, m_tlsServerContext); - - if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) - { - TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); - } - } - - { int cipherSuite = m_resumedSession ? m_sessionParameters.CipherSuite : m_tlsServer.GetSelectedCipherSuite(); |