summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2017-03-23 00:26:41 +1030
committerPeter Dettman <peter.dettman@bouncycastle.org>2017-03-23 00:26:41 +1030
commit700364c5056bb3f7c39096733d9dc0b7f200e5f8 (patch)
treeda849877ea309b1b7576d404feba6aabf811f87d /crypto/src
parentStop TcpListener in TlsServerTest (diff)
downloadBouncyCastle.NET-ed25519-700364c5056bb3f7c39096733d9dc0b7f200e5f8.tar.xz
SSLv3 must calculate the master secret earlier (from bc-java)
- include SSLv3 in test suite
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/crypto/tls/TlsClientProtocol.cs11
-rw-r--r--crypto/src/crypto/tls/TlsServerProtocol.cs11
2 files changed, 20 insertions, 2 deletions
diff --git a/crypto/src/crypto/tls/TlsClientProtocol.cs b/crypto/src/crypto/tls/TlsClientProtocol.cs

index 4c2a0a545..6352a893f 100644
--- a/crypto/src/crypto/tls/TlsClientProtocol.cs
+++ b/crypto/src/crypto/tls/TlsClientProtocol.cs
@@ -384,10 +384,19 @@ namespace Org.BouncyCastle.Crypto.Tls
                     SendClientKeyExchangeMessage();
                     this.mConnectionState = CS_CLIENT_KEY_EXCHANGE;
 
+                    if (TlsUtilities.IsSsl(Context))
+                    {
+                        EstablishMasterSecret(Context, mKeyExchange);
+                    }
+
                     TlsHandshakeHash prepareFinishHash = mRecordStream.PrepareToFinish();
                     this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, prepareFinishHash, null);
 
-                    EstablishMasterSecret(Context, mKeyExchange);
+                    if (!TlsUtilities.IsSsl(Context))
+                    {
+                        EstablishMasterSecret(Context, mKeyExchange);
+                    }
+
                     mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
 
                     if (clientCreds != null && clientCreds is TlsSignerCredentials)
diff --git a/crypto/src/crypto/tls/TlsServerProtocol.cs b/crypto/src/crypto/tls/TlsServerProtocol.cs

index 38f2befea..fca685295 100644
--- a/crypto/src/crypto/tls/TlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/TlsServerProtocol.cs
@@ -625,10 +625,19 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             AssertEmpty(buf);
 
+            if (TlsUtilities.IsSsl(Context))
+            {
+                EstablishMasterSecret(Context, mKeyExchange);
+            }
+
             this.mPrepareFinishHash = mRecordStream.PrepareToFinish();
             this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, mPrepareFinishHash, null);
 
-            EstablishMasterSecret(Context, mKeyExchange);
+            if (!TlsUtilities.IsSsl(Context))
+            {
+                EstablishMasterSecret(Context, mKeyExchange);
+            }
+
             mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
 
             if (!mExpectSessionTicket)
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-09 03:23:11 +0000