summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2017-03-22 23:29:36 +1030
committerPeter Dettman <peter.dettman@bouncycastle.org>2017-03-22 23:29:36 +1030
commitf27949c208ef2fbfcb6484db97bffe260109fb3c (patch)
tree22d6df28359564c1a0d831af26def5b64eb8e00e /crypto/src
parentNon-blocking TLS validates header of partially-received records (diff)
downloadBouncyCastle.NET-ed25519-f27949c208ef2fbfcb6484db97bffe260109fb3c.tar.xz
Add TlsProtocol.CloseInput for use in non-blocking mode
- tighten up handling of closure during handshake
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/crypto/tls/TlsProtocol.cs43
1 files changed, 40 insertions, 3 deletions
diff --git a/crypto/src/crypto/tls/TlsProtocol.cs b/crypto/src/crypto/tls/TlsProtocol.cs

index afdaf0075..f259812f8 100644
--- a/crypto/src/crypto/tls/TlsProtocol.cs
+++ b/crypto/src/crypto/tls/TlsProtocol.cs
@@ -169,7 +169,8 @@ namespace Org.BouncyCastle.Crypto.Tls
                 {
                     if (this.mClosed)
                     {
-                        // TODO What kind of exception/alert?
+                        // NOTE: Any close during the handshake should have raised an exception.
+                        throw new TlsFatalAlert(AlertDescription.internal_error);
                     }
 
                     SafeReadRecord();
@@ -384,14 +385,16 @@ namespace Org.BouncyCastle.Crypto.Tls
                 }
                 else
                 {
-
                     /*
                      * RFC 5246 7.2.1. The other party MUST respond with a close_notify alert of its own
                      * and close down the connection immediately, discarding any pending writes.
                      */
-                    // TODO Can close_notify be a fatal alert?
                     if (description == AlertDescription.close_notify)
                     {
+                        if (!mAppDataReady)
+                        {
+                            throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                        }
                         HandleClose(false);
                     }
 
@@ -506,6 +509,10 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 if (!mRecordStream.ReadRecord())
                 {
+                    if (!mAppDataReady)
+                    {
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                    }
                     throw new TlsNoCloseNotifyException();
                 }
             }
@@ -649,6 +656,26 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /**
+         * Should be called in non-blocking mode when the input data reaches EOF.
+         */
+        public virtual void CloseInput()
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use CloseInput() in blocking mode!");
+
+            if (mClosed)
+                return;
+
+            if (mInputBuffers.Available > 0)
+                throw new EndOfStreamException();
+
+            if (!mAppDataReady)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            throw new TlsNoCloseNotifyException();
+        }
+
+        /**
          * Offer input from an arbitrary source. Only allowed in non-blocking mode.<br/>
          * <br/>
          * After this method returns, the input buffer is "owned" by this object. Other code
@@ -690,6 +717,16 @@ namespace Org.BouncyCastle.Crypto.Tls
                 }
 
                 SafeReadRecord();
+
+                if (mClosed)
+                {
+                    if (mConnectionState != CS_END)
+                    {
+                        // NOTE: Any close during the handshake should have raised an exception.
+                        throw new TlsFatalAlert(AlertDescription.internal_error);
+                    }
+                    break;
+                }
             }
         }
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-19 07:10:37 +0000