summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2017-10-16 19:38:16 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2017-10-16 19:38:16 +0700
commit4f72d35badbc0694805bc9ed0c84af34bc6db709 (patch)
tree2f639031fea9a2ccbc5c1b8d1f54951ffc69827b /crypto
parentPerformance optimisation in DSTU algorithms (diff)
downloadBouncyCastle.NET-ed25519-4f72d35badbc0694805bc9ed0c84af34bc6db709.tar.xz
TLS: always send CCS immediately before FINISHED message
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/crypto/tls/TlsClientProtocol.cs3


-rw-r--r--crypto/src/crypto/tls/TlsServerProtocol.cs7


2 files changed, 2 insertions, 8 deletions
diff --git a/crypto/src/crypto/tls/TlsClientProtocol.cs b/crypto/src/crypto/tls/TlsClientProtocol.cs
index 0ea84c05c..8de76c2f8 100644
--- a/crypto/src/crypto/tls/TlsClientProtocol.cs
+++ b/crypto/src/crypto/tls/TlsClientProtocol.cs
@@ -145,6 +145,7 @@ namespace Org.BouncyCastle.Crypto.Tls
                 ProcessFinishedMessage(buf);
                 this.mConnectionState = CS_SERVER_FINISHED;
 
+                SendChangeCipherSpecMessage();
                 SendFinishedMessage();
                 this.mConnectionState = CS_CLIENT_FINISHED;
 
@@ -266,8 +267,6 @@ namespace Org.BouncyCastle.Crypto.Tls
                     {
                         this.mSecurityParameters.masterSecret = Arrays.Clone(this.mSessionParameters.MasterSecret);
                         this.mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
-
-                        SendChangeCipherSpecMessage();
                     }
                     else
                     {
diff --git a/crypto/src/crypto/tls/TlsServerProtocol.cs b/crypto/src/crypto/tls/TlsServerProtocol.cs
index c2bfbcb74..f5285d80b 100644
--- a/crypto/src/crypto/tls/TlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/TlsServerProtocol.cs
@@ -359,10 +359,10 @@ namespace Org.BouncyCastle.Crypto.Tls
                     if (this.mExpectSessionTicket)
                     {
                         SendNewSessionTicketMessage(mTlsServer.GetNewSessionTicket());
-                        SendChangeCipherSpecMessage();
                     }
                     this.mConnectionState = CS_SERVER_SESSION_TICKET;
 
+                    SendChangeCipherSpecMessage();
                     SendFinishedMessage();
                     this.mConnectionState = CS_SERVER_FINISHED;
 
@@ -647,11 +647,6 @@ namespace Org.BouncyCastle.Crypto.Tls
             }
 
             mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
-
-            if (!mExpectSessionTicket)
-            {
-                SendChangeCipherSpecMessage();
-            }
         }
 
         protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest)

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 10:29:39 +0000