TLS: Don't check CCS status for hello_request

author: Peter Dettman <peter.dettman@bouncycastle.org> 2018-10-04 11:48:54 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2018-10-04 11:48:54 +0700
commit: 6e4b9784d9ae3d159a316b3d801fad5b6ff34a67 (patch)
tree: f8c91883f3d611a72e955d890ec3a63e2e7d2d59 /crypto
parent: RFC 8032: Avoid unnecessary doublings in precomputation (diff)
download: BouncyCastle.NET-ed25519-6e4b9784d9ae3d159a316b3d801fad5b6ff34a67.tar.xz
1 files changed, 14 insertions, 15 deletions
diff --git a/crypto/src/crypto/tls/TlsProtocol.cs b/crypto/src/crypto/tls/TlsProtocol.cs
index 72151d414..bbb76d53c 100644
--- a/crypto/src/crypto/tls/TlsProtocol.cs
+++ b/crypto/src/crypto/tls/TlsProtocol.cs
@@ -391,31 +391,30 @@ namespace Org.BouncyCastle.Crypto.Tls
                 if (queue.Available < totalLength)
                     break;
 
-                CheckReceivedChangeCipherSpec(mConnectionState == CS_END || type == HandshakeType.finished);
-
                 /*
                  * RFC 2246 7.4.9. The value handshake_messages includes all handshake messages
                  * starting at client hello up to, but not including, this finished message.
                  * [..] Note: [Also,] Hello Request messages are omitted from handshake hashes.
                  */
-                switch (type)
-                {
-                case HandshakeType.hello_request:
-                    break;
-                case HandshakeType.finished:
-                default:
+                if (HandshakeType.hello_request != type)
                 {
-                    TlsContext ctx = Context;
-                    if (type == HandshakeType.finished
-                        && this.mExpectedVerifyData == null
-                        && ctx.SecurityParameters.MasterSecret != null)
+                    if (HandshakeType.finished == type)
                     {
-                        this.mExpectedVerifyData = CreateVerifyData(!ctx.IsServer);
+                        CheckReceivedChangeCipherSpec(true);
+
+                        TlsContext ctx = Context;
+                        if (this.mExpectedVerifyData == null
+                            && ctx.SecurityParameters.MasterSecret != null)
+                        {
+                            this.mExpectedVerifyData = CreateVerifyData(!ctx.IsServer);
+                        }
+                    }
+                    else
+                    {
+                        CheckReceivedChangeCipherSpec(mConnectionState == CS_END);
                     }
 
                     queue.CopyTo(mRecordStream.HandshakeHashUpdater, totalLength);
-                    break;
-                }
                 }
 
                 queue.RemoveData(4);
author	Peter Dettman <peter.dettman@bouncycastle.org>	2018-10-04 11:48:54 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2018-10-04 11:48:54 +0700
commit	6e4b9784d9ae3d159a316b3d801fad5b6ff34a67 (patch)
tree	f8c91883f3d611a72e955d890ec3a63e2e7d2d59 /crypto
parent	RFC 8032: Avoid unnecessary doublings in precomputation (diff)
download	BouncyCastle.NET-ed25519-6e4b9784d9ae3d159a316b3d801fad5b6ff34a67.tar.xz