summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/src/tls/AbstractTlsPeer.cs5
-rw-r--r--crypto/src/tls/DtlsClientProtocol.cs3
-rw-r--r--crypto/src/tls/DtlsRecordLayer.cs4
-rw-r--r--crypto/src/tls/DtlsReliableHandshake.cs9
-rw-r--r--crypto/src/tls/DtlsServerProtocol.cs3
-rw-r--r--crypto/src/tls/TlsPeer.cs8
-rw-r--r--crypto/src/tls/TlsUtilities.cs9
7 files changed, 33 insertions, 8 deletions
diff --git a/crypto/src/tls/AbstractTlsPeer.cs b/crypto/src/tls/AbstractTlsPeer.cs
index 6d7c88f1b..82f8dd1e5 100644
--- a/crypto/src/tls/AbstractTlsPeer.cs
+++ b/crypto/src/tls/AbstractTlsPeer.cs
@@ -65,6 +65,11 @@ namespace Org.BouncyCastle.Tls
             return 0;
         }
 
+        public virtual int GetHandshakeResendTimeMillis()
+        {
+            return 1000;
+        }
+
         public virtual bool AllowLegacyResumption()
         {
             return false;
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs
index 88a077168..72484e178 100644
--- a/crypto/src/tls/DtlsClientProtocol.cs
+++ b/crypto/src/tls/DtlsClientProtocol.cs
@@ -100,7 +100,8 @@ namespace Org.BouncyCastle.Tls
             SecurityParameters securityParameters = state.clientContext.SecurityParameters;
 
             DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.clientContext, recordLayer,
-                state.client.GetHandshakeTimeoutMillis(), null);
+                state.client.GetHandshakeTimeoutMillis(), TlsUtilities.GetHandshakeResendTimeMillis(state.client),
+                null);
 
             byte[] clientHelloBody = GenerateClientHello(state);
 
diff --git a/crypto/src/tls/DtlsRecordLayer.cs b/crypto/src/tls/DtlsRecordLayer.cs
index a61688cb0..a18210de2 100644
--- a/crypto/src/tls/DtlsRecordLayer.cs
+++ b/crypto/src/tls/DtlsRecordLayer.cs
@@ -306,7 +306,7 @@ namespace Org.BouncyCastle.Tls
                         HeartbeatMessageType.heartbeat_request, m_heartbeat.GeneratePayload());
                     this.m_heartbeatTimeout = new Timeout(m_heartbeat.TimeoutMillis, currentTimeMillis);
 
-                    this.m_heartbeatResendMillis = DtlsReliableHandshake.INITIAL_RESEND_MILLIS;
+                    this.m_heartbeatResendMillis = TlsUtilities.GetHandshakeResendTimeMillis(m_peer);
                     this.m_heartbeatResendTimeout = new Timeout(m_heartbeatResendMillis, currentTimeMillis);
 
                     SendHeartbeatMessage(m_heartbeatInFlight);
@@ -405,7 +405,7 @@ namespace Org.BouncyCastle.Tls
                         HeartbeatMessageType.heartbeat_request, m_heartbeat.GeneratePayload());
                     this.m_heartbeatTimeout = new Timeout(m_heartbeat.TimeoutMillis, currentTimeMillis);
 
-                    this.m_heartbeatResendMillis = DtlsReliableHandshake.INITIAL_RESEND_MILLIS;
+                    this.m_heartbeatResendMillis = TlsUtilities.GetHandshakeResendTimeMillis(m_peer);
                     this.m_heartbeatResendTimeout = new Timeout(m_heartbeatResendMillis, currentTimeMillis);
 
                     SendHeartbeatMessage(m_heartbeatInFlight);
diff --git a/crypto/src/tls/DtlsReliableHandshake.cs b/crypto/src/tls/DtlsReliableHandshake.cs
index 8d6eb7b84..42a98a991 100644
--- a/crypto/src/tls/DtlsReliableHandshake.cs
+++ b/crypto/src/tls/DtlsReliableHandshake.cs
@@ -11,7 +11,6 @@ namespace Org.BouncyCastle.Tls
         private const int MAX_RECEIVE_AHEAD = 16;
         private const int MESSAGE_HEADER_LENGTH = 12;
 
-        internal const int INITIAL_RESEND_MILLIS = 1000;
         private const int MAX_RESEND_MILLIS = 60000;
 
         /// <exception cref="IOException"/>
@@ -85,21 +84,23 @@ namespace Org.BouncyCastle.Tls
         private IDictionary<int, DtlsReassembler> m_previousInboundFlight = null;
         private IList<Message> m_outboundFlight = new List<Message>();
 
+        private readonly int m_initialResendMillis;
         private int m_resendMillis = -1;
         private Timeout m_resendTimeout = null;
 
         private int m_next_send_seq = 0, m_next_receive_seq = 0;
 
         internal DtlsReliableHandshake(TlsContext context, DtlsRecordLayer transport, int timeoutMillis,
-            DtlsRequest request)
+            int initialResendMillis, DtlsRequest request)
         {
             this.m_recordLayer = transport;
             this.m_handshakeHash = new DeferredHash(context);
             this.m_handshakeTimeout = Timeout.ForWaitMillis(timeoutMillis);
+            m_initialResendMillis = initialResendMillis;
 
             if (null != request)
             {
-                this.m_resendMillis = INITIAL_RESEND_MILLIS;
+                this.m_resendMillis = m_initialResendMillis;
                 this.m_resendTimeout = new Timeout(m_resendMillis);
 
                 long recordSeq = request.RecordSeq;
@@ -298,7 +299,7 @@ namespace Org.BouncyCastle.Tls
 
             if (null == m_resendTimeout)
             {
-                m_resendMillis = INITIAL_RESEND_MILLIS;
+                m_resendMillis = m_initialResendMillis;
                 m_resendTimeout = new Timeout(m_resendMillis, currentTimeMillis);
 
                 PrepareInboundFlight(new Dictionary<int, DtlsReassembler>());
diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs
index f2eaf31f8..a4f8f4bc5 100644
--- a/crypto/src/tls/DtlsServerProtocol.cs
+++ b/crypto/src/tls/DtlsServerProtocol.cs
@@ -89,7 +89,8 @@ namespace Org.BouncyCastle.Tls
             SecurityParameters securityParameters = state.serverContext.SecurityParameters;
 
             DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.serverContext, recordLayer,
-                state.server.GetHandshakeTimeoutMillis(), request);
+                state.server.GetHandshakeTimeoutMillis(), TlsUtilities.GetHandshakeResendTimeMillis(state.server),
+                request);
 
             DtlsReliableHandshake.Message clientMessage = null;
 
diff --git a/crypto/src/tls/TlsPeer.cs b/crypto/src/tls/TlsPeer.cs
index 04d66d38f..4f16978d9 100644
--- a/crypto/src/tls/TlsPeer.cs
+++ b/crypto/src/tls/TlsPeer.cs
@@ -31,6 +31,14 @@ namespace Org.BouncyCastle.Tls
         /// <returns>the handshake timeout, in milliseconds.</returns>
         int GetHandshakeTimeoutMillis();
 
+        /// <summary>Specify the time, in milliseconds, after which a handshake packet is resent.</summary>
+        /// <remarks>
+        /// NOTE: Currently only respected by DTLS protocols.
+        /// </remarks>
+        /// <returns>the handshake resend time, in milliseconds.</returns>
+        // TODO[api]
+        //int GetHandshakeResendTimeMillis();
+
         bool AllowLegacyResumption();
 
         int GetMaxCertificateChainLength();
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index a2ee82f9e..69a458a5a 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -5721,5 +5721,14 @@ namespace Org.BouncyCastle.Tls
             }
             return v;
         }
+
+        // TODO[api] Not needed once GetHandshakeResendTimeMillis() has been added to TlsPeer
+        internal static int GetHandshakeResendTimeMillis(TlsPeer tlsPeer)
+        {
+            if (tlsPeer is AbstractTlsPeer abstractTlsPeer)
+                return abstractTlsPeer.GetHandshakeResendTimeMillis();
+
+            return 1000;
+        }
     }
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 17:14:14 +0000