diff options
Diffstat (limited to 'crypto/src/tls/DtlsClientProtocol.cs')
| -rw-r--r-- | crypto/src/tls/DtlsClientProtocol.cs | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs index 88ebbb636..2b132f564 100644 --- a/crypto/src/tls/DtlsClientProtocol.cs +++ b/crypto/src/tls/DtlsClientProtocol.cs @@ -653,19 +653,13 @@ namespace Org.BouncyCastle.Tls throw new TlsFatalAlert(AlertDescription.handshake_failure); } - TlsClientContextImpl clientContext = state.clientContext; - SecurityParameters securityParameters = clientContext.SecurityParameters; - MemoryStream buf = new MemoryStream(body, false); - CertificateRequest certificateRequest = CertificateRequest.Parse(clientContext, buf); + CertificateRequest certificateRequest = CertificateRequest.Parse(state.clientContext, buf); TlsProtocol.AssertEmpty(buf); state.certificateRequest = TlsUtilities.ValidateCertificateRequest(certificateRequest, state.keyExchange); - - securityParameters.m_clientCertificateType = TlsExtensionsUtilities.GetClientCertificateTypeExtensionServer( - state.serverExtensions, CertificateType.X509); } /// <exception cref="IOException"/> @@ -1036,6 +1030,11 @@ namespace Org.BouncyCastle.Tls securityParameters.m_statusRequestVersion = 1; } + securityParameters.m_clientCertificateType = TlsUtilities.ProcessClientCertificateTypeExtension( + sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter); + securityParameters.m_serverCertificateType = TlsUtilities.ProcessServerCertificateTypeExtension( + sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter); + state.expectSessionTicket = TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.session_ticket, AlertDescription.illegal_parameter); } |