diff options
Diffstat (limited to 'crypto/src/tls/DtlsServerProtocol.cs')
| -rw-r--r-- | crypto/src/tls/DtlsServerProtocol.cs | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs index 2c6ddf31f..c019eb9fb 100644 --- a/crypto/src/tls/DtlsServerProtocol.cs +++ b/crypto/src/tls/DtlsServerProtocol.cs @@ -146,10 +146,6 @@ namespace Org.BouncyCastle.Tls } handshake.HandshakeHash.NotifyPrfDetermined(); - if (!ProtocolVersion.DTLSv12.Equals(securityParameters.NegotiatedVersion)) - { - handshake.HandshakeHash.SealHashAlgorithms(); - } IList serverSupplementalData = state.server.GetServerSupplementalData(); if (serverSupplementalData != null) @@ -233,7 +229,14 @@ namespace Org.BouncyCastle.Tls { TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash, securityParameters.ServerSigAlgs); - if (!state.serverContext.Crypto.HasAllRawSignatureAlgorithms()) + if (state.serverContext.Crypto.HasAnyStreamVerifiers(securityParameters.ServerSigAlgs)) + { + handshake.HandshakeHash.ForceBuffering(); + } + } + else + { + if (state.serverContext.Crypto.HasAnyStreamVerifiersLegacy(state.certificateRequest.CertificateTypes)) { handshake.HandshakeHash.ForceBuffering(); } @@ -241,10 +244,7 @@ namespace Org.BouncyCastle.Tls } } - if (ProtocolVersion.DTLSv12.Equals(securityParameters.NegotiatedVersion)) - { - handshake.HandshakeHash.SealHashAlgorithms(); - } + handshake.HandshakeHash.SealHashAlgorithms(); if (null != state.certificateRequest) { |