summary refs log tree commit diff
path: root/crypto/src/tls/TlsServerProtocol.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/tls/TlsServerProtocol.cs')
-rw-r--r--crypto/src/tls/TlsServerProtocol.cs40
1 files changed, 20 insertions, 20 deletions
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs

index c90ef4109..88bc9d5fa 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -187,6 +187,15 @@ namespace Org.BouncyCastle.Tls
             }
             else
             {
+                {
+                    securityParameters.m_serverRandom = CreateRandomBlock(false, m_tlsServerContext);
+
+                    if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions())))
+                    {
+                        TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom);
+                    }
+                }
+
                 this.m_clientExtensions = clientHelloExtensions;
 
                 securityParameters.m_secureRenegotiation = false;
@@ -230,15 +239,6 @@ namespace Org.BouncyCastle.Tls
                 TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext);
 
                 {
-                    securityParameters.m_serverRandom = CreateRandomBlock(false, m_tlsServerContext);
-
-                    if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions())))
-                    {
-                        TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom);
-                    }
-                }
-
-                {
                     // TODO[tls13] Constrain selection when PSK selected
                     int cipherSuite = m_tlsServer.GetSelectedCipherSuite();
 
@@ -460,6 +460,17 @@ namespace Org.BouncyCastle.Tls
 
             m_recordStream.SetWriteVersion(serverVersion);
 
+            {
+                bool useGmtUnixTime = m_tlsServer.ShouldUseGmtUnixTime();
+
+                securityParameters.m_serverRandom = CreateRandomBlock(useGmtUnixTime, m_tlsServerContext);
+
+                if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions())))
+                {
+                    TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom);
+                }
+            }
+
             this.m_clientExtensions = clientHello.Extensions;
 
             byte[] clientRenegExtData = TlsUtilities.GetExtensionData(m_clientExtensions, ExtensionType.renegotiation_info);
@@ -557,17 +568,6 @@ namespace Org.BouncyCastle.Tls
             TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext);
 
             {
-                bool useGmtUnixTime = m_tlsServer.ShouldUseGmtUnixTime();
-
-                securityParameters.m_serverRandom = CreateRandomBlock(useGmtUnixTime, m_tlsServerContext);
-
-                if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions())))
-                {
-                    TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom);
-                }
-            }
-
-            {
                 int cipherSuite = m_resumedSession
                     ?   m_sessionParameters.CipherSuite
                     :   m_tlsServer.GetSelectedCipherSuite();
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-27 19:11:45 +0000