summary refs log tree commit diff
path: root/crypto/src/tls/TlsServerProtocol.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/tls/TlsServerProtocol.cs')
-rw-r--r--crypto/src/tls/TlsServerProtocol.cs14
1 files changed, 8 insertions, 6 deletions
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs

index 2afb625a8..89365afad 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -309,6 +309,11 @@ namespace Org.BouncyCastle.Tls
 
             this.m_expectSessionTicket = false;
 
+            // TODO[tls13-psk] Use PSK early secret if negotiated
+            TlsSecret pskEarlySecret = null;
+
+            TlsSecret sharedSecret = null;
+
             {
                 int namedGroup = clientShare.NamedGroup;
 
@@ -331,14 +336,11 @@ namespace Org.BouncyCastle.Tls
                 TlsExtensionsUtilities.AddKeyShareServerHello(serverHelloExtensions, serverShare);
 
                 agreement.ReceivePeerValue(clientShare.KeyExchange);
-                securityParameters.m_sharedSecret = agreement.CalculateSecret();
-
-                // TODO[tls13-psk] Use PSK early secret if negotiated
-                TlsSecret pskEarlySecret = null;
-
-                TlsUtilities.Establish13PhaseSecrets(m_tlsServerContext, pskEarlySecret);
+                sharedSecret = agreement.CalculateSecret();
             }
 
+            TlsUtilities.Establish13PhaseSecrets(m_tlsServerContext, pskEarlySecret, sharedSecret);
+
             this.m_serverExtensions = serverEncryptedExtensions;
 
             ApplyMaxFragmentLengthExtension(securityParameters.MaxFragmentLength);
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-07 15:43:04 +0000