From 0bb833034be24db92d87d5264c5154698924ae25 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Mon, 26 Jul 2021 14:32:32 +0700 Subject: Initial fix for reneg issue - see https://github.com/bcgit/bc-java/issues/990 --- crypto/src/tls/AbstractTlsContext.cs | 5 +++++ crypto/src/tls/TlsProtocol.cs | 17 +++++++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/crypto/src/tls/AbstractTlsContext.cs b/crypto/src/tls/AbstractTlsContext.cs index c70312721..75e46d993 100644 --- a/crypto/src/tls/AbstractTlsContext.cs +++ b/crypto/src/tls/AbstractTlsContext.cs @@ -94,6 +94,11 @@ namespace Org.BouncyCastle.Tls get { lock (this) return m_connected; } } + internal bool IsHandshaking + { + get { lock (this) return !m_connected && null != m_securityParameters; } + } + public TlsCrypto Crypto { get { return m_crypto; } diff --git a/crypto/src/tls/TlsProtocol.cs b/crypto/src/tls/TlsProtocol.cs index 317b6b193..044fca42d 100644 --- a/crypto/src/tls/TlsProtocol.cs +++ b/crypto/src/tls/TlsProtocol.cs @@ -401,7 +401,7 @@ namespace Org.BouncyCastle.Tls AbstractTlsContext context = ContextAdmin; SecurityParameters securityParameters = context.SecurityParameters; - if (m_appDataReady || + if (!context.IsHandshaking || null == securityParameters.LocalVerifyData || null == securityParameters.PeerVerifyData) { @@ -1557,6 +1557,19 @@ namespace Org.BouncyCastle.Tls get { return m_closed; } } + public virtual bool IsConnected + { + get + { + if (m_closed) + return false; + + AbstractTlsContext context = ContextAdmin; + + return null != context && context.IsConnected; + } + } + public virtual bool IsHandshaking { get @@ -1566,7 +1579,7 @@ namespace Org.BouncyCastle.Tls AbstractTlsContext context = ContextAdmin; - return null != context && !context.IsConnected; + return null != context && context.IsHandshaking; } } -- cgit 1.4.1