From 2cb589c0cbd7188ef3f2f70305f13d2eab9ffe60 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Mon, 30 May 2022 00:36:32 +0700
Subject: Set randoms before extensions processing

- see https://github.com/bcgit/bc-java/issues/1167
---
 crypto/src/tls/TlsClientProtocol.cs | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'crypto/src/tls/TlsClientProtocol.cs')

diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs
index ba2b565ca..399d8c9b8 100644
--- a/crypto/src/tls/TlsClientProtocol.cs
+++ b/crypto/src/tls/TlsClientProtocol.cs
@@ -1638,6 +1638,12 @@ namespace Org.BouncyCastle.Tls
             bool offeringTlsV12Minus = ProtocolVersion.TLSv12.IsEqualOrLaterVersionOf(earliestVersion);
             bool offeringTlsV13Plus = ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(latestVersion);
 
+            {
+                bool useGmtUnixTime = !offeringTlsV13Plus && m_tlsClient.ShouldUseGmtUnixTime();
+
+                securityParameters.m_clientRandom = CreateRandomBlock(useGmtUnixTime, m_tlsClientContext);
+            }
+
             EstablishSession(offeringTlsV12Minus ? m_tlsClient.GetSessionToResume() : null);
             m_tlsClient.NotifySessionToResume(m_tlsSession);
 
@@ -1710,12 +1716,6 @@ namespace Org.BouncyCastle.Tls
                 throw new TlsFatalAlert(AlertDescription.internal_error);
             }
 
-            {
-                bool useGmtUnixTime = !offeringTlsV13Plus && m_tlsClient.ShouldUseGmtUnixTime();
-
-                securityParameters.m_clientRandom = CreateRandomBlock(useGmtUnixTime, m_tlsClientContext);
-            }
-
             // NOT renegotiating
             {
                 /*
-- 
cgit 1.4.1