From d547000f967e7c7df0447783d74aa511c108bfd2 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Fri, 6 Mar 2015 15:32:51 +0700 Subject: Improved handling for out-of-order Finished message --- crypto/src/crypto/tls/TlsProtocol.cs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'crypto') diff --git a/crypto/src/crypto/tls/TlsProtocol.cs b/crypto/src/crypto/tls/TlsProtocol.cs index 09838a717..08b39f2a6 100644 --- a/crypto/src/crypto/tls/TlsProtocol.cs +++ b/crypto/src/crypto/tls/TlsProtocol.cs @@ -270,15 +270,20 @@ namespace Org.BouncyCastle.Crypto.Tls break; case HandshakeType.finished: default: - if (type == HandshakeType.finished && this.mExpectedVerifyData == null) + { + TlsContext ctx = Context; + if (type == HandshakeType.finished + && this.mExpectedVerifyData == null + && ctx.SecurityParameters.MasterSecret != null) { - this.mExpectedVerifyData = CreateVerifyData(!Context.IsServer); + this.mExpectedVerifyData = CreateVerifyData(!ctx.IsServer); } mRecordStream.UpdateHandshakeData(beginning, 0, 4); mRecordStream.UpdateHandshakeData(buf, 0, len); break; } + } /* * Now, parse the message. @@ -612,6 +617,9 @@ namespace Org.BouncyCastle.Crypto.Tls protected virtual void ProcessFinishedMessage(MemoryStream buf) { + if (mExpectedVerifyData == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + byte[] verify_data = TlsUtilities.ReadFully(mExpectedVerifyData.Length, buf); AssertEmpty(buf); -- cgit 1.5.1