diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-20 12:04:48 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-20 12:04:48 +0400 |
commit | 364a39d62d3b3b9871997d68c82a4a4f6481a92d (patch) | |
tree | 5dbadd31d70aafa60c2f5c8e7c195769d23719fa /core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java | |
parent | 67b110b7322e7056ac86cab9f8d289c82b76c758 (diff) |
Detect when truncated_hmac has been negotiated and apply truncation in
TlsMac
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java index 077ee56d..018ec6d5 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java @@ -314,6 +314,8 @@ public class DTLSServerProtocol protected byte[] generateServerHello(ServerHandshakeState state) throws IOException { + SecurityParameters securityParameters = state.serverContext.getSecurityParameters(); + ByteArrayOutputStream buf = new ByteArrayOutputStream(); ProtocolVersion server_version = state.server.getServerVersion(); @@ -330,7 +332,7 @@ public class DTLSServerProtocol TlsUtils.writeVersion(state.serverContext.getServerVersion(), buf); - buf.write(state.serverContext.getSecurityParameters().serverRandom); + buf.write(securityParameters.serverRandom); /* * The server may return an empty session_id to indicate that the session will not be cached @@ -392,8 +394,11 @@ public class DTLSServerProtocol if (state.serverExtensions != null) { + securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(state.serverExtensions); + // TODO[RFC 3546] Should this code check that the 'extension_data' is empty? state.allowCertificateStatus = state.serverExtensions.containsKey(TlsExtensionsUtils.EXT_status_request); + state.expectSessionTicket = state.serverExtensions.containsKey(TlsProtocol.EXT_SessionTicket); TlsProtocol.writeExtensions(buf, state.serverExtensions); |