New utility method and refactoring related to extension data

author: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-20 09:50:40 +0400
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-20 09:50:40 +0400
commit: 8239473e2e25dfcbc495bfd90d708feba6c056fd (patch)
tree: f673e727785d480acb042adf779ef2da718eacb4 /core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
parent: bc3ab6397c3bd2fcf68aa9b597eb6014b33f6050 (diff)
1 files changed, 13 insertions, 18 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
index ed8c023b..077ee56d 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
@@ -364,9 +364,8 @@ public class DTLSServerProtocol
          */
         if (state.secure_renegotiation)
         {
-
-            boolean noRenegExt = state.serverExtensions == null
-                || !state.serverExtensions.containsKey(TlsProtocol.EXT_RenegotiationInfo);
+            byte[] renegExtData = TlsUtils.getExtensionData(state.serverExtensions, TlsProtocol.EXT_RenegotiationInfo);
+            boolean noRenegExt = (null == renegExtData);
 
             if (noRenegExt)
             {
@@ -573,23 +572,19 @@ public class DTLSServerProtocol
              * The server MUST check if the "renegotiation_info" extension is included in the
              * ClientHello.
              */
-            if (state.clientExtensions != null)
+            byte[] renegExtData = TlsUtils.getExtensionData(state.clientExtensions, TlsProtocol.EXT_RenegotiationInfo);
+            if (renegExtData != null)
             {
-                byte[] renegExtValue = (byte[])state.clientExtensions.get(TlsProtocol.EXT_RenegotiationInfo);
-                if (renegExtValue != null)
-                {
-                    /*
-                     * If the extension is present, set secure_renegotiation flag to TRUE. The
-                     * server MUST then verify that the length of the "renegotiated_connection"
-                     * field is zero, and if it is not, MUST abort the handshake.
-                     */
-                    state.secure_renegotiation = true;
+                /*
+                 * If the extension is present, set secure_renegotiation flag to TRUE. The
+                 * server MUST then verify that the length of the "renegotiated_connection"
+                 * field is zero, and if it is not, MUST abort the handshake.
+                 */
+                state.secure_renegotiation = true;
 
-                    if (!Arrays.constantTimeAreEqual(renegExtValue,
-                        TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
-                    {
-                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                    }
+                if (!Arrays.constantTimeAreEqual(renegExtData, TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
+                {
+                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
                 }
             }
         }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-20 09:50:40 +0400
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-20 09:50:40 +0400
commit	8239473e2e25dfcbc495bfd90d708feba6c056fd (patch)
tree	f673e727785d480acb042adf779ef2da718eacb4 /core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
parent	bc3ab6397c3bd2fcf68aa9b597eb6014b33f6050 (diff)