Add TlsClient.getResumableSession instead of new

TlsClientProtocol.connect argument New SessionParameters class to manage session data Resumed sessions added to context immediately Javadoc
author: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-23 08:43:50 +0400
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2013-06-23 08:43:50 +0400
commit: 34656055887593414f3941edd38a8140e171b711 (patch)
tree: e241132e9e2798bab020cdf3c1f6ab3f02fa646d /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
parent: 09e97c465f70b592f962d7cbbe186948097202ef (diff)
1 files changed, 20 insertions, 25 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
index f292acd9..2d9df713 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
@@ -23,8 +23,6 @@ public class TlsServerProtocol
     protected short[] offeredCompressionMethods = null;
     protected Hashtable clientExtensions = null;
 
-    protected int selectedCipherSuite;
-    protected short selectedCompressionMethod;
     protected Hashtable serverExtensions = null;
 
     protected TlsKeyExchange keyExchange = null;
@@ -117,21 +115,16 @@ public class TlsServerProtocol
                 sendServerHelloMessage();
                 this.connection_state = CS_SERVER_HELLO;
 
-                // TODO This block could really be done before actually sending the hello
-                {
-                    securityParameters.cipherSuite = this.selectedCipherSuite;
-                    securityParameters.compressionAlgorithm = this.selectedCompressionMethod;
-                    securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(), selectedCipherSuite);
-
-                    /*
-                     * RFC 5264 7.4.9. Any cipher suite which does not explicitly specify
-                     * verify_data_length has a verify_data_length equal to 12. This includes all
-                     * existing cipher suites.
-                     */
-                    securityParameters.verifyDataLength = 12;
-
-                    recordStream.notifyHelloComplete();
-                }
+                securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(), securityParameters.getCipherSuite());
+
+                /*
+                 * RFC 5264 7.4.9. Any cipher suite which does not explicitly specify
+                 * verify_data_length has a verify_data_length equal to 12. This includes all
+                 * existing cipher suites.
+                 */
+                securityParameters.verifyDataLength = 12;
+
+                recordStream.notifyHelloComplete();
 
                 Vector serverSupplementalData = tlsServer.getServerSupplementalData();
                 if (serverSupplementalData != null)
@@ -669,22 +662,24 @@ public class TlsServerProtocol
          */
         TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, message);
 
-        this.selectedCipherSuite = tlsServer.getSelectedCipherSuite();
-        if (!arrayContains(this.offeredCipherSuites, this.selectedCipherSuite)
-            || this.selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
-            || this.selectedCipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+        int selectedCipherSuite = tlsServer.getSelectedCipherSuite();
+        if (!arrayContains(this.offeredCipherSuites, selectedCipherSuite)
+            || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
+            || selectedCipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
         {
             this.failWithError(AlertLevel.fatal, AlertDescription.internal_error);
         }
+        securityParameters.cipherSuite = selectedCipherSuite;
 
-        this.selectedCompressionMethod = tlsServer.getSelectedCompressionMethod();
-        if (!arrayContains(this.offeredCompressionMethods, this.selectedCompressionMethod))
+        short selectedCompressionMethod = tlsServer.getSelectedCompressionMethod();
+        if (!arrayContains(this.offeredCompressionMethods, selectedCompressionMethod))
         {
             this.failWithError(AlertLevel.fatal, AlertDescription.internal_error);
         }
+        securityParameters.compressionAlgorithm = selectedCompressionMethod;
 
-        TlsUtils.writeUint16(this.selectedCipherSuite, message);
-        TlsUtils.writeUint8(this.selectedCompressionMethod, message);
+        TlsUtils.writeUint16(selectedCipherSuite, message);
+        TlsUtils.writeUint8(selectedCompressionMethod, message);
 
         this.serverExtensions = tlsServer.getServerExtensions();
author	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-23 08:43:50 +0400
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2013-06-23 08:43:50 +0400
commit	34656055887593414f3941edd38a8140e171b711 (patch)
tree	e241132e9e2798bab020cdf3c1f6ab3f02fa646d /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
parent	09e97c465f70b592f962d7cbbe186948097202ef (diff)