diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-23 08:43:50 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-23 08:43:50 +0400 |
commit | 34656055887593414f3941edd38a8140e171b711 (patch) | |
tree | e241132e9e2798bab020cdf3c1f6ab3f02fa646d /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | |
parent | 09e97c465f70b592f962d7cbbe186948097202ef (diff) |
Add TlsClient.getResumableSession instead of new
TlsClientProtocol.connect argument
New SessionParameters class to manage session data
Resumed sessions added to context immediately
Javadoc
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | 45 |
1 files changed, 20 insertions, 25 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index f292acd9..2d9df713 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -23,8 +23,6 @@ public class TlsServerProtocol protected short[] offeredCompressionMethods = null; protected Hashtable clientExtensions = null; - protected int selectedCipherSuite; - protected short selectedCompressionMethod; protected Hashtable serverExtensions = null; protected TlsKeyExchange keyExchange = null; @@ -117,21 +115,16 @@ public class TlsServerProtocol sendServerHelloMessage(); this.connection_state = CS_SERVER_HELLO; - // TODO This block could really be done before actually sending the hello - { - securityParameters.cipherSuite = this.selectedCipherSuite; - securityParameters.compressionAlgorithm = this.selectedCompressionMethod; - securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(), selectedCipherSuite); - - /* - * RFC 5264 7.4.9. Any cipher suite which does not explicitly specify - * verify_data_length has a verify_data_length equal to 12. This includes all - * existing cipher suites. - */ - securityParameters.verifyDataLength = 12; - - recordStream.notifyHelloComplete(); - } + securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(), securityParameters.getCipherSuite()); + + /* + * RFC 5264 7.4.9. Any cipher suite which does not explicitly specify + * verify_data_length has a verify_data_length equal to 12. This includes all + * existing cipher suites. + */ + securityParameters.verifyDataLength = 12; + + recordStream.notifyHelloComplete(); Vector serverSupplementalData = tlsServer.getServerSupplementalData(); if (serverSupplementalData != null) @@ -669,22 +662,24 @@ public class TlsServerProtocol */ TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, message); - this.selectedCipherSuite = tlsServer.getSelectedCipherSuite(); - if (!arrayContains(this.offeredCipherSuites, this.selectedCipherSuite) - || this.selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL - || this.selectedCipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) + int selectedCipherSuite = tlsServer.getSelectedCipherSuite(); + if (!arrayContains(this.offeredCipherSuites, selectedCipherSuite) + || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL + || selectedCipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) { this.failWithError(AlertLevel.fatal, AlertDescription.internal_error); } + securityParameters.cipherSuite = selectedCipherSuite; - this.selectedCompressionMethod = tlsServer.getSelectedCompressionMethod(); - if (!arrayContains(this.offeredCompressionMethods, this.selectedCompressionMethod)) + short selectedCompressionMethod = tlsServer.getSelectedCompressionMethod(); + if (!arrayContains(this.offeredCompressionMethods, selectedCompressionMethod)) { this.failWithError(AlertLevel.fatal, AlertDescription.internal_error); } + securityParameters.compressionAlgorithm = selectedCompressionMethod; - TlsUtils.writeUint16(this.selectedCipherSuite, message); - TlsUtils.writeUint8(this.selectedCompressionMethod, message); + TlsUtils.writeUint16(selectedCipherSuite, message); + TlsUtils.writeUint8(selectedCompressionMethod, message); this.serverExtensions = tlsServer.getServerExtensions(); |