diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-29 07:11:21 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-29 07:11:21 +0400 |
| commit | 413bd3cc1d5f79fca3b685235c5f74bd954e909a (patch) | |
| tree | 57440e0a6766a31eb7ad2cee6fda4868eae5a870 /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | |
| parent | fa002ffe00cdc8b211408b451c63641095ab095f (diff) | |
Exclude some extensions during session resumption
Add TODOs for various RFC clauses
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java')
| -rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | 30 |
1 files changed, 18 insertions, 12 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index 73a13c15..354beae1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -449,35 +449,39 @@ public class TlsServerProtocol throw new TlsFatalAlert(AlertDescription.illegal_parameter); } - /* - * Read the client random - */ byte[] client_random = TlsUtils.readFully(32, buf); + /* + * TODO RFC 5077 3.4. If a ticket is presented by the client, the server MUST NOT attempt to + * use the Session ID in the ClientHello for stateful session resumption. + */ byte[] sessionID = TlsUtils.readOpaque8(buf); if (sessionID.length > 32) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } + /* + * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session + * resumption request), this vector MUST include at least the cipher_suite from that + * session. + */ int cipher_suites_length = TlsUtils.readUint16(buf); if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } + this.offeredCipherSuites = TlsUtils.readUint16Array(cipher_suites_length / 2, buf); /* - * NOTE: "If the session_id field is not empty (implying a session resumption request) this - * vector must include at least the cipher_suite from that session." + * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session + * resumption request), it MUST include the compression_method from that session. */ - this.offeredCipherSuites = TlsUtils.readUint16Array(cipher_suites_length / 2, buf); - int compression_methods_length = TlsUtils.readUint8(buf); if (compression_methods_length < 1) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } - this.offeredCompressionMethods = TlsUtils.readUint8Array(compression_methods_length, buf); /* @@ -691,11 +695,13 @@ public class TlsServerProtocol this.securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(this.serverExtensions); - this.allowCertificateStatus = TlsUtils.hasExpectedEmptyExtensionData(this.serverExtensions, - TlsExtensionsUtils.EXT_status_request, AlertDescription.internal_error); + this.allowCertificateStatus = !this.resumedSession + && TlsUtils.hasExpectedEmptyExtensionData(this.serverExtensions, TlsExtensionsUtils.EXT_status_request, + AlertDescription.internal_error); - this.expectSessionTicket = TlsUtils.hasExpectedEmptyExtensionData(this.serverExtensions, - TlsProtocol.EXT_SessionTicket, AlertDescription.internal_error); + this.expectSessionTicket = !this.resumedSession + && TlsUtils.hasExpectedEmptyExtensionData(this.serverExtensions, TlsProtocol.EXT_SessionTicket, + AlertDescription.internal_error); writeExtensions(message, this.serverExtensions); } |