diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-07 15:31:42 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-07 15:31:42 +0400 |
| commit | cc6a790cde64d893ea5087c80c7a4af619e18f28 (patch) | |
| tree | 351eaa198be199933560838b4bb807bcba572549 /core/src/main/java/org/bouncycastle/crypto/tls | |
| parent | 537512892fc16fde743f23fe358e03d1060632cd (diff) | |
Add TODOs related to the handshake hash
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls')
4 files changed, 15 insertions, 0 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java index 3c215fdd..e446a8eb 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java @@ -255,6 +255,8 @@ public class DTLSClientProtocol throw new TlsFatalAlert(AlertDescription.unexpected_message); } + // TODO Seal the handshake hash list of digests + Vector clientSupplementalData = state.client.getClientSupplementalData(); if (clientSupplementalData != null) { @@ -485,6 +487,8 @@ public class DTLSClientProtocol TlsProtocol.assertEmpty(buf); state.keyExchange.validateCertificateRequest(state.certificateRequest); + + // TODO Let the handshake hash know what digests it needs to be tracking for this } protected void processCertificateStatus(ClientHandshakeState state, byte[] body) diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java index 4bc736bb..55355926 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java @@ -183,6 +183,8 @@ public class DTLSServerProtocol { state.keyExchange.validateCertificateRequest(state.certificateRequest); + // TODO Let the handshake hash know what digests it needs to be tracking for this + byte[] certificateRequestBody = generateCertificateRequest(state, state.certificateRequest); handshake.sendMessage(HandshakeType.certificate_request, certificateRequestBody); } @@ -190,6 +192,8 @@ public class DTLSServerProtocol handshake.sendMessage(HandshakeType.server_hello_done, TlsUtils.EMPTY_BYTES); + // TODO Seal the handshake hash list of digests + clientMessage = handshake.receiveMessage(); if (clientMessage.getType() == HandshakeType.supplemental_data) diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java index f4a81868..7245421e 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java @@ -322,6 +322,8 @@ public class TlsClientProtocol this.connection_state = CS_SERVER_HELLO_DONE; + // TODO Seal the handshake hash list of digests + Vector clientSupplementalData = tlsClient.getClientSupplementalData(); if (clientSupplementalData != null) { diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index dec135f2..b3eebc23 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -160,6 +160,9 @@ public class TlsServerProtocol if (this.certificateRequest != null) { this.keyExchange.validateCertificateRequest(certificateRequest); + + // TODO Let the handshake hash know what digests it needs to be tracking for this + sendCertificateRequestMessage(certificateRequest); } } @@ -168,6 +171,8 @@ public class TlsServerProtocol sendServerHelloDoneMessage(); this.connection_state = CS_SERVER_HELLO_DONE; + // TODO Seal the handshake hash list of digests + break; } default: |