/// <summary>
/// Decide which type of client and server certificates are going to be supported.
/// By default, we assume that only those certificate types which match the clients
/// certificate are going to be supported for the server.
/// </summary>
/// <returns></returns>
public override IDictionary GetClientExtensions()
{
IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions());
// TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions);
// TlsExtensionsUtilities.AddExtendedMasterSecretExtension(clientExtensions);
{
/*
* NOTE: If you are copying test code, do not blindly set these extensions in your own client.
*/
// TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
// TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16));
// TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions);
#if SUPPORT_RPK
if (_tlsKeyPair != null && _tlsKeyPair.CertType == CertificateType.RawPublicKey)
{
TlsExtensionsUtilities.AddClientCertificateTypeExtensionClient(clientExtensions, new byte[] { 2 });
TlsExtensionsUtilities.AddServerCertificateTypeExtensionClient(clientExtensions, new byte[] { 2 });
}
#endif
#if SUPPORT_TLS_CWT
if (_tlsKeyPair != null && _tlsKeyPair.CertType == CertificateType.CwtPublicKey)
{
TlsExtensionsUtilities.AddClientCertificateTypeExtensionClient(clientExtensions, new byte[] { 254 });
TlsExtensionsUtilities.AddServerCertificateTypeExtensionClient(clientExtensions, new byte[] { 254 });
}
#endif
}
TlsEvent e = new TlsEvent(TlsEvent.EventCode.GetExtensions)
{
Dictionary = clientExtensions
};
EventHandler <TlsEvent> handler = TlsEventHandler;
if (handler != null)
{
handler(this, e);
}
return(e.Dictionary);
}