public virtual void ProcessClientExtensions(IDictionary clientExtensions)
{
mClientExtensions = clientExtensions;
if (clientExtensions != null)
{
mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
throw new TlsFatalAlert(47);
}
mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
{
throw new TlsFatalAlert(47);
}
mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
}
}
protected virtual void SendServerHelloMessage()
{
HandshakeMessage handshakeMessage = new HandshakeMessage(2);
ProtocolVersion serverVersion = mTlsServer.GetServerVersion();
if (!serverVersion.IsEqualOrEarlierVersionOf(Context.ClientVersion))
{
throw new TlsFatalAlert(80);
}
mRecordStream.ReadVersion = serverVersion;
mRecordStream.SetWriteVersion(serverVersion);
mRecordStream.SetRestrictReadVersion(enabled: true);
ContextAdmin.SetServerVersion(serverVersion);
TlsUtilities.WriteVersion(serverVersion, handshakeMessage);
handshakeMessage.Write(mSecurityParameters.serverRandom);
TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, handshakeMessage);
int selectedCipherSuite = mTlsServer.GetSelectedCipherSuite();
if (!Arrays.Contains(mOfferedCipherSuites, selectedCipherSuite) || selectedCipherSuite == 0 || CipherSuite.IsScsv(selectedCipherSuite) || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, Context.ServerVersion))
{
throw new TlsFatalAlert(80);
}
mSecurityParameters.cipherSuite = selectedCipherSuite;
byte selectedCompressionMethod = mTlsServer.GetSelectedCompressionMethod();
if (!Arrays.Contains(mOfferedCompressionMethods, selectedCompressionMethod))
{
throw new TlsFatalAlert(80);
}
mSecurityParameters.compressionAlgorithm = selectedCompressionMethod;
TlsUtilities.WriteUint16(selectedCipherSuite, handshakeMessage);
TlsUtilities.WriteUint8(selectedCompressionMethod, handshakeMessage);
mServerExtensions = mTlsServer.GetServerExtensions();
if (mSecureRenegotiation)
{
byte[] extensionData = TlsUtilities.GetExtensionData(mServerExtensions, 65281);
if (null == extensionData)
{
mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mServerExtensions);
mServerExtensions[65281] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
}
}
if (mSecurityParameters.extendedMasterSecret)
{
mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mServerExtensions);
TlsExtensionsUtilities.AddExtendedMasterSecretExtension(mServerExtensions);
}
if (mServerExtensions != null)
{
mSecurityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(mServerExtensions);
mSecurityParameters.maxFragmentLength = ProcessMaxFragmentLengthExtension(mClientExtensions, mServerExtensions, 80);
mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(mServerExtensions);
mAllowCertificateStatus = (!mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, 5, 80));
mExpectSessionTicket = (!mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, 35, 80));
TlsProtocol.WriteExtensions(handshakeMessage, mServerExtensions);
}
mSecurityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(Context, mSecurityParameters.CipherSuite);
mSecurityParameters.verifyDataLength = 12;
ApplyMaxFragmentLengthExtension();
handshakeMessage.WriteToRecordStream(this);
}