// IDictionary is (Int32 -> byte[])
public virtual IDictionary GetServerExtensions()
{
if (this.mEncryptThenMacOffered && AllowEncryptThenMac)
{
/*
* RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
* and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
* ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
* client.
*/
if (TlsUtilities.IsBlockCipherSuite(this.mSelectedCipherSuite))
{
TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions());
}
}
if (this.mMaxFragmentLengthOffered >= 0 &&
TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) &&
MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered);
}
if (this.mTruncatedHMacOffered && AllowTruncatedHMac)
{
TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions());
}
if (this.mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite))
{
/*
* RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello
* message including a Supported Point Formats Extension appends this extension (along
* with others) to its ServerHello message, enumerating the point formats it can parse.
*/
this.mServerECPointFormats = new byte[] { ECPointFormat.uncompressed,
ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats);
}
return(mServerExtensions);
}