/// <summary> /// Decide which type of client and server certificates are going to be supported. /// By default, we assume that only those certificate types which match the clients /// certificate are going to be supported for the server. /// </summary> /// <returns></returns> public override IDictionary GetClientExtensions() { IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); // TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); // TlsExtensionsUtilities.AddExtendedMasterSecretExtension(clientExtensions); { /* * NOTE: If you are copying test code, do not blindly set these extensions in your own client. */ // TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); // TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16)); // TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions); #if SUPPORT_RPK if (_tlsKeyPair != null && _tlsKeyPair.CertType == CertificateType.RawPublicKey) { TlsExtensionsUtilities.AddClientCertificateTypeExtensionClient(clientExtensions, new byte[] { 2 }); TlsExtensionsUtilities.AddServerCertificateTypeExtensionClient(clientExtensions, new byte[] { 2 }); } #endif #if SUPPORT_TLS_CWT if (_tlsKeyPair != null && _tlsKeyPair.CertType == CertificateType.CwtPublicKey) { TlsExtensionsUtilities.AddClientCertificateTypeExtensionClient(clientExtensions, new byte[] { 254 }); TlsExtensionsUtilities.AddServerCertificateTypeExtensionClient(clientExtensions, new byte[] { 254 }); } #endif } TlsEvent e = new TlsEvent(TlsEvent.EventCode.GetExtensions) { Dictionary = clientExtensions }; EventHandler <TlsEvent> handler = TlsEventHandler; if (handler != null) { handler(this, e); } return(e.Dictionary); }