BCJSSE: Fix supported_versions creation for renegotiation handshake

Author: peterdettman

tls/src/main/java/org/bouncycastle/jsse/provider/ProvTlsClient.java

@@ -214,7 +214,7 @@ protected Vector<ServerName> getSNIServerNames()
     @Override
     protected int[] getSupportedCipherSuites()
     {
-        return manager.getContextData().getActiveCipherSuites(getCrypto(), sslParameters, getProtocolVersions());
+        return null;
     }
 
     @Override
@@ -240,7 +240,7 @@ protected Vector<SignatureAndHashAlgorithm> getSupportedSignatureAlgorithmsCert(
     @Override
     protected ProtocolVersion[] getSupportedVersions()
     {
-        return manager.getContextData().getActiveProtocolVersions(sslParameters);
+        return null;
     }
 
     @Override
@@ -492,13 +492,30 @@ public void notifyHandshakeBeginning() throws IOException
     {
         super.notifyHandshakeBeginning();
 
-        if (LOG.isLoggable(Level.FINE))
+        ContextData contextData = manager.getContextData();
+        ProtocolVersion[] activeProtocolVersions;
+
+        if (context.getSecurityParametersHandshake().isRenegotiating())
         {
-            LOG.fine(clientID + " opening connection to " + JsseUtils.getPeerReport(manager));
+            if (LOG.isLoggable(Level.FINE))
+            {
+                LOG.fine(clientID + " renegotiating connection to " + JsseUtils.getPeerReport(manager));
+            }
+
+            activeProtocolVersions = context.getSecurityParametersConnection().getNegotiatedVersion().only();
         }
+        else
+        {
+            if (LOG.isLoggable(Level.FINE))
+            {
+                LOG.fine(clientID + " opening connection to " + JsseUtils.getPeerReport(manager));
+            }
 
-        ContextData contextData = manager.getContextData();
-        ProtocolVersion[] activeProtocolVersions = getProtocolVersions();
+            activeProtocolVersions = contextData.getActiveProtocolVersions(sslParameters);
+        }
+
+        this.protocolVersions = activeProtocolVersions;
+        this.cipherSuites = contextData.getActiveCipherSuites(getCrypto(), sslParameters, activeProtocolVersions);
 
         jsseSecurityParameters.namedGroups = contextData.getNamedGroupsClient(sslParameters, activeProtocolVersions);
 

tls/src/main/java/org/bouncycastle/tls/TlsClientProtocol.java

@@ -1142,6 +1142,11 @@ protected void processServerHello(ServerHello serverHello)
             server_version = supported_version;
         }
 
+        if (!ProtocolVersion.contains(tlsClientContext.getClientSupportedVersions(), server_version))
+        {
+            throw new TlsFatalAlert(AlertDescription.protocol_version);
+        }
+
         final SecurityParameters securityParameters = tlsClientContext.getSecurityParametersHandshake();
 
         if (securityParameters.isRenegotiating())
@@ -1154,11 +1159,6 @@ protected void processServerHello(ServerHello serverHello)
         }
         else
         {
-            if (!ProtocolVersion.contains(tlsClientContext.getClientSupportedVersions(), server_version))
-            {
-                throw new TlsFatalAlert(AlertDescription.protocol_version);
-            }
-
             ProtocolVersion legacy_record_version = server_version.isLaterVersionOf(ProtocolVersion.TLSv12)
                 ? ProtocolVersion.TLSv12
                 : server_version;
@@ -1764,21 +1764,10 @@ protected void sendClientHello()
     {
         SecurityParameters securityParameters = tlsClientContext.getSecurityParametersHandshake();
 
-        ProtocolVersion[] supportedVersions;
-        ProtocolVersion earliestVersion, latestVersion;
+        ProtocolVersion[] supportedVersions = tlsClient.getProtocolVersions();
 
-        if (securityParameters.isRenegotiating())
-        {
-            ProtocolVersion clientVersion = tlsClientContext.getClientVersion();
-
-            supportedVersions = clientVersion.only();
-            earliestVersion = clientVersion;
-            latestVersion = clientVersion;
-        }
-        else
+        if (!securityParameters.isRenegotiating())
         {
-            supportedVersions = tlsClient.getProtocolVersions();
-
             if (ProtocolVersion.contains(supportedVersions, ProtocolVersion.SSLv3))
             {
                 // TODO[tls13] Prevent offering SSLv3 AND TLSv13?
@@ -1788,18 +1777,17 @@ protected void sendClientHello()
             {
                 recordStream.setWriteVersion(ProtocolVersion.TLSv10);
             }
+        }
 
-            earliestVersion = ProtocolVersion.getEarliestTLS(supportedVersions);
-            latestVersion = ProtocolVersion.getLatestTLS(supportedVersions);
-
-            if (!ProtocolVersion.isSupportedTLSVersionClient(latestVersion))
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
+        ProtocolVersion earliestVersion = ProtocolVersion.getEarliestTLS(supportedVersions);
+        ProtocolVersion latestVersion = ProtocolVersion.getLatestTLS(supportedVersions);
 
-            tlsClientContext.setClientVersion(latestVersion);
+        if (!ProtocolVersion.isSupportedTLSVersionClient(latestVersion))
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
         }
-
+ 
+        tlsClientContext.setClientVersion(latestVersion);
         tlsClientContext.setClientSupportedVersions(supportedVersions);
 
         final boolean offeringTLSv12Minus = ProtocolVersion.TLSv12.isEqualOrLaterVersionOf(earliestVersion);