bcgit
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/AbstractTlsClient.java‎
Lines changed: 37 additions & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/AbstractTlsClient.java‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java‎
Lines changed: 68 additions & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/AbstractTlsServer.java‎
Lines changed: 68 additions & 0 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/Certificate.java‎
Lines changed: 48 additions & 8 deletions b/‎tls/src/main/java/org/bouncycastle/tls/Certificate.java‎
Lines changed: 48 additions & 8 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSClientProtocol.java‎
Lines changed: 4 additions & 1 deletion b/‎tls/src/main/java/org/bouncycastle/tls/DTLSClientProtocol.java‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/DTLSServerProtocol.java‎
Lines changed: 1 addition & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/DTLSServerProtocol.java‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java‎
Lines changed: 6 additions & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/SecurityParameters.java‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/TlsClientProtocol.java‎
Lines changed: 8 additions & 2 deletions b/‎tls/src/main/java/org/bouncycastle/tls/TlsClientProtocol.java‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java‎
Lines changed: 4 additions & 4 deletions b/‎tls/src/main/java/org/bouncycastle/tls/TlsExtensionsUtils.java‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java‎
Lines changed: 2 additions & 0 deletions b/‎tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java‎
Lines changed: 2 additions & 0 deletions
@@ -179,6 +179,16 @@ protected Vector getTrustedCAIndication()
         return null;
     }
 
+    protected short[] getAllowedClientCertificateTypes()
+    {
+        return null;
+    }
+
+    protected short[] getAllowedServerCertificateTypes()
+    {
+        return null;
+    }
+
     public void init(TlsClientContext context)
     {
         this.context = context;
@@ -337,6 +347,33 @@ public Hashtable getClientExtensions()
             }
         }
 
+        /*
+         * RFC 7250 4.1:
+         *
+         * If the client has no remaining certificate types to send in
+         * the client hello, other than the default X.509 type, it MUST omit the
+         * client_certificate_type extension in the client hello.
+         */
+        short[] clientCertTypes = getAllowedClientCertificateTypes();
+        if (clientCertTypes != null && (clientCertTypes.length > 1 || clientCertTypes[0] != CertificateType.X509))
+        {
+            TlsExtensionsUtils.addClientCertificateTypeExtensionClient(clientExtensions, clientCertTypes);
+        }
+
+        /*
+         * RFC 7250 4.1:
+         *
+         * If the client has no remaining certificate types to send in
+         * the client hello, other than the default X.509 certificate type, it
+         * MUST omit the entire server_certificate_type extension from the
+         * client hello.
+         */
+        short[] serverCertTypes = getAllowedServerCertificateTypes();
+        if (serverCertTypes != null && (serverCertTypes.length > 1 || serverCertTypes[0] != CertificateType.X509))
+        {
+            TlsExtensionsUtils.addServerCertificateTypeExtensionClient(clientExtensions, serverCertTypes);
+        }
+
         return clientExtensions;
     }
 
 
@@ -229,6 +229,16 @@ protected boolean shouldSelectProtocolNameEarly()
         return true;
     }
 
+    protected boolean preferLocalClientCertificateTypes()
+    {
+        return false;
+    }
+
+    protected short[] getAllowedClientCertificateTypes()
+    {
+        return null;
+    }
+
     public void init(TlsServerContext context)
     {
         this.context = context;
@@ -523,6 +533,64 @@ else if (null != this.certificateStatusRequest && allowCertificateStatus())
             TlsExtensionsUtils.addMaxFragmentLengthExtension(serverExtensions, this.maxFragmentLengthOffered);
         }
 
+        // RFC 7250 4.2 for server_certificate_type
+        short[] serverCertTypes = TlsExtensionsUtils.getServerCertificateTypeExtensionClient(clientExtensions);
+        if (serverCertTypes != null)
+        {
+            TlsCredentials credentials = getCredentials();
+
+            if (credentials == null ||
+                !TlsUtils.contains(serverCertTypes, 0, serverCertTypes.length, credentials.getCertificate().getCertificateType()))
+            {
+                // outcome 2: we support the extension but have no common types
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+            }
+
+            // outcome 3: we support the extension and have a common type
+            TlsExtensionsUtils.addServerCertificateTypeExtensionServer(serverExtensions, credentials.getCertificate().getCertificateType());
+        }
+
+        // RFC 7250 4.2 for client_certificate_type
+        short[] remoteClientCertTypes = TlsExtensionsUtils.getClientCertificateTypeExtensionClient(clientExtensions);
+        if (remoteClientCertTypes != null)
+        {
+            short[] localClientCertTypes = getAllowedClientCertificateTypes();
+            if (localClientCertTypes != null)
+            {
+                short[] preferredTypes;
+                short[] nonPreferredTypes;
+                if (preferLocalClientCertificateTypes())
+                {
+                    preferredTypes = localClientCertTypes;
+                    nonPreferredTypes = remoteClientCertTypes;
+                }
+                else
+                {
+                    preferredTypes = remoteClientCertTypes;
+                    nonPreferredTypes = localClientCertTypes;
+                }
+
+                short selectedType = -1;
+                for (int i = 0; i < preferredTypes.length; i++)
+                {
+                    if (TlsUtils.contains(nonPreferredTypes, 0, nonPreferredTypes.length, preferredTypes[i]))
+                    {
+                        selectedType = preferredTypes[i];
+                        break;
+                    }
+                }
+
+                if (selectedType == -1)
+                {
+                    // outcome 2: we support the extension but have no common types
+                    throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                }
+
+                // outcome 3: we support the extension and have a common type
+                TlsExtensionsUtils.addClientCertificateTypeExtensionServer(serverExtensions, selectedType);
+            } // else outcome 1: we don't support the extension
+        }
+
         return serverExtensions;
     }
 
 
@@ -33,6 +33,7 @@ public class Certificate
     public static class ParseOptions
     {
         private int maxChainLength = Integer.MAX_VALUE;
+        private short certificateType = CertificateType.X509;
 
         public int getMaxChainLength()
         {
@@ -44,6 +45,20 @@ public ParseOptions setMaxChainLength(int maxChainLength)
             this.maxChainLength = maxChainLength;
             return this;
         }
+
+        public short getCertificateType()
+        {
+            return certificateType;
+        }
+
+        /**
+         * Set the {@link CertificateType} according to the IANA TLS Certificate Types registry
+         */
+        public ParseOptions setCertificateType(short certificateType)
+        {
+            this.certificateType = certificateType;
+            return this;
+        }        
     }
 
     private static CertificateEntry[] convert(TlsCertificate[] certificateList)
@@ -64,14 +79,20 @@ private static CertificateEntry[] convert(TlsCertificate[] certificateList)
 
     protected final byte[] certificateRequestContext;
     protected final CertificateEntry[] certificateEntryList;
+    protected final short certificateType;
 
     public Certificate(TlsCertificate[] certificateList)
     {
         this(null, convert(certificateList));
     }
 
-    // TODO[tls13] Prefer to manage the certificateRequestContext internally only? 
     public Certificate(byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)
+    {
+        this(CertificateType.X509, certificateRequestContext, certificateEntryList);
+    }
+
+    // TODO[tls13] Prefer to manage the certificateRequestContext internally only?
+    public Certificate(short certificateType, byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)
     {
         if (null != certificateRequestContext && !TlsUtils.isValidUint8(certificateRequestContext.length))
         {
@@ -84,6 +105,7 @@ public Certificate(byte[] certificateRequestContext, CertificateEntry[] certific
 
         this.certificateRequestContext = TlsUtils.clone(certificateRequestContext);
         this.certificateEntryList = certificateEntryList;
+        this.certificateType = certificateType;
     }
 
     public byte[] getCertificateRequestContext()
@@ -117,7 +139,7 @@ public CertificateEntry[] getCertificateEntryList()
 
     public short getCertificateType()
     {
-        return CertificateType.X509;
+        return certificateType;
     }
 
     public int getLength()
@@ -190,8 +212,13 @@ public void encode(TlsContext context, OutputStream messageOutput, OutputStream
             }
         }
 
-        TlsUtils.checkUint24(totalLength);
-        TlsUtils.writeUint24((int)totalLength, messageOutput);
+        // RFC 7250 indicates the raw key is not wrapped in a cert list like X509 is
+        // but RFC 8446 wraps it in a CertificateEntry, which is inside certificate_list
+        if (isTLSv13 || certificateType != CertificateType.RawPublicKey)
+        {
+            TlsUtils.checkUint24(totalLength);
+            TlsUtils.writeUint24((int)totalLength, messageOutput);
+        }
 
         for (int i = 0; i < count; ++i)
         {
@@ -242,6 +269,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS
     {
         final SecurityParameters securityParameters = context.getSecurityParameters();
         final boolean isTLSv13 = TlsUtils.isTLSv13(securityParameters.getNegotiatedVersion());
+        final short certType = options.getCertificateType();
 
         byte[] certificateRequestContext = null;
         if (isTLSv13)
@@ -254,7 +282,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS
         {
             return !isTLSv13 ? EMPTY_CHAIN
                 :  certificateRequestContext.length < 1 ? EMPTY_CHAIN_TLS13
-                :  new Certificate(certificateRequestContext, EMPTY_CERT_ENTRIES);
+                :  new Certificate(certType, certificateRequestContext, EMPTY_CERT_ENTRIES);
         }
 
         byte[] certListData = TlsUtils.readFully(totalLength, messageInput);
@@ -272,8 +300,20 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS
                     "Certificate chain longer than maximum (" + maxChainLength + ")");
             }
 
-            byte[] derEncoding = TlsUtils.readOpaque24(buf, 1);
-            TlsCertificate cert = crypto.createCertificate(derEncoding);
+            // RFC 7250 indicates the raw key is not wrapped in a cert list like X509 is
+            // but RFC 8446 wraps it in a CertificateEntry, which is inside certificate_list
+            byte[] derEncoding;
+            if (isTLSv13 || certType != CertificateType.RawPublicKey)
+            {
+                derEncoding = TlsUtils.readOpaque24(buf, 1);
+            }
+            else
+            {
+                derEncoding = certListData;
+                buf.skip(totalLength);
+            }
+
+            TlsCertificate cert = crypto.createCertificate(certType, derEncoding);
 
             if (certificate_list.isEmpty() && endPointHashOutput != null)
             {
@@ -297,7 +337,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS
             certificateList[i] = (CertificateEntry)certificate_list.elementAt(i);
         }
 
-        return new Certificate(certificateRequestContext, certificateList);
+        return new Certificate(certType, certificateRequestContext, certificateList);
     }
 
     protected static void calculateEndPointHash(TlsContext context, TlsCertificate cert, byte[] encoding,
 
@@ -579,6 +579,9 @@ protected void processCertificateRequest(ClientHandshakeState state, byte[] body
         TlsProtocol.assertEmpty(buf);
 
         state.certificateRequest = TlsUtils.validateCertificateRequest(certificateRequest, state.keyExchange);
+
+        state.clientContext.getSecurityParametersHandshake().clientCertificateType =
+            TlsExtensionsUtils.getClientCertificateTypeExtensionServer(state.serverExtensions, CertificateType.X509);
     }
 
     protected void processCertificateStatus(ClientHandshakeState state, byte[] body)
@@ -635,7 +638,7 @@ protected void processServerCertificate(ClientHandshakeState state, byte[] body)
         throws IOException
     {
         state.authentication = TlsUtils.receiveServerCertificate(state.clientContext, state.client,
-            new ByteArrayInputStream(body));
+            new ByteArrayInputStream(body), state.serverExtensions);
     }
 
     protected void processServerHello(ClientHandshakeState state, byte[] body)
 
@@ -640,6 +640,7 @@ protected void processClientCertificate(ServerHandshakeState state, byte[] body)
         ByteArrayInputStream buf = new ByteArrayInputStream(body);
 
         Certificate.ParseOptions options = new Certificate.ParseOptions()
+            .setCertificateType(TlsExtensionsUtils.getClientCertificateTypeExtensionServer(state.clientExtensions, CertificateType.X509))
             .setMaxChainLength(state.server.getMaxCertificateChainLength());
 
         Certificate clientCertificate = Certificate.parse(options, state.serverContext, buf, null);
 
@@ -58,6 +58,7 @@ public class SecurityParameters
     Certificate peerCertificate = null;
     ProtocolVersion negotiatedVersion = null;
     int statusRequestVersion = 0;
+    short clientCertificateType = -1;
 
     // TODO[tls-ops] Investigate whether we can handle verify data using TlsSecret
     byte[] localVerifyData = null;
@@ -367,6 +368,11 @@ public int getStatusRequestVersion()
         return statusRequestVersion;
     }
 
+    public short getClientCertificateType()
+    {
+        return clientCertificateType;
+    }
+
     private static TlsSecret clearSecret(TlsSecret secret)
     {
         if (null != secret)
 
@@ -408,7 +408,7 @@ protected void handleHandshakeMessage(short type, HandshakeMessageInput buf)
                  * NOTE: Certificate processing (including authentication) is delayed to allow for a
                  * possible CertificateStatus message.
                  */
-                this.authentication = TlsUtils.receiveServerCertificate(tlsClientContext, tlsClient, buf);
+                this.authentication = TlsUtils.receiveServerCertificate(tlsClientContext, tlsClient, buf, serverExtensions);
                 break;
             }
             default:
@@ -1469,6 +1469,9 @@ protected void receive13CertificateRequest(ByteArrayInputStream buf, boolean pos
 
         this.certificateRequest = certificateRequest;
 
+        tlsClientContext.getSecurityParametersHandshake().clientCertificateType =
+            TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509);
+
         TlsUtils.establishServerSigAlgs(tlsClientContext.getSecurityParametersHandshake(), certificateRequest);
     }
 
@@ -1580,7 +1583,7 @@ protected void receive13ServerCertificate(ByteArrayInputStream buf)
             throw new TlsFatalAlert(AlertDescription.unexpected_message);
         }
 
-        this.authentication = TlsUtils.receive13ServerCertificate(tlsClientContext, tlsClient, buf);
+        this.authentication = TlsUtils.receive13ServerCertificate(tlsClientContext, tlsClient, buf, serverExtensions);
 
         // NOTE: In TLS 1.3 we don't have to wait for a possible CertificateStatus message.
         handleServerCertificate();
@@ -1624,6 +1627,9 @@ protected void receiveCertificateRequest(ByteArrayInputStream buf) throws IOExce
         assertEmpty(buf);
 
         this.certificateRequest = TlsUtils.validateCertificateRequest(certificateRequest, keyExchange);
+
+        tlsClientContext.getSecurityParametersHandshake().clientCertificateType =
+            TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509);        
     }
 
     protected void receiveNewSessionTicket(ByteArrayInputStream buf)
 
@@ -304,11 +304,11 @@ public static short[] getClientCertificateTypeExtensionClient(Hashtable extensio
         return extensionData == null ? null : readCertificateTypeExtensionClient(extensionData);
     }
 
-    public static short getClientCertificateTypeExtensionServer(Hashtable extensions)
+    public static short getClientCertificateTypeExtensionServer(Hashtable extensions, short defaultValue)
         throws IOException
     {
         byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_client_certificate_type);
-        return extensionData == null ? -1 : readCertificateTypeExtensionServer(extensionData);
+        return extensionData == null ? defaultValue : readCertificateTypeExtensionServer(extensionData);
     }
 
     public static int[] getCompressCertificateExtension(Hashtable extensions)
@@ -415,11 +415,11 @@ public static short[] getServerCertificateTypeExtensionClient(Hashtable extensio
         return extensionData == null ? null : readCertificateTypeExtensionClient(extensionData);
     }
 
-    public static short getServerCertificateTypeExtensionServer(Hashtable extensions)
+    public static short getServerCertificateTypeExtensionServer(Hashtable extensions, short defaultValue)
         throws IOException
     {
         byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_server_certificate_type);
-        return extensionData == null ? -1 : readCertificateTypeExtensionServer(extensionData);
+        return extensionData == null ? defaultValue : readCertificateTypeExtensionServer(extensionData);
     }
 
     public static Vector getServerNameExtensionClient(Hashtable extensions)
 
@@ -1418,6 +1418,7 @@ protected void receive13ClientCertificate(ByteArrayInputStream buf)
         }
 
         Certificate.ParseOptions options = new Certificate.ParseOptions()
+            .setCertificateType(TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509))            
             .setMaxChainLength(tlsServer.getMaxCertificateChainLength());
 
         Certificate clientCertificate = Certificate.parse(options, tlsServerContext, buf, null);
@@ -1457,6 +1458,7 @@ protected void receiveCertificateMessage(ByteArrayInputStream buf)
         }
 
         Certificate.ParseOptions options = new Certificate.ParseOptions()
+            .setCertificateType(TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509))            
             .setMaxChainLength(tlsServer.getMaxCertificateChainLength());
 
         Certificate clientCertificate = Certificate.parse(options, tlsServerContext, buf, null);
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,7 @@ public class Certificate`
`33`	`33`	`public static class ParseOptions`
`34`	`34`	`{`
`35`	`35`	`private int maxChainLength = Integer.MAX_VALUE;`
	`36`	`+ private short certificateType = CertificateType.X509;`
`36`	`37`
`37`	`38`	`public int getMaxChainLength()`
`38`	`39`	`{`
`@@ -44,6 +45,20 @@ public ParseOptions setMaxChainLength(int maxChainLength)`
`44`	`45`	`this.maxChainLength = maxChainLength;`
`45`	`46`	`return this;`
`46`	`47`	`}`
	`48`	`+`
	`49`	`+ public short getCertificateType()`
	`50`	`+ {`
	`51`	`+ return certificateType;`
	`52`	`+ }`
	`53`	`+`
	`54`	`+ /**`
	`55`	`+ * Set the {@link CertificateType} according to the IANA TLS Certificate Types registry`
	`56`	`+ */`
	`57`	`+ public ParseOptions setCertificateType(short certificateType)`
	`58`	`+ {`
	`59`	`+ this.certificateType = certificateType;`
	`60`	`+ return this;`
	`61`	`+ }`
`47`	`62`	`}`
`48`	`63`
`49`	`64`	`private static CertificateEntry[] convert(TlsCertificate[] certificateList)`
`@@ -64,14 +79,20 @@ private static CertificateEntry[] convert(TlsCertificate[] certificateList)`
`64`	`79`
`65`	`80`	`protected final byte[] certificateRequestContext;`
`66`	`81`	`protected final CertificateEntry[] certificateEntryList;`
	`82`	`+ protected final short certificateType;`
`67`	`83`
`68`	`84`	`public Certificate(TlsCertificate[] certificateList)`
`69`	`85`	`{`
`70`	`86`	`this(null, convert(certificateList));`
`71`	`87`	`}`
`72`	`88`
`73`		`- // TODO[tls13] Prefer to manage the certificateRequestContext internally only?`
`74`	`89`	`public Certificate(byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)`
	`90`	`+ {`
	`91`	`+ this(CertificateType.X509, certificateRequestContext, certificateEntryList);`
	`92`	`+ }`
	`93`	`+`
	`94`	`+ // TODO[tls13] Prefer to manage the certificateRequestContext internally only?`
	`95`	`+ public Certificate(short certificateType, byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)`
`75`	`96`	`{`
`76`	`97`	`if (null != certificateRequestContext && !TlsUtils.isValidUint8(certificateRequestContext.length))`
`77`	`98`	`{`
`@@ -84,6 +105,7 @@ public Certificate(byte[] certificateRequestContext, CertificateEntry[] certific`
`84`	`105`
`85`	`106`	`this.certificateRequestContext = TlsUtils.clone(certificateRequestContext);`
`86`	`107`	`this.certificateEntryList = certificateEntryList;`
	`108`	`+ this.certificateType = certificateType;`
`87`	`109`	`}`
`88`	`110`
`89`	`111`	`public byte[] getCertificateRequestContext()`
`@@ -117,7 +139,7 @@ public CertificateEntry[] getCertificateEntryList()`
`117`	`139`
`118`	`140`	`public short getCertificateType()`
`119`	`141`	`{`
`120`		`- return CertificateType.X509;`
	`142`	`+ return certificateType;`
`121`	`143`	`}`
`122`	`144`
`123`	`145`	`public int getLength()`
`@@ -190,8 +212,13 @@ public void encode(TlsContext context, OutputStream messageOutput, OutputStream`
`190`	`212`	`}`
`191`	`213`	`}`
`192`	`214`
`193`		`- TlsUtils.checkUint24(totalLength);`
`194`		`- TlsUtils.writeUint24((int)totalLength, messageOutput);`
	`215`	`+ // RFC 7250 indicates the raw key is not wrapped in a cert list like X509 is`
	`216`	`+ // but RFC 8446 wraps it in a CertificateEntry, which is inside certificate_list`
	`217`	`+ if (isTLSv13 \|\| certificateType != CertificateType.RawPublicKey)`
	`218`	`+ {`
	`219`	`+ TlsUtils.checkUint24(totalLength);`
	`220`	`+ TlsUtils.writeUint24((int)totalLength, messageOutput);`
	`221`	`+ }`
`195`	`222`
`196`	`223`	`for (int i = 0; i < count; ++i)`
`197`	`224`	`{`
`@@ -242,6 +269,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS`
`242`	`269`	`{`
`243`	`270`	`final SecurityParameters securityParameters = context.getSecurityParameters();`
`244`	`271`	`final boolean isTLSv13 = TlsUtils.isTLSv13(securityParameters.getNegotiatedVersion());`
	`272`	`+ final short certType = options.getCertificateType();`
`245`	`273`
`246`	`274`	`byte[] certificateRequestContext = null;`
`247`	`275`	`if (isTLSv13)`
`@@ -254,7 +282,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS`
`254`	`282`	`{`
`255`	`283`	`return !isTLSv13 ? EMPTY_CHAIN`
`256`	`284`	`: certificateRequestContext.length < 1 ? EMPTY_CHAIN_TLS13`
`257`		`- : new Certificate(certificateRequestContext, EMPTY_CERT_ENTRIES);`
	`285`	`+ : new Certificate(certType, certificateRequestContext, EMPTY_CERT_ENTRIES);`
`258`	`286`	`}`
`259`	`287`
`260`	`288`	`byte[] certListData = TlsUtils.readFully(totalLength, messageInput);`
`@@ -272,8 +300,20 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS`
`272`	`300`	`"Certificate chain longer than maximum (" + maxChainLength + ")");`
`273`	`301`	`}`
`274`	`302`
`275`		`- byte[] derEncoding = TlsUtils.readOpaque24(buf, 1);`
`276`		`- TlsCertificate cert = crypto.createCertificate(derEncoding);`
	`303`	`+ // RFC 7250 indicates the raw key is not wrapped in a cert list like X509 is`
	`304`	`+ // but RFC 8446 wraps it in a CertificateEntry, which is inside certificate_list`
	`305`	`+ byte[] derEncoding;`
	`306`	`+ if (isTLSv13 \|\| certType != CertificateType.RawPublicKey)`
	`307`	`+ {`
	`308`	`+ derEncoding = TlsUtils.readOpaque24(buf, 1);`
	`309`	`+ }`
	`310`	`+ else`
	`311`	`+ {`
	`312`	`+ derEncoding = certListData;`
	`313`	`+ buf.skip(totalLength);`
	`314`	`+ }`
	`315`	`+`
	`316`	`+ TlsCertificate cert = crypto.createCertificate(certType, derEncoding);`
`277`	`317`
`278`	`318`	`if (certificate_list.isEmpty() && endPointHashOutput != null)`
`279`	`319`	`{`
`@@ -297,7 +337,7 @@ public static Certificate parse(ParseOptions options, TlsContext context, InputS`
`297`	`337`	`certificateList[i] = (CertificateEntry)certificate_list.elementAt(i);`
`298`	`338`	`}`
`299`	`339`
`300`		`- return new Certificate(certificateRequestContext, certificateList);`
	`340`	`+ return new Certificate(certType, certificateRequestContext, certificateList);`
`301`	`341`	`}`
`302`	`342`
`303`	`343`	`protected static void calculateEndPointHash(TlsContext context, TlsCertificate cert, byte[] encoding,`
Original file line number	Diff line number	Diff line change
`@@ -579,6 +579,9 @@ protected void processCertificateRequest(ClientHandshakeState state, byte[] body`
`579`	`579`	`TlsProtocol.assertEmpty(buf);`
`580`	`580`
`581`	`581`	`state.certificateRequest = TlsUtils.validateCertificateRequest(certificateRequest, state.keyExchange);`
	`582`	`+`
	`583`	`+ state.clientContext.getSecurityParametersHandshake().clientCertificateType =`
	`584`	`+ TlsExtensionsUtils.getClientCertificateTypeExtensionServer(state.serverExtensions, CertificateType.X509);`
`582`	`585`	`}`
`583`	`586`
`584`	`587`	`protected void processCertificateStatus(ClientHandshakeState state, byte[] body)`
`@@ -635,7 +638,7 @@ protected void processServerCertificate(ClientHandshakeState state, byte[] body)`
`635`	`638`	`throws IOException`
`636`	`639`	`{`
`637`	`640`	`state.authentication = TlsUtils.receiveServerCertificate(state.clientContext, state.client,`
`638`		`- new ByteArrayInputStream(body));`
	`641`	`+ new ByteArrayInputStream(body), state.serverExtensions);`
`639`	`642`	`}`
`640`	`643`
`641`	`644`	`protected void processServerHello(ClientHandshakeState state, byte[] body)`
Original file line number	Diff line number	Diff line change
`@@ -304,11 +304,11 @@ public static short[] getClientCertificateTypeExtensionClient(Hashtable extensio`
`304`	`304`	`return extensionData == null ? null : readCertificateTypeExtensionClient(extensionData);`
`305`	`305`	`}`
`306`	`306`
`307`		`- public static short getClientCertificateTypeExtensionServer(Hashtable extensions)`
	`307`	`+ public static short getClientCertificateTypeExtensionServer(Hashtable extensions, short defaultValue)`
`308`	`308`	`throws IOException`
`309`	`309`	`{`
`310`	`310`	`byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_client_certificate_type);`
`311`		`- return extensionData == null ? -1 : readCertificateTypeExtensionServer(extensionData);`
	`311`	`+ return extensionData == null ? defaultValue : readCertificateTypeExtensionServer(extensionData);`
`312`	`312`	`}`
`313`	`313`
`314`	`314`	`public static int[] getCompressCertificateExtension(Hashtable extensions)`
`@@ -415,11 +415,11 @@ public static short[] getServerCertificateTypeExtensionClient(Hashtable extensio`
`415`	`415`	`return extensionData == null ? null : readCertificateTypeExtensionClient(extensionData);`
`416`	`416`	`}`
`417`	`417`
`418`		`- public static short getServerCertificateTypeExtensionServer(Hashtable extensions)`
	`418`	`+ public static short getServerCertificateTypeExtensionServer(Hashtable extensions, short defaultValue)`
`419`	`419`	`throws IOException`
`420`	`420`	`{`
`421`	`421`	`byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_server_certificate_type);`
`422`		`- return extensionData == null ? -1 : readCertificateTypeExtensionServer(extensionData);`
	`422`	`+ return extensionData == null ? defaultValue : readCertificateTypeExtensionServer(extensionData);`
`423`	`423`	`}`
`424`	`424`
`425`	`425`	`public static Vector getServerNameExtensionClient(Hashtable extensions)`
Original file line number	Diff line number	Diff line change
`@@ -1418,6 +1418,7 @@ protected void receive13ClientCertificate(ByteArrayInputStream buf)`
`1418`	`1418`	`}`
`1419`	`1419`
`1420`	`1420`	`Certificate.ParseOptions options = new Certificate.ParseOptions()`
	`1421`	`+ .setCertificateType(TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509))`
`1421`	`1422`	`.setMaxChainLength(tlsServer.getMaxCertificateChainLength());`
`1422`	`1423`
`1423`	`1424`	`Certificate clientCertificate = Certificate.parse(options, tlsServerContext, buf, null);`
`@@ -1457,6 +1458,7 @@ protected void receiveCertificateMessage(ByteArrayInputStream buf)`
`1457`	`1458`	`}`
`1458`	`1459`
`1459`	`1460`	`Certificate.ParseOptions options = new Certificate.ParseOptions()`
	`1461`	`+ .setCertificateType(TlsExtensionsUtils.getClientCertificateTypeExtensionServer(serverExtensions, CertificateType.X509))`
`1460`	`1462`	`.setMaxChainLength(tlsServer.getMaxCertificateChainLength());`
`1461`	`1463`
`1462`	`1464`	`Certificate clientCertificate = Certificate.parse(options, tlsServerContext, buf, null);`