summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2023-12-14 22:15:01 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2023-12-14 22:15:01 +0700
commitc92ce7eb73aa2f26b40e338b03083444f1a5b2f4 (patch)
tree33f8b6577815cd87c96918e85b6de11493727f99
parentRefactoring in Pqc.Crypto.Lms (diff)
downloadBouncyCastle.NET-ed25519-c92ce7eb73aa2f26b40e338b03083444f1a5b2f4.tar.xz
Refactoring in BcTlsSecret
-rw-r--r--crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs143
1 files changed, 68 insertions, 75 deletions
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
index fdd67fc71..c4538531d 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
@@ -98,126 +98,119 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
             return HkdfExpand(cryptoHashAlgorithm, info.AsSpan(), length);
 #else
-            lock (this)
-            {
-                if (length < 1)
-                    return m_crypto.AdoptLocalSecret(TlsUtilities.EmptyBytes);
+            if (length < 1)
+                return m_crypto.AdoptLocalSecret(TlsUtilities.EmptyBytes);
 
-                int hashLen = TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
-                if (length > (255 * hashLen))
-                    throw new ArgumentException("must be <= 255 * (output size of 'hashAlgorithm')", "length");
+            int hashLen = TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
+            if (length > (255 * hashLen))
+                throw new ArgumentException("must be <= 255 * (output size of 'hashAlgorithm')", "length");
 
+            HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
+
+            lock (this)
+            {
                 CheckAlive();
 
                 byte[] prk = m_data;
 
-                HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
                 hmac.Init(new KeyParameter(prk));
+            }
+
+            byte[] okm = new byte[length];
 
-                byte[] okm = new byte[length];
+            byte[] t = new byte[hashLen];
+            byte counter = 0x00;
 
-                byte[] t = new byte[hashLen];
-                byte counter = 0x00;
+            int pos = 0;
+            for (;;)
+            {
+                hmac.BlockUpdate(info, 0, info.Length);
+                hmac.Update(++counter);
+                hmac.DoFinal(t, 0);
 
-                int pos = 0;
-                for (;;)
+                int remaining = length - pos;
+                if (remaining <= hashLen)
                 {
-                    hmac.BlockUpdate(info, 0, info.Length);
-                    hmac.Update(++counter);
-                    hmac.DoFinal(t, 0);
-
-                    int remaining = length - pos;
-                    if (remaining <= hashLen)
-                    {
-                        Array.Copy(t, 0, okm, pos, remaining);
-                        break;
-                    }
-
-                    Array.Copy(t, 0, okm, pos, hashLen);
-                    pos += hashLen;
-                    hmac.BlockUpdate(t, 0, t.Length);
+                    Array.Copy(t, 0, okm, pos, remaining);
+                    break;
                 }
 
-                return m_crypto.AdoptLocalSecret(okm);
+                Array.Copy(t, 0, okm, pos, hashLen);
+                pos += hashLen;
+                hmac.BlockUpdate(t, 0, t.Length);
             }
+
+            return m_crypto.AdoptLocalSecret(okm);
 #endif
         }
 
 #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
         public override TlsSecret HkdfExpand(int cryptoHashAlgorithm, ReadOnlySpan<byte> info, int length)
         {
-            lock (this)
-            {
-                if (length < 1)
-                    return m_crypto.AdoptLocalSecret(TlsUtilities.EmptyBytes);
+            if (length < 1)
+                return m_crypto.AdoptLocalSecret(TlsUtilities.EmptyBytes);
+
+            int hashLen = TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
+            if (length > (255 * hashLen))
+                throw new ArgumentException("must be <= 255 * (output size of 'hashAlgorithm')", "length");
 
-                int hashLen = TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
-                if (length > (255 * hashLen))
-                    throw new ArgumentException("must be <= 255 * (output size of 'hashAlgorithm')", "length");
+            HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
 
+            lock (this)
+            {
                 CheckAlive();
 
                 ReadOnlySpan<byte> prk = m_data;
 
-                HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
                 hmac.Init(new KeyParameter(prk));
+            }
 
-                byte[] okm = new byte[length];
+            byte[] okm = new byte[length];
 
-                Span<byte> t = hashLen <= 128
-                    ? stackalloc byte[hashLen]
-                    : new byte[hashLen];
-                byte counter = 0x00;
+            Span<byte> t = hashLen <= 128
+                ? stackalloc byte[hashLen]
+                : new byte[hashLen];
+            byte counter = 0x00;
 
-                int pos = 0;
-                for (;;)
+            int pos = 0;
+            for (;;)
+            {
+                hmac.BlockUpdate(info);
+                hmac.Update(++counter);
+                hmac.DoFinal(t);
+
+                int remaining = length - pos;
+                if (remaining <= hashLen)
                 {
-                    hmac.BlockUpdate(info);
-                    hmac.Update(++counter);
-                    hmac.DoFinal(t);
-
-                    int remaining = length - pos;
-                    if (remaining <= hashLen)
-                    {
-                        t[..remaining].CopyTo(okm.AsSpan(pos));
-                        break;
-                    }
-
-                    t.CopyTo(okm.AsSpan(pos));
-                    pos += hashLen;
-                    hmac.BlockUpdate(t);
+                    t[..remaining].CopyTo(okm.AsSpan(pos));
+                    break;
                 }
 
-                return m_crypto.AdoptLocalSecret(okm);
+                t.CopyTo(okm.AsSpan(pos));
+                pos += hashLen;
+                hmac.BlockUpdate(t);
             }
+
+            return m_crypto.AdoptLocalSecret(okm);
         }
 #endif
 
         public override TlsSecret HkdfExtract(int cryptoHashAlgorithm, TlsSecret ikm)
         {
-            lock (this)
-            {
-                CheckAlive();
-
-                byte[] salt = m_data;
-                this.m_data = null;
+            byte[] salt = Extract();
 
-                HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
-                hmac.Init(new KeyParameter(salt));
+            HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm));
+            hmac.Init(new KeyParameter(salt));
 
-                Convert(m_crypto, ikm).UpdateMac(hmac);
+            Convert(m_crypto, ikm).UpdateMac(hmac);
 
-                byte[] prk = new byte[hmac.GetMacSize()];
-                hmac.DoFinal(prk, 0);
+            byte[] prk = new byte[hmac.GetMacSize()];
+            hmac.DoFinal(prk, 0);
 
-                return m_crypto.AdoptLocalSecret(prk);
-            }
+            return m_crypto.AdoptLocalSecret(prk);
         }
 
-        protected override AbstractTlsCrypto Crypto
-        {
-            get { return m_crypto; }
-        }
+        protected override AbstractTlsCrypto Crypto => m_crypto;
 
         protected virtual void HmacHash(int cryptoHashAlgorithm, byte[] secret, int secretOff, int secretLen,
             byte[] seed, byte[] output)