Extended master secret uses a different label in PRF

author: Peter Dettman <peter.dettman@bouncycastle.org> 2014-08-26 15:34:13 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2014-08-26 15:34:13 +0700
commit: 791063db08a6f8254d10b1b0e6d5f4f0827b8b0e (patch)
tree: e628a298b3b5bd7db7327f55ee7bb2c17d34c12c /crypto/src
parent: Initial implementation of draft-ietf-tls-session-hash-01 (diff)
download: BouncyCastle.NET-ed25519-791063db08a6f8254d10b1b0e6d5f4f0827b8b0e.tar.xz
2 files changed, 13 insertions, 10 deletions
diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs
index f301ea3c0..280321e2a 100644
--- a/crypto/src/crypto/tls/ExporterLabel.cs
+++ b/crypto/src/crypto/tls/ExporterLabel.cs
@@ -28,5 +28,10 @@ namespace Org.BouncyCastle.Crypto.Tls
          * RFC 5764
          */
         public const string dtls_srtp = "EXTRACTOR-dtls_srtp";
+
+        /*
+         * draft-ietf-tls-session-hash-01
+         */
+        public static readonly string extended_master_secret = "extended master secret";
     }
 }
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index bbd3e880d..29310100a 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -871,22 +871,20 @@ namespace Org.BouncyCastle.Crypto.Tls
         {
             SecurityParameters securityParameters = context.SecurityParameters;
 
-            byte[] seed;
-            if (securityParameters.extendedMasterSecret)
-            {
-                seed = securityParameters.SessionHash;
-            }
-            else
-            {
-                seed = Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
-            }
+            byte[] seed = securityParameters.extendedMasterSecret
+                ?   securityParameters.SessionHash
+                :   Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
 
             if (IsSsl(context))
             {
                 return CalculateMasterSecret_Ssl(pre_master_secret, seed);
             }
 
-            return PRF(context, pre_master_secret, ExporterLabel.master_secret, seed, 48);
+            string asciiLabel = securityParameters.extendedMasterSecret
+                ? ExporterLabel.extended_master_secret
+                : ExporterLabel.master_secret;
+
+            return PRF(context, pre_master_secret, asciiLabel, seed, 48);
         }
 
         internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random)
author	Peter Dettman <peter.dettman@bouncycastle.org>	2014-08-26 15:34:13 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2014-08-26 15:34:13 +0700
commit	791063db08a6f8254d10b1b0e6d5f4f0827b8b0e (patch)
tree	e628a298b3b5bd7db7327f55ee7bb2c17d34c12c /crypto/src
parent	Initial implementation of draft-ietf-tls-session-hash-01 (diff)
download	BouncyCastle.NET-ed25519-791063db08a6f8254d10b1b0e6d5f4f0827b8b0e.tar.xz