diff --git a/crypto/src/tls/SecurityParameters.cs b/crypto/src/tls/SecurityParameters.cs
index 1f63f6f33..23a83a65f 100644
--- a/crypto/src/tls/SecurityParameters.cs
+++ b/crypto/src/tls/SecurityParameters.cs
@@ -22,7 +22,6 @@ namespace Org.BouncyCastle.Tls
internal TlsSecret m_exporterMasterSecret = null;
internal TlsSecret m_handshakeSecret = null;
internal TlsSecret m_masterSecret = null;
- internal TlsSecret m_preSharedKey = null;
internal TlsSecret m_sharedSecret = null;
internal TlsSecret m_trafficSecretClient = null;
internal TlsSecret m_trafficSecretServer = null;
@@ -79,7 +78,6 @@ namespace Org.BouncyCastle.Tls
this.m_exporterMasterSecret = ClearSecret(m_exporterMasterSecret);
this.m_handshakeSecret = ClearSecret(m_handshakeSecret);
this.m_masterSecret = ClearSecret(m_masterSecret);
- this.m_preSharedKey = null;
this.m_sharedSecret = ClearSecret(m_sharedSecret);
}
@@ -228,11 +226,6 @@ namespace Org.BouncyCastle.Tls
get { return m_peerVerifyData; }
}
- public TlsSecret PreSharedKey
- {
- get { return m_preSharedKey; }
- }
-
public int PrfAlgorithm
{
get { return m_prfAlgorithm; }
diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs
index 8fb1a39b7..190a1927f 100644
--- a/crypto/src/tls/TlsClientProtocol.cs
+++ b/crypto/src/tls/TlsClientProtocol.cs
@@ -954,7 +954,10 @@ namespace Org.BouncyCastle.Tls
agreement.ReceivePeerValue(keyShareEntry.KeyExchange);
securityParameters.m_sharedSecret = agreement.CalculateSecret();
- TlsUtilities.Establish13PhaseSecrets(m_tlsClientContext);
+ // TODO[tls13-psk] Use PSK early secret if negotiated
+ TlsSecret pskEarlySecret = null;
+
+ TlsUtilities.Establish13PhaseSecrets(m_tlsClientContext, pskEarlySecret);
}
{
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index a7e0e0120..2afb625a8 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -332,7 +332,11 @@ namespace Org.BouncyCastle.Tls
agreement.ReceivePeerValue(clientShare.KeyExchange);
securityParameters.m_sharedSecret = agreement.CalculateSecret();
- TlsUtilities.Establish13PhaseSecrets(m_tlsServerContext);
+
+ // TODO[tls13-psk] Use PSK early secret if negotiated
+ TlsSecret pskEarlySecret = null;
+
+ TlsUtilities.Establish13PhaseSecrets(m_tlsServerContext, pskEarlySecret);
}
this.m_serverExtensions = serverEncryptedExtensions;
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index e48a44452..a80e6da32 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -1559,7 +1559,7 @@ namespace Org.BouncyCastle.Tls
return Prf(securityParameters, master_secret, asciiLabel, prfHash, verify_data_length).Extract();
}
- internal static void Establish13PhaseSecrets(TlsContext context)
+ internal static void Establish13PhaseSecrets(TlsContext context, TlsSecret pskEarlySecret)
{
TlsCrypto crypto = context.Crypto;
SecurityParameters securityParameters = context.SecurityParameters;
@@ -1567,15 +1567,14 @@ namespace Org.BouncyCastle.Tls
TlsSecret zeros = crypto.HkdfInit(cryptoHashAlgorithm);
byte[] emptyTranscriptHash = crypto.CreateHash(cryptoHashAlgorithm).CalculateHash();
- TlsSecret preSharedKey = securityParameters.PreSharedKey;
- if (null == preSharedKey)
+ TlsSecret earlySecret = pskEarlySecret;
+ if (null == earlySecret)
{
- preSharedKey = zeros;
+ earlySecret = crypto
+ .HkdfInit(cryptoHashAlgorithm)
+ .HkdfExtract(cryptoHashAlgorithm, zeros);
}
- TlsSecret earlySecret = crypto.HkdfInit(cryptoHashAlgorithm)
- .HkdfExtract(cryptoHashAlgorithm, preSharedKey);
-
TlsSecret sharedSecret = securityParameters.SharedSecret;
if (null == sharedSecret)
{
@@ -1596,7 +1595,6 @@ namespace Org.BouncyCastle.Tls
securityParameters.m_earlySecret = earlySecret;
securityParameters.m_handshakeSecret = handshakeSecret;
securityParameters.m_masterSecret = masterSecret;
- securityParameters.m_preSharedKey = null;
securityParameters.m_sharedSecret = null;
}
|
