summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/src/crypto/tls/AbstractTlsContext.cs30
1 files changed, 21 insertions, 9 deletions
diff --git a/crypto/src/crypto/tls/AbstractTlsContext.cs b/crypto/src/crypto/tls/AbstractTlsContext.cs
index 4c484fe64..bbcdb5ebc 100644
--- a/crypto/src/crypto/tls/AbstractTlsContext.cs
+++ b/crypto/src/crypto/tls/AbstractTlsContext.cs
@@ -2,6 +2,7 @@
 using System.Threading;
 
 using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Crypto.Utilities;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 
@@ -28,6 +29,25 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 #endif
 
+        private static IRandomGenerator CreateNonceRandom(SecureRandom secureRandom, int connectionEnd)
+        {
+            byte[] additionalSeedMaterial = new byte[16];
+            Pack.UInt64_To_BE((ulong)NextCounterValue(), additionalSeedMaterial, 0);
+            Pack.UInt64_To_BE((ulong)Times.NanoTime(), additionalSeedMaterial, 8);
+            additionalSeedMaterial[0] &= 0x7F;
+            additionalSeedMaterial[0] |= (byte)(connectionEnd << 7);
+
+            IDigest digest = TlsUtilities.CreateHash(HashAlgorithm.sha256);
+
+            byte[] seed = new byte[digest.GetDigestSize()];
+            secureRandom.NextBytes(seed);
+
+            IRandomGenerator nonceRandom = new DigestRandomGenerator(digest);
+            nonceRandom.AddSeedMaterial(additionalSeedMaterial);
+            nonceRandom.AddSeedMaterial(seed);
+            return nonceRandom;
+        }
+
         private readonly IRandomGenerator mNonceRandom;
         private readonly SecureRandom mSecureRandom;
         private readonly SecurityParameters mSecurityParameters;
@@ -39,17 +59,9 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         internal AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
         {
-            IDigest d = TlsUtilities.CreateHash(HashAlgorithm.sha256);
-            byte[] seed = new byte[d.GetDigestSize()];
-            secureRandom.NextBytes(seed);
-
-            this.mNonceRandom = new DigestRandomGenerator(d);
-            mNonceRandom.AddSeedMaterial(NextCounterValue());
-            mNonceRandom.AddSeedMaterial(Times.NanoTime());
-            mNonceRandom.AddSeedMaterial(seed);
-
             this.mSecureRandom = secureRandom;
             this.mSecurityParameters = securityParameters;
+            this.mNonceRandom = CreateNonceRandom(secureRandom, securityParameters.Entity);
         }
 
         public virtual IRandomGenerator NonceRandomGenerator
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 21:26:13 +0000