3 files changed, 40 insertions, 29 deletions
diff --git a/crypto/src/tls/crypto/impl/TlsImplUtilities.cs b/crypto/src/tls/crypto/impl/TlsImplUtilities.cs
index db936e6b7..dc5a96288 100644
--- a/crypto/src/tls/crypto/impl/TlsImplUtilities.cs
+++ b/crypto/src/tls/crypto/impl/TlsImplUtilities.cs
@@ -56,20 +56,9 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
         {
             SecurityParameters securityParameters = cryptoParams.SecurityParameters;
             TlsSecret master_secret = securityParameters.MasterSecret;
+            int prfAlgorithm = securityParameters.PrfAlgorithm;
             byte[] seed = Arrays.Concatenate(securityParameters.ServerRandom, securityParameters.ClientRandom);
-            return Prf(securityParameters, master_secret, ExporterLabel.key_expansion, seed, length).Extract();
-        }
-
-        public static TlsSecret Prf(SecurityParameters securityParameters, TlsSecret secret, string asciiLabel,
-            byte[] seed, int length)
-        {
-            return secret.DeriveUsingPrf(securityParameters.PrfAlgorithm, asciiLabel, seed, length);
-        }
-
-        public static TlsSecret Prf(TlsCryptoParameters cryptoParams, TlsSecret secret, string asciiLabel, byte[] seed,
-            int length)
-        {
-            return Prf(cryptoParams.SecurityParameters, secret, asciiLabel, seed, length);
+            return master_secret.DeriveUsingPrf(prfAlgorithm, ExporterLabel.key_expansion, seed, length).Extract();
         }
     }
 }
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
index e763422ed..59a3a25ed 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
@@ -235,7 +235,18 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
 
         public override bool HasMacAlgorithm(int macAlgorithm)
         {
-            return true;
+            switch (macAlgorithm)
+            {
+            case MacAlgorithm.hmac_md5:
+            case MacAlgorithm.hmac_sha1:
+            case MacAlgorithm.hmac_sha256:
+            case MacAlgorithm.hmac_sha384:
+            case MacAlgorithm.hmac_sha512:
+                return true;
+
+            default:
+                return false;
+            }
         }
 
         public override bool HasNamedGroup(int namedGroup)
@@ -284,10 +295,10 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
 
             switch (sigAndHashAlgorithm.Hash)
             {
-                case HashAlgorithm.md5:
-                    return SignatureAlgorithm.rsa == signature && HasSignatureAlgorithm(signature);
-                default:
-                    return HasSignatureAlgorithm(signature);
+            case HashAlgorithm.md5:
+                return SignatureAlgorithm.rsa == signature && HasSignatureAlgorithm(signature);
+            default:
+                return HasSignatureAlgorithm(signature);
             }
         }
 
@@ -577,7 +588,18 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
 
         public override TlsHmac CreateHmac(int macAlgorithm)
         {
-            return CreateHmacForHash(TlsCryptoUtilities.GetHashForHmac(macAlgorithm));
+            switch (macAlgorithm)
+            {
+            case MacAlgorithm.hmac_md5:
+            case MacAlgorithm.hmac_sha1:
+            case MacAlgorithm.hmac_sha256:
+            case MacAlgorithm.hmac_sha384:
+            case MacAlgorithm.hmac_sha512:
+                return CreateHmacForHash(TlsCryptoUtilities.GetHashForHmac(macAlgorithm));
+
+            default:
+                throw new ArgumentException("invalid MacAlgorithm: " + macAlgorithm);
+            }
         }
 
         public override TlsHmac CreateHmacForHash(int cryptoHashAlgorithm)
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
index cae380141..9cd060d18 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs
@@ -98,10 +98,10 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
                 byte counter = 0x00;
 
                 int pos = 0;
-                for (; ; )
+                for (;;)
                 {
                     hmac.BlockUpdate(info, 0, info.Length);
-                    hmac.Update((byte)++counter);
+                    hmac.Update(++counter);
                     hmac.DoFinal(t, 0);
 
                     int remaining = length - pos;
@@ -150,12 +150,12 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
             byte[] seed, byte[] output)
         {
             IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm);
-            HMac mac = new HMac(digest);
-            mac.Init(new KeyParameter(secret, secretOff, secretLen));
+            HMac hmac = new HMac(digest);
+            hmac.Init(new KeyParameter(secret, secretOff, secretLen));
 
             byte[] a = seed;
 
-            int macSize = mac.GetMacSize();
+            int macSize = hmac.GetMacSize();
 
             byte[] b1 = new byte[macSize];
             byte[] b2 = new byte[macSize];
@@ -163,12 +163,12 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
             int pos = 0;
             while (pos < output.Length)
             {
-                mac.BlockUpdate(a, 0, a.Length);
-                mac.DoFinal(b1, 0);
+                hmac.BlockUpdate(a, 0, a.Length);
+                hmac.DoFinal(b1, 0);
                 a = b1;
-                mac.BlockUpdate(a, 0, a.Length);
-                mac.BlockUpdate(seed, 0, seed.Length);
-                mac.DoFinal(b2, 0);
+                hmac.BlockUpdate(a, 0, a.Length);
+                hmac.BlockUpdate(seed, 0, seed.Length);
+                hmac.DoFinal(b2, 0);
                 Array.Copy(b2, 0, output, pos, System.Math.Min(macSize, output.Length - pos));
                 pos += macSize;
             }