diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/src/crypto/tls/ExporterLabel.cs | 6 | ||||
-rw-r--r-- | crypto/src/crypto/tls/SecurityParameters.cs | 10 | ||||
-rw-r--r-- | crypto/src/crypto/tls/TlsBlockCipher.cs | 2 | ||||
-rw-r--r-- | crypto/src/crypto/tls/TlsProtocolHandler.cs | 4 | ||||
-rw-r--r-- | crypto/src/crypto/tls/TlsStreamCipher.cs | 2 |
5 files changed, 16 insertions, 8 deletions
diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs index c186d410b..f301ea3c0 100644 --- a/crypto/src/crypto/tls/ExporterLabel.cs +++ b/crypto/src/crypto/tls/ExporterLabel.cs @@ -6,12 +6,6 @@ namespace Org.BouncyCastle.Crypto.Tls public abstract class ExporterLabel { /* - * BC-specific - */ - internal const string client_random = "client random"; - internal const string server_random = "server random"; - - /* * RFC 5246 */ public const string client_finished = "client finished"; diff --git a/crypto/src/crypto/tls/SecurityParameters.cs b/crypto/src/crypto/tls/SecurityParameters.cs index 3aa318da2..0707f3d40 100644 --- a/crypto/src/crypto/tls/SecurityParameters.cs +++ b/crypto/src/crypto/tls/SecurityParameters.cs @@ -11,6 +11,16 @@ namespace Org.BouncyCastle.Crypto.Tls internal byte[] clientRandom = null; internal byte[] serverRandom = null; + internal void CopySessionParametersFrom(SecurityParameters other) + { + //this.entity = other.entity; + //this.cipherSuite = other.cipherSuite; + //this.compressionAlgorithm = other.compressionAlgorithm; + this.prfAlgorithm = other.prfAlgorithm; + //this.verifyDataLength = other.verifyDataLength; + this.masterSecret = Arrays.Clone(other.masterSecret); + } + internal virtual void Clear() { if (this.masterSecret != null) diff --git a/crypto/src/crypto/tls/TlsBlockCipher.cs b/crypto/src/crypto/tls/TlsBlockCipher.cs index 7adab1985..b2c69127c 100644 --- a/crypto/src/crypto/tls/TlsBlockCipher.cs +++ b/crypto/src/crypto/tls/TlsBlockCipher.cs @@ -51,7 +51,7 @@ namespace Org.BouncyCastle.Crypto.Tls SecurityParameters securityParameters = context.SecurityParameters; - byte[] keyBlock = TlsUtilities.PRF(context, securityParameters.masterSecret, "key expansion", + byte[] keyBlock = TlsUtilities.PRF(context, securityParameters.masterSecret, ExporterLabel.key_expansion, TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); diff --git a/crypto/src/crypto/tls/TlsProtocolHandler.cs b/crypto/src/crypto/tls/TlsProtocolHandler.cs index cf1296b14..918640db5 100644 --- a/crypto/src/crypto/tls/TlsProtocolHandler.cs +++ b/crypto/src/crypto/tls/TlsProtocolHandler.cs @@ -453,6 +453,10 @@ namespace Org.BouncyCastle.Crypto.Tls this.keyExchange = tlsClient.GetKeyExchange(); connection_state = CS_SERVER_HELLO_RECEIVED; + + // TODO Just a place-holder until other TLS 1.2 changes arrive + this.securityParameters.prfAlgorithm = PrfAlgorithm.tls_prf_legacy; + break; default: this.FailWithError(AlertLevel.fatal, AlertDescription.unexpected_message); diff --git a/crypto/src/crypto/tls/TlsStreamCipher.cs b/crypto/src/crypto/tls/TlsStreamCipher.cs index 3e6f7e06d..24e2ce73f 100644 --- a/crypto/src/crypto/tls/TlsStreamCipher.cs +++ b/crypto/src/crypto/tls/TlsStreamCipher.cs @@ -29,7 +29,7 @@ namespace Org.BouncyCastle.Crypto.Tls SecurityParameters securityParameters = context.SecurityParameters; - byte[] keyBlock = TlsUtilities.PRF(context, securityParameters.masterSecret, "key expansion", + byte[] keyBlock = TlsUtilities.PRF(context, securityParameters.masterSecret, ExporterLabel.key_expansion, TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); |