From 791063db08a6f8254d10b1b0e6d5f4f0827b8b0e Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Tue, 26 Aug 2014 15:34:13 +0700 Subject: Extended master secret uses a different label in PRF --- crypto/src/crypto/tls/ExporterLabel.cs | 5 +++++ crypto/src/crypto/tls/TlsUtilities.cs | 18 ++++++++---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs index f301ea3c0..280321e2a 100644 --- a/crypto/src/crypto/tls/ExporterLabel.cs +++ b/crypto/src/crypto/tls/ExporterLabel.cs @@ -28,5 +28,10 @@ namespace Org.BouncyCastle.Crypto.Tls * RFC 5764 */ public const string dtls_srtp = "EXTRACTOR-dtls_srtp"; + + /* + * draft-ietf-tls-session-hash-01 + */ + public static readonly string extended_master_secret = "extended master secret"; } } diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs index bbd3e880d..29310100a 100644 --- a/crypto/src/crypto/tls/TlsUtilities.cs +++ b/crypto/src/crypto/tls/TlsUtilities.cs @@ -871,22 +871,20 @@ namespace Org.BouncyCastle.Crypto.Tls { SecurityParameters securityParameters = context.SecurityParameters; - byte[] seed; - if (securityParameters.extendedMasterSecret) - { - seed = securityParameters.SessionHash; - } - else - { - seed = Concat(securityParameters.ClientRandom, securityParameters.ServerRandom); - } + byte[] seed = securityParameters.extendedMasterSecret + ? securityParameters.SessionHash + : Concat(securityParameters.ClientRandom, securityParameters.ServerRandom); if (IsSsl(context)) { return CalculateMasterSecret_Ssl(pre_master_secret, seed); } - return PRF(context, pre_master_secret, ExporterLabel.master_secret, seed, 48); + string asciiLabel = securityParameters.extendedMasterSecret + ? ExporterLabel.extended_master_secret + : ExporterLabel.master_secret; + + return PRF(context, pre_master_secret, asciiLabel, seed, 48); } internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random) -- cgit 1.4.1