Extended master secret uses a different label in PRF
2 files changed, 13 insertions, 10 deletions
diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs
index f301ea3c0..280321e2a 100644
--- a/crypto/src/crypto/tls/ExporterLabel.cs
+++ b/crypto/src/crypto/tls/ExporterLabel.cs
@@ -28,5 +28,10 @@ namespace Org.BouncyCastle.Crypto.Tls
* RFC 5764
*/
public const string dtls_srtp = "EXTRACTOR-dtls_srtp";
+
+ /*
+ * draft-ietf-tls-session-hash-01
+ */
+ public static readonly string extended_master_secret = "extended master secret";
}
}
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index bbd3e880d..29310100a 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -871,22 +871,20 @@ namespace Org.BouncyCastle.Crypto.Tls
{
SecurityParameters securityParameters = context.SecurityParameters;
- byte[] seed;
- if (securityParameters.extendedMasterSecret)
- {
- seed = securityParameters.SessionHash;
- }
- else
- {
- seed = Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
- }
+ byte[] seed = securityParameters.extendedMasterSecret
+ ? securityParameters.SessionHash
+ : Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
if (IsSsl(context))
{
return CalculateMasterSecret_Ssl(pre_master_secret, seed);
}
- return PRF(context, pre_master_secret, ExporterLabel.master_secret, seed, 48);
+ string asciiLabel = securityParameters.extendedMasterSecret
+ ? ExporterLabel.extended_master_secret
+ : ExporterLabel.master_secret;
+
+ return PRF(context, pre_master_secret, asciiLabel, seed, 48);
}
internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random)
|
