1 /* |
1 /* |
2 * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
163 } |
163 } |
164 |
164 |
165 // partition keyblock into individual secrets |
165 // partition keyblock into individual secrets |
166 |
166 |
167 int ofs = 0; |
167 int ofs = 0; |
168 if (macLength != 0) { |
168 byte[] tmp = new byte[macLength]; |
169 byte[] tmp = new byte[macLength]; |
169 |
170 |
170 // mac keys |
171 // mac keys |
171 System.arraycopy(keyBlock, ofs, tmp, 0, macLength); |
172 System.arraycopy(keyBlock, ofs, tmp, 0, macLength); |
172 ofs += macLength; |
173 ofs += macLength; |
173 clientMacKey = new SecretKeySpec(tmp, "Mac"); |
174 clientMacKey = new SecretKeySpec(tmp, "Mac"); |
174 |
175 |
175 System.arraycopy(keyBlock, ofs, tmp, 0, macLength); |
176 System.arraycopy(keyBlock, ofs, tmp, 0, macLength); |
176 ofs += macLength; |
177 ofs += macLength; |
177 serverMacKey = new SecretKeySpec(tmp, "Mac"); |
178 serverMacKey = new SecretKeySpec(tmp, "Mac"); |
|
179 } |
|
180 |
178 |
181 if (keyLength == 0) { // SSL_RSA_WITH_NULL_* ciphersuites |
179 if (keyLength == 0) { // SSL_RSA_WITH_NULL_* ciphersuites |
182 return new TlsKeyMaterialSpec(clientMacKey, serverMacKey); |
180 return new TlsKeyMaterialSpec(clientMacKey, serverMacKey); |
183 } |
181 } |
184 |
182 |
198 clientCipherKey = new SecretKeySpec(clientKeyBytes, alg); |
196 clientCipherKey = new SecretKeySpec(clientKeyBytes, alg); |
199 serverCipherKey = new SecretKeySpec(serverKeyBytes, alg); |
197 serverCipherKey = new SecretKeySpec(serverKeyBytes, alg); |
200 |
198 |
201 // IV keys if needed. |
199 // IV keys if needed. |
202 if (ivLength != 0) { |
200 if (ivLength != 0) { |
203 byte[] tmp = new byte[ivLength]; |
201 tmp = new byte[ivLength]; |
204 |
202 |
205 System.arraycopy(keyBlock, ofs, tmp, 0, ivLength); |
203 System.arraycopy(keyBlock, ofs, tmp, 0, ivLength); |
206 ofs += ivLength; |
204 ofs += ivLength; |
207 clientIv = new IvParameterSpec(tmp); |
205 clientIv = new IvParameterSpec(tmp); |
208 |
206 |
220 "exportable ciphersuites"); |
218 "exportable ciphersuites"); |
221 } else if (protocolVersion == 0x0301) { |
219 } else if (protocolVersion == 0x0301) { |
222 // TLS 1.0 |
220 // TLS 1.0 |
223 byte[] seed = concat(clientRandom, serverRandom); |
221 byte[] seed = concat(clientRandom, serverRandom); |
224 |
222 |
225 byte[] tmp = doTLS10PRF(clientKeyBytes, |
223 tmp = doTLS10PRF(clientKeyBytes, LABEL_CLIENT_WRITE_KEY, seed, |
226 LABEL_CLIENT_WRITE_KEY, seed, expandedKeyLength, md5, sha); |
224 expandedKeyLength, md5, sha); |
227 clientCipherKey = new SecretKeySpec(tmp, alg); |
225 clientCipherKey = new SecretKeySpec(tmp, alg); |
228 |
226 |
229 tmp = doTLS10PRF(serverKeyBytes, LABEL_SERVER_WRITE_KEY, seed, |
227 tmp = doTLS10PRF(serverKeyBytes, LABEL_SERVER_WRITE_KEY, seed, |
230 expandedKeyLength, md5, sha); |
228 expandedKeyLength, md5, sha); |
231 serverCipherKey = new SecretKeySpec(tmp, alg); |
229 serverCipherKey = new SecretKeySpec(tmp, alg); |
239 System.arraycopy(block, ivLength, tmp, 0, ivLength); |
237 System.arraycopy(block, ivLength, tmp, 0, ivLength); |
240 serverIv = new IvParameterSpec(tmp); |
238 serverIv = new IvParameterSpec(tmp); |
241 } |
239 } |
242 } else { |
240 } else { |
243 // SSLv3 |
241 // SSLv3 |
244 byte[] tmp = new byte[expandedKeyLength]; |
242 tmp = new byte[expandedKeyLength]; |
245 |
243 |
246 md5.update(clientKeyBytes); |
244 md5.update(clientKeyBytes); |
247 md5.update(clientRandom); |
245 md5.update(clientRandom); |
248 md5.update(serverRandom); |
246 md5.update(serverRandom); |
249 System.arraycopy(md5.digest(), 0, tmp, 0, expandedKeyLength); |
247 System.arraycopy(md5.digest(), 0, tmp, 0, expandedKeyLength); |