--- a/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java Thu Feb 28 16:36:01 2013 -0800
+++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java Fri Mar 01 02:34:34 2013 -0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -165,16 +165,18 @@
// partition keyblock into individual secrets
int ofs = 0;
- byte[] tmp = new byte[macLength];
+ if (macLength != 0) {
+ byte[] tmp = new byte[macLength];
- // mac keys
- System.arraycopy(keyBlock, ofs, tmp, 0, macLength);
- ofs += macLength;
- clientMacKey = new SecretKeySpec(tmp, "Mac");
+ // mac keys
+ System.arraycopy(keyBlock, ofs, tmp, 0, macLength);
+ ofs += macLength;
+ clientMacKey = new SecretKeySpec(tmp, "Mac");
- System.arraycopy(keyBlock, ofs, tmp, 0, macLength);
- ofs += macLength;
- serverMacKey = new SecretKeySpec(tmp, "Mac");
+ System.arraycopy(keyBlock, ofs, tmp, 0, macLength);
+ ofs += macLength;
+ serverMacKey = new SecretKeySpec(tmp, "Mac");
+ }
if (keyLength == 0) { // SSL_RSA_WITH_NULL_* ciphersuites
return new TlsKeyMaterialSpec(clientMacKey, serverMacKey);
@@ -198,7 +200,7 @@
// IV keys if needed.
if (ivLength != 0) {
- tmp = new byte[ivLength];
+ byte[] tmp = new byte[ivLength];
System.arraycopy(keyBlock, ofs, tmp, 0, ivLength);
ofs += ivLength;
@@ -220,8 +222,8 @@
// TLS 1.0
byte[] seed = concat(clientRandom, serverRandom);
- tmp = doTLS10PRF(clientKeyBytes, LABEL_CLIENT_WRITE_KEY, seed,
- expandedKeyLength, md5, sha);
+ byte[] tmp = doTLS10PRF(clientKeyBytes,
+ LABEL_CLIENT_WRITE_KEY, seed, expandedKeyLength, md5, sha);
clientCipherKey = new SecretKeySpec(tmp, alg);
tmp = doTLS10PRF(serverKeyBytes, LABEL_SERVER_WRITE_KEY, seed,
@@ -239,7 +241,7 @@
}
} else {
// SSLv3
- tmp = new byte[expandedKeyLength];
+ byte[] tmp = new byte[expandedKeyLength];
md5.update(clientKeyBytes);
md5.update(clientRandom);