1946 MessageDigest md5Clone = handshakeHash.getMD5Clone();
1947 MessageDigest shaClone = handshakeHash.getSHAClone();
1948 seed = new byte[36];
1949 md5Clone.digest(seed, 0, 16);
1950 shaClone.digest(seed, 16, 20);
1951
1952 prfAlg = "SunTlsPrf";
1953 prf = P_NONE;
1954 }
1955
1956 String prfHashAlg = prf.getPRFHashAlg();
1957 int prfHashLength = prf.getPRFHashLength();
1958 int prfBlockSize = prf.getPRFBlockSize();
1959
1960 /*
1961 * RFC 5246/7.4.9 says that finished messages can
1962 * be ciphersuite-specific in both length/PRF hash
1963 * algorithm. If we ever run across a different
1964 * length, this call will need to be updated.
1965 */
1966 TlsPrfParameterSpec spec = new TlsPrfParameterSpec(
1967 masterKey, tlsLabel, seed, 12,
1968 prfHashAlg, prfHashLength, prfBlockSize);
1969
1970 KeyGenerator kg = JsseJce.getKeyGenerator(prfAlg);
1971 kg.init(spec);
1972 SecretKey prfKey = kg.generateKey();
1973 if ("RAW".equals(prfKey.getFormat()) == false) {
1974 throw new ProviderException(
1975 "Invalid PRF output, format must be RAW");
1976 }
1977 byte[] finished = prfKey.getEncoded();
1978 return finished;
1979 } catch (GeneralSecurityException e) {
1980 throw new RuntimeException("PRF failed", e);
1981 }
1982 } else {
1983 // SSLv3
1984 MessageDigest md5Clone = handshakeHash.getMD5Clone();
1985 MessageDigest shaClone = handshakeHash.getSHAClone();
|
1946 MessageDigest md5Clone = handshakeHash.getMD5Clone();
1947 MessageDigest shaClone = handshakeHash.getSHAClone();
1948 seed = new byte[36];
1949 md5Clone.digest(seed, 0, 16);
1950 shaClone.digest(seed, 16, 20);
1951
1952 prfAlg = "SunTlsPrf";
1953 prf = P_NONE;
1954 }
1955
1956 String prfHashAlg = prf.getPRFHashAlg();
1957 int prfHashLength = prf.getPRFHashLength();
1958 int prfBlockSize = prf.getPRFBlockSize();
1959
1960 /*
1961 * RFC 5246/7.4.9 says that finished messages can
1962 * be ciphersuite-specific in both length/PRF hash
1963 * algorithm. If we ever run across a different
1964 * length, this call will need to be updated.
1965 */
1966 @SuppressWarnings("deprecation")
1967 TlsPrfParameterSpec spec = new TlsPrfParameterSpec(
1968 masterKey, tlsLabel, seed, 12,
1969 prfHashAlg, prfHashLength, prfBlockSize);
1970
1971 KeyGenerator kg = JsseJce.getKeyGenerator(prfAlg);
1972 kg.init(spec);
1973 SecretKey prfKey = kg.generateKey();
1974 if ("RAW".equals(prfKey.getFormat()) == false) {
1975 throw new ProviderException(
1976 "Invalid PRF output, format must be RAW");
1977 }
1978 byte[] finished = prfKey.getEncoded();
1979 return finished;
1980 } catch (GeneralSecurityException e) {
1981 throw new RuntimeException("PRF failed", e);
1982 }
1983 } else {
1984 // SSLv3
1985 MessageDigest md5Clone = handshakeHash.getMD5Clone();
1986 MessageDigest shaClone = handshakeHash.getSHAClone();
|