38 /** 39 * KeyGenerator implementation for the TLS PRF function. 40 * <p> 41 * This class duplicates the HMAC functionality (RFC 2104) with 42 * performance optimizations (e.g. XOR'ing keys with padding doesn't 43 * need to be redone for each HMAC operation). 44 * 45 * @author Andreas Sterbenz 46 * @since 1.6 47 */ 48 abstract class TlsPrfGenerator extends KeyGeneratorSpi { 49 50 // magic constants and utility functions, also used by other files 51 // in this package 52 53 private static final byte[] B0 = new byte[0]; 54 55 static final byte[] LABEL_MASTER_SECRET = // "master secret" 56 { 109, 97, 115, 116, 101, 114, 32, 115, 101, 99, 114, 101, 116 }; 57 58 static final byte[] LABEL_KEY_EXPANSION = // "key expansion" 59 { 107, 101, 121, 32, 101, 120, 112, 97, 110, 115, 105, 111, 110 }; 60 61 static final byte[] LABEL_CLIENT_WRITE_KEY = // "client write key" 62 { 99, 108, 105, 101, 110, 116, 32, 119, 114, 105, 116, 101, 32, 63 107, 101, 121 }; 64 65 static final byte[] LABEL_SERVER_WRITE_KEY = // "server write key" 66 { 115, 101, 114, 118, 101, 114, 32, 119, 114, 105, 116, 101, 32, 67 107, 101, 121 }; 68 69 static final byte[] LABEL_IV_BLOCK = // "IV block" 70 { 73, 86, 32, 98, 108, 111, 99, 107 }; 71 72 /* 73 * TLS HMAC "inner" and "outer" padding. This isn't a function 74 * of the digest algorithm. 75 */ 76 private static final byte[] HMAC_ipad64 = genPad((byte)0x36, 64); 77 private static final byte[] HMAC_ipad128 = genPad((byte)0x36, 128); | 38 /** 39 * KeyGenerator implementation for the TLS PRF function. 40 * <p> 41 * This class duplicates the HMAC functionality (RFC 2104) with 42 * performance optimizations (e.g. XOR'ing keys with padding doesn't 43 * need to be redone for each HMAC operation). 44 * 45 * @author Andreas Sterbenz 46 * @since 1.6 47 */ 48 abstract class TlsPrfGenerator extends KeyGeneratorSpi { 49 50 // magic constants and utility functions, also used by other files 51 // in this package 52 53 private static final byte[] B0 = new byte[0]; 54 55 static final byte[] LABEL_MASTER_SECRET = // "master secret" 56 { 109, 97, 115, 116, 101, 114, 32, 115, 101, 99, 114, 101, 116 }; 57 58 static final byte[] LABEL_EXTENDED_MASTER_SECRET = // "extended master secret" 59 { 101, 120, 116, 101, 110, 100, 101, 100, 32, 109, 97, 115, 116, 60 101, 114, 32, 115, 101, 99, 114, 101, 116 }; 61 62 static final byte[] LABEL_KEY_EXPANSION = // "key expansion" 63 { 107, 101, 121, 32, 101, 120, 112, 97, 110, 115, 105, 111, 110 }; 64 65 static final byte[] LABEL_CLIENT_WRITE_KEY = // "client write key" 66 { 99, 108, 105, 101, 110, 116, 32, 119, 114, 105, 116, 101, 32, 67 107, 101, 121 }; 68 69 static final byte[] LABEL_SERVER_WRITE_KEY = // "server write key" 70 { 115, 101, 114, 118, 101, 114, 32, 119, 114, 105, 116, 101, 32, 71 107, 101, 121 }; 72 73 static final byte[] LABEL_IV_BLOCK = // "IV block" 74 { 73, 86, 32, 98, 108, 111, 99, 107 }; 75 76 /* 77 * TLS HMAC "inner" and "outer" padding. This isn't a function 78 * of the digest algorithm. 79 */ 80 private static final byte[] HMAC_ipad64 = genPad((byte)0x36, 64); 81 private static final byte[] HMAC_ipad128 = genPad((byte)0x36, 128); |