/** * This method is borrowed from package-protected method * {@link org.bouncycastle.crypto.tls.TlsUtils#calculateMasterSecret_SSL(byte[], byte[])} * Version 1.58 * * @param pre_master_secret * the premastersecret * @param random * The random bytes to use * @return master_secret */ public static byte[] calculateMasterSecretSSL3(byte[] pre_master_secret, byte[] random) { Digest md5 = TlsUtils.createHash(HashAlgorithm.md5); Digest sha1 = TlsUtils.createHash(HashAlgorithm.sha1); int md5Size = md5.getDigestSize(); byte[] shatmp = new byte[sha1.getDigestSize()]; byte[] rval = new byte[md5Size * 3]; int pos = 0; for (int i = 0; i < 3; ++i) { byte[] ssl3Const = SSL3_CONST[i]; sha1.update(ssl3Const, 0, ssl3Const.length); sha1.update(pre_master_secret, 0, pre_master_secret.length); sha1.update(random, 0, random.length); sha1.doFinal(shatmp, 0); md5.update(pre_master_secret, 0, pre_master_secret.length); md5.update(shatmp, 0, shatmp.length); md5.doFinal(rval, pos); pos += md5Size; } return rval; }
/** * This method is borrowed from package-protected method * {@link org.bouncycastle.crypto.tls.TlsUtils#calculateKeyBlock_SSL(byte[], byte[], int)} * Version 1.58 * * @param master_secret * The mastersecret * @param random * The Randombytes * @param size * The size * @return master_secret */ public static byte[] calculateKeyBlockSSL3(byte[] master_secret, byte[] random, int size) { Digest md5 = TlsUtils.createHash(HashAlgorithm.md5); Digest sha1 = TlsUtils.createHash(HashAlgorithm.sha1); int md5Size = md5.getDigestSize(); byte[] shatmp = new byte[sha1.getDigestSize()]; byte[] tmp = new byte[size + md5Size]; int i = 0, pos = 0; while (pos < size) { byte[] ssl3Const = SSL3_CONST[i]; sha1.update(ssl3Const, 0, ssl3Const.length); sha1.update(master_secret, 0, master_secret.length); sha1.update(random, 0, random.length); sha1.doFinal(shatmp, 0); md5.update(master_secret, 0, master_secret.length); md5.update(shatmp, 0, shatmp.length); md5.doFinal(tmp, pos); pos += md5Size; ++i; } return Arrays.copyOfRange(tmp, 0, size); }
@Override protected Signer makeSigner(SignatureAndHashAlgorithm signatureAndHashAlgorithm, boolean raw, boolean forSigning, CipherParameters cipherParameters) { if (!TlsUtils.isTLSv12(context)) { throw new IllegalStateException("Impossible"); } Digest d = raw ? new NullDigest() : TlsUtils.createHash(HashAlgorithm.sha256); Signer s = new DSADigestSigner(createDSAImpl(HashAlgorithm.sha256), d); s.init(forSigning, makeInitParameters(forSigning, cipherParameters)); return s; }