Save This Page
Home » openjdk-7 » com.sun.crypto » provider » [javadoc | source]
com.sun.crypto.provider
abstract class: TlsPrfGenerator [javadoc | source]
java.lang.Object
   javax.crypto.KeyGeneratorSpi
      com.sun.crypto.provider.TlsPrfGenerator

Direct Known Subclasses:
    V12, V10

KeyGenerator implementation for the TLS PRF function.

This class duplicates the HMAC functionality (RFC 2104) with performance optimizations (e.g. XOR'ing keys with padding doesn't need to be redone for each HMAC operation).

Nested Class Summary:
public static class  TlsPrfGenerator.V12  A KeyGenerator implementation that supports TLS 1.2.

TLS 1.2 uses a different hash algorithm than 1.0/1.1 for the PRF calculations. As of 2010, there is no PKCS11-level support for TLS 1.2 PRF calculations, and no known OS's have an internal variant we could use. Therefore for TLS 1.2, we are updating JSSE to request a different provider algorithm: "SunTls12Prf". If we reused the name "SunTlsPrf", the PKCS11 provider would need be updated to fail correctly when presented with the wrong version number (via Provider.Service.supportsParameters()), and add the appropriate supportsParamters() checks into KeyGenerators (not currently there). 

public static class  TlsPrfGenerator.V10  A KeyGenerator implementation that supports TLS 1.0/1.1. 
Field Summary
static final  byte[] LABEL_MASTER_SECRET     
static final  byte[] LABEL_KEY_EXPANSION     
static final  byte[] LABEL_CLIENT_WRITE_KEY     
static final  byte[] LABEL_SERVER_WRITE_KEY     
static final  byte[] LABEL_IV_BLOCK     
static final  byte[][] SSL3_CONST     
Constructor:
 public TlsPrfGenerator() 
Method from com.sun.crypto.provider.TlsPrfGenerator Summary:
concat,   doTLS10PRF,   doTLS10PRF,   doTLS12PRF,   doTLS12PRF,   engineGenerateKey0,   engineInit,   engineInit,   engineInit,   genPad
Methods from javax.crypto.KeyGeneratorSpi:
engineGenerateKey,   engineInit,   engineInit,   engineInit
Methods from java.lang.Object:
clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from com.sun.crypto.provider.TlsPrfGenerator Detail:
 static byte[] concat(byte[] b1,
    byte[] b2) 
 static byte[] doTLS10PRF(byte[] secret,
    byte[] labelBytes,
    byte[] seed,
    int outputLength) throws NoSuchAlgorithmException, DigestException 
 static byte[] doTLS10PRF(byte[] secret,
    byte[] labelBytes,
    byte[] seed,
    int outputLength,
    MessageDigest md5,
    MessageDigest sha) throws DigestException 
 static byte[] doTLS12PRF(byte[] secret,
    byte[] labelBytes,
    byte[] seed,
    int outputLength,
    String prfHash,
    int prfHashLength,
    int prfBlockSize) throws NoSuchAlgorithmException, DigestException 
 static byte[] doTLS12PRF(byte[] secret,
    byte[] labelBytes,
    byte[] seed,
    int outputLength,
    MessageDigest mdPRF,
    int mdPRFLen,
    int mdPRFBlockSize) throws DigestException 
 SecretKey engineGenerateKey0(boolean tls12) 
 protected  void engineInit(SecureRandom random) 
 protected  void engineInit(AlgorithmParameterSpec params,
    SecureRandom random) throws InvalidAlgorithmParameterException 
 protected  void engineInit(int keysize,
    SecureRandom random) 
 static byte[] genPad(byte b,
    int count)