protected byte[] calculateMasterSecret(ClientKeyExchangeMessage message) throws CryptoException {
Chooser chooser = tlsContext.getChooser();
if (chooser.getSelectedProtocolVersion() == ProtocolVersion.SSL3) {
LOGGER.debug("Calculate SSL MasterSecret with Client and Server Nonces, which are: "
+ ArrayConverter.bytesToHexString(message.getComputations().getClientServerRandom().getValue()));
return SSLUtils.calculateMasterSecretSSL3(chooser.getPreMasterSecret(), message.getComputations()
.getClientServerRandom().getValue());
} else {
PRFAlgorithm prfAlgorithm = AlgorithmResolver.getPRFAlgorithm(chooser.getSelectedProtocolVersion(),
chooser.getSelectedCipherSuite());
if (chooser.isUseExtendedMasterSecret()) {
LOGGER.debug("Calculating ExtendedMasterSecret");
byte[] sessionHash = tlsContext.getDigest().digest(chooser.getSelectedProtocolVersion(),
chooser.getSelectedCipherSuite());
LOGGER.debug("Premastersecret: " + ArrayConverter.bytesToHexString(chooser.getPreMasterSecret()));
LOGGER.debug("SessionHash: " + ArrayConverter.bytesToHexString(sessionHash));
byte[] extendedMasterSecret = PseudoRandomFunction.compute(prfAlgorithm, chooser.getPreMasterSecret(),
PseudoRandomFunction.EXTENDED_MASTER_SECRET_LABEL, sessionHash,
HandshakeByteLength.MASTER_SECRET);
return extendedMasterSecret;
} else {
LOGGER.debug("Calculating MasterSecret");
byte[] masterSecret = PseudoRandomFunction.compute(prfAlgorithm, chooser.getPreMasterSecret(),
PseudoRandomFunction.MASTER_SECRET_LABEL, message.getComputations().getClientServerRandom()
.getValue(), HandshakeByteLength.MASTER_SECRET);
return masterSecret;
}
}
}