static byte[] calculateMasterSecret(TlsContext context, byte[] pre_master_secret) { SecurityParameters securityParameters = context.getSecurityParameters(); byte[] seed; if (securityParameters.isExtendedMasterSecret()) { seed = securityParameters.getSessionHash(); } else { seed = concat(securityParameters.getClientRandom(), securityParameters.getServerRandom()); } if (isSSL(context)) { return calculateMasterSecret_SSL(pre_master_secret, seed); } String asciiLabel = securityParameters.isExtendedMasterSecret() ? ExporterLabel.extended_master_secret : ExporterLabel.master_secret; return PRF(context, pre_master_secret, asciiLabel, seed, 48); }
if (securityParameters.isExtendedMasterSecret())
if (!securityParameters.isExtendedMasterSecret() && (state.resumedSession || state.client.requiresExtendedMasterSecret()))
&& TlsExtensionsUtils.hasExtendedMasterSecretExtension(serverExtensions); if (!securityParameters.isExtendedMasterSecret() && (resumedSession || tlsClient.requiresExtendedMasterSecret()))
if (!securityParameters.isExtendedMasterSecret() && state.server.requiresExtendedMasterSecret())
else if (securityParameters.isExtendedMasterSecret())
.setCipherSuite(this.securityParameters.getCipherSuite()) .setCompressionAlgorithm(this.securityParameters.getCompressionAlgorithm()) .setExtendedMasterSecret(securityParameters.isExtendedMasterSecret()) .setMasterSecret(this.securityParameters.getMasterSecret()) .setPeerCertificate(this.peerCertificate)
if (!securityParameters.isExtendedMasterSecret() && tlsServer.requiresExtendedMasterSecret())
.setCipherSuite(securityParameters.getCipherSuite()) .setCompressionAlgorithm(securityParameters.getCompressionAlgorithm()) .setExtendedMasterSecret(securityParameters.isExtendedMasterSecret()) .setMasterSecret(securityParameters.getMasterSecret()) .setPeerCertificate(serverCertificate)