diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-17 15:54:45 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-17 15:54:45 +0400 |
commit | 6a190004982f1e9456ccc9c1d6f0acdd37bd8dea (patch) | |
tree | c229d80233c359b23e3d1dbc91c4a53c3c0f779e /core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java | |
parent | 3e7f55745c18119e852bd31ce491c28f53c3387b (diff) |
Refactoring around DeferredHash so that for (D)TLS 1.2 we can snapshot
any/all hashes that might be needed for CertificateVerify.
Defer the actual CertificateVerify hash calculation at the server until
after we have seen the DigitallySigned.
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java index b6bf085b..91ddee60 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java @@ -41,11 +41,10 @@ class DTLSReliableHandshake return handshakeHash; } - byte[] getCurrentPRFHash() + TlsHandshakeHash prepareToFinish() { - Digest copyOfHash = handshakeHash.forkPRFHash(); - byte[] result = new byte[copyOfHash.getDigestSize()]; - copyOfHash.doFinal(result, 0); + TlsHandshakeHash result = handshakeHash; + this.handshakeHash = handshakeHash.stopTracking(); return result; } |