diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-17 15:54:45 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-11-17 15:54:45 +0400 |
commit | 6a190004982f1e9456ccc9c1d6f0acdd37bd8dea (patch) | |
tree | c229d80233c359b23e3d1dbc91c4a53c3c0f779e /core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java | |
parent | 3e7f55745c18119e852bd31ce491c28f53c3387b (diff) |
Refactoring around DeferredHash so that for (D)TLS 1.2 we can snapshot
any/all hashes that might be needed for CertificateVerify.
Defer the actual CertificateVerify hash calculation at the server until
after we have seen the DigitallySigned.
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java b/core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java index 952e0b59..711172f1 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java @@ -27,6 +27,14 @@ class DeferredHash this.prfHashAlgorithm = null; } + private DeferredHash(Short prfHashAlgorithm, Digest prfHash) + { + this.buf = null; + this.hashes = new Hashtable(); + this.prfHashAlgorithm = prfHashAlgorithm; + hashes.put(prfHashAlgorithm, prfHash); + } + public void init(TlsContext context) { this.context = context; @@ -65,20 +73,22 @@ class DeferredHash checkStopBuffering(); } - public void stopTracking() + public TlsHandshakeHash stopTracking() { - if (hashes.size() > 1) + Digest prfHash = TlsUtils.cloneHash(prfHashAlgorithm.shortValue(), (Digest)hashes.get(prfHashAlgorithm)); + if (buf != null) { - Digest prfHash = (Digest)hashes.get(prfHashAlgorithm); - hashes = new Hashtable(); - hashes.put(prfHashAlgorithm, prfHash); + buf.updateDigest(prfHash); } - - checkStopBuffering(); + DeferredHash result = new DeferredHash(prfHashAlgorithm, prfHash); + result.init(context); + return result; } public Digest forkPRFHash() { + checkStopBuffering(); + if (buf != null) { Digest prfHash = TlsUtils.createHash(prfHashAlgorithm.shortValue()); |