diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-04-16 11:00:27 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-04-16 11:00:27 +0400 |
commit | 1b2efc5633397c40766389d56f0267fd94579b28 (patch) | |
tree | 9a8ea01535b46f43b3c4ac3df3b20e324d79150b /core/src/main/java/org/bouncycastle/crypto/tls | |
parent | d4ced6ae037cc2301b9abe4776b2af45027407b4 (diff) |
Deprecate TlsClientProtocol auto-creation of SecureRandom
Refactor all uses of SecureRandom to be via TlsContext
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls')
4 files changed, 19 insertions, 8 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java index 75b3b58d..6f421955 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java @@ -32,12 +32,14 @@ public class DTLSClientProtocol SecurityParameters securityParameters = new SecurityParameters(); securityParameters.entity = ConnectionEnd.client; - securityParameters.clientRandom = TlsProtocol.createRandomBlock(client.shouldUseGMTUnixTime(), secureRandom, - ExporterLabel.client_random); ClientHandshakeState state = new ClientHandshakeState(); state.client = client; state.clientContext = new TlsClientContextImpl(secureRandom, securityParameters); + + securityParameters.clientRandom = TlsProtocol.createRandomBlock(client.shouldUseGMTUnixTime(), + state.clientContext.getSecureRandom(), ExporterLabel.client_random); + client.init(state.clientContext); DTLSRecordLayer recordLayer = new DTLSRecordLayer(transport, state.clientContext, client, ContentType.handshake); diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java index e1699bb0..28a79eb9 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java @@ -46,12 +46,14 @@ public class DTLSServerProtocol SecurityParameters securityParameters = new SecurityParameters(); securityParameters.entity = ConnectionEnd.server; - securityParameters.serverRandom = TlsProtocol.createRandomBlock(server.shouldUseGMTUnixTime(), secureRandom, - ExporterLabel.server_random); ServerHandshakeState state = new ServerHandshakeState(); state.server = server; state.serverContext = new TlsServerContextImpl(secureRandom, securityParameters); + + securityParameters.serverRandom = TlsProtocol.createRandomBlock(server.shouldUseGMTUnixTime(), + state.serverContext.getSecureRandom(), ExporterLabel.server_random); + server.init(state.serverContext); DTLSRecordLayer recordLayer = new DTLSRecordLayer(transport, state.serverContext, server, ContentType.handshake); diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java index ed23230b..cf98ddb9 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java @@ -43,6 +43,9 @@ public class TlsClientProtocol return random; } + /** + * @deprecated use alternate constructor taking an explicit {@link SecureRandom} + */ public TlsClientProtocol(InputStream input, OutputStream output) { this(input, output, createSecureRandom()); @@ -74,10 +77,12 @@ public class TlsClientProtocol this.securityParameters = new SecurityParameters(); this.securityParameters.entity = ConnectionEnd.client; - this.securityParameters.clientRandom = createRandomBlock(tlsClient.shouldUseGMTUnixTime(), secureRandom, - ExporterLabel.client_random); this.tlsClientContext = new TlsClientContextImpl(secureRandom, securityParameters); + + this.securityParameters.clientRandom = createRandomBlock(tlsClient.shouldUseGMTUnixTime(), + tlsClientContext.getSecureRandom(), ExporterLabel.client_random); + this.tlsClient.init(tlsClientContext); this.recordStream.init(tlsClientContext); diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index b8540ba4..5994c90a 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -52,10 +52,12 @@ public class TlsServerProtocol this.securityParameters = new SecurityParameters(); this.securityParameters.entity = ConnectionEnd.server; - this.securityParameters.serverRandom = createRandomBlock(tlsServer.shouldUseGMTUnixTime(), secureRandom, - ExporterLabel.server_random); this.tlsServerContext = new TlsServerContextImpl(secureRandom, securityParameters); + + this.securityParameters.serverRandom = createRandomBlock(tlsServer.shouldUseGMTUnixTime(), + tlsServerContext.getSecureRandom(), ExporterLabel.server_random); + this.tlsServer.init(tlsServerContext); this.recordStream.init(tlsServerContext); |