Package io.netty.handler.ssl
Class PseudoRandomFunction
- java.lang.Object
-
- io.netty.handler.ssl.PseudoRandomFunction
-
final class PseudoRandomFunction extends java.lang.ObjectThis pseudorandom function (PRF) takes as input a secret, a seed, and an identifying label and produces an output of arbitrary length. This is used by the TLS RFC to construct/deconstruct an array of bytes into composite secrets. {@link rfc5246}
-
-
Constructor Summary
Constructors Modifier Constructor Description privatePseudoRandomFunction()Constructor never to be called.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description private static byte[]concat(byte[] first, byte[] second)(package private) static byte[]hash(byte[] secret, byte[] label, byte[] seed, int length, java.lang.String algo)Use a single hash function to expand a secret and seed into an arbitrary quantity of output.
-
-
-
Method Detail
-
hash
static byte[] hash(byte[] secret, byte[] label, byte[] seed, int length, java.lang.String algo)Use a single hash function to expand a secret and seed into an arbitrary quantity of output. P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) + HMAC_hash(secret, A(2) + seed) + HMAC_hash(secret, A(3) + seed) + ... where + indicates concatenation. A() is defined as: A(0) = seed A(i) = HMAC_hash(secret, A(i-1))- Parameters:
secret- The starting secret to use for expansionlabel- An ascii string without a length byte or trailing null character.seed- The seed of the hashlength- The number of bytes to returnalgo- the hmac algorithm to use- Returns:
- The expanded secrets
- Throws:
java.lang.IllegalArgumentException- if the algo could not be found.
-
concat
private static byte[] concat(byte[] first, byte[] second)
-
-