11/*
2- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
2+ * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
33 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44 *
55 * This code is free software; you can redistribute it and/or modify it
3434import sun .security .ssl .CipherSuite .HashAlg ;
3535
3636final class SSLSecretDerivation implements SSLKeyDerivation {
37+
38+ /*
39+ * Performance optimization:
40+ *
41+ * Derive-Secret(Secret, Label, Messages) =
42+ * HKDF-Expand-Label(..., Transcript-Hash(""), ...);
43+ *
44+ * Hardcode tha Transcript-Hash("") result and skip a digest operation.
45+ */
3746 private static final byte [] sha256EmptyDigest = new byte [] {
3847 (byte )0xE3 , (byte )0xB0 , (byte )0xC4 , (byte )0x42 ,
3948 (byte )0x98 , (byte )0xFC , (byte )0x1C , (byte )0x14 ,
@@ -45,6 +54,7 @@ final class SSLSecretDerivation implements SSLKeyDerivation {
4554 (byte )0x78 , (byte )0x52 , (byte )0xB8 , (byte )0x55
4655 };
4756
57+ // See above.
4858 private static final byte [] sha384EmptyDigest = new byte [] {
4959 (byte )0x38 , (byte )0xB0 , (byte )0x60 , (byte )0xA7 ,
5060 (byte )0x51 , (byte )0xAC , (byte )0x96 , (byte )0x38 ,
@@ -68,7 +78,6 @@ final class SSLSecretDerivation implements SSLKeyDerivation {
6878 HandshakeContext context , SecretKey secret ) {
6979 this .secret = secret ;
7080 this .hashAlg = context .negotiatedCipherSuite .hashAlg ;
71- String hkdfAlg = "HKDF-Expand/Hmac" + hashAlg .name .replace ("-" , "" );
7281 context .handshakeHash .update ();
7382 this .transcriptHash = context .handshakeHash .digest ();
7483 }
@@ -141,7 +150,7 @@ private enum SecretSchedule {
141150
142151 private final byte [] label ;
143152
144- private SecretSchedule (String label ) {
153+ SecretSchedule (String label ) {
145154 this .label = ("tls13 " + label ).getBytes ();
146155 }
147156 }
0 commit comments