| 91 | } |
| 92 | |
| 93 | function SetupCipher(session, connectionEnd) |
| 94 | { |
| 95 | var random = session.serverRandom; |
| 96 | random = random.concat(session.clientRandom); |
| 97 | var chosenCipher = session.chosenCipher; |
| 98 | var macSize = chosenCipher.encryptionMode == GCM ? 0 : chosenCipher.hashSize; |
| 99 | var ivSize = session.protocolVersion <= 0x301 ? chosenCipher.cipherBlockSize : (chosenCipher.saltSize || 0); |
| 100 | var nbytes = chosenCipher.cipherKeySize * 2 + macSize * 2 + ivSize * 2; |
| 101 | var keyBlock = PRF(session, session.masterSecret, "key expansion", random, nbytes); |
| 102 | var s = new SSLStream(keyBlock); |
| 103 | var o = {}; |
| 104 | if (connectionEnd) { |
| 105 | if (macSize > 0) { |
| 106 | o.macSecret = s.readChunk(macSize); |
| 107 | void s.readChunk(macSize); |
| 108 | } |
| 109 | o.key = s.readChunk(chosenCipher.cipherKeySize); |
| 110 | void s.readChunk(chosenCipher.cipherKeySize); |
| 111 | if (ivSize > 0) |
| 112 | o.iv = s.readChunk(ivSize); |
| 113 | else |
| 114 | o.iv = undefined; |
| 115 | setupSub(o, chosenCipher); |
| 116 | session.clientCipher = o; |
| 117 | } |
| 118 | else { |
| 119 | if (macSize > 0) { |
| 120 | void s.readChunk(macSize); |
| 121 | o.macSecret = s.readChunk(macSize); |
| 122 | } |
| 123 | void s.readChunk(chosenCipher.cipherKeySize); |
| 124 | o.key = s.readChunk(chosenCipher.cipherKeySize); |
| 125 | if (ivSize > 0) { |
| 126 | void s.readChunk(ivSize); |
| 127 | o.iv = s.readChunk(ivSize); |
| 128 | } |
| 129 | else |
| 130 | o.iv = undefined; |
| 131 | setupSub(o, chosenCipher); |
| 132 | session.serverCipher = o; |
| 133 | } |
| 134 | } |
| 135 | |
| 136 | export default SetupCipher; |