主密钥计算master_secret = PRF(pre_master_secret, "master secret",

            ClientHello.random + ServerHello.random)

      PRF算法:

PRF(secret, label, seed) =

P_MD5(S1, label + seed) XORP_SHA-1(S2, label + seed);

其中P_hash( )函数定义如下:

P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +

HMAC_hash(secret, A(2) + seed) +

HMAC_hash(secret, A(3) + seed) + ...

   此处 + 表示连接。

   A() is defined as:

       A(0) = seed

       A(i) = HMAC_hash(secret, A(i-1))

P_hash(secret, seed)可以迭代任意多次,用以获得所需数量的数据,因为SHA-1处理20字节的输出,主密钥一般都是48字节,所以这里取到A(3)产生60字节的输出,而12字节将会抛弃,只留下48字节的数据。同理MD5处理16字节输出也需要取到A(3)

label”是一个ASCII的字符串,本例中为"master secret",即:

6d 61 73 74 65 72 20 73 65 63 72 65 74

S1S2是密文的等长的两个部分,S1取自密文第一部分,S2为第二部分,本例中各为240x01.

1.     计算key_block

key_block = PRF(SecurityParameters.master_secret,"key expansion",                          SecurityParameters.server_random +SecurityParameters.client_random);

key expansionASCII字符串是:

6B 65 79 20 65 78 70 61 6E 73 69 6F 6E

从而产生密码素材:

client_write_MAC_secret = key_block[0..15]

server_write_MAC_secret = key_block[16..31]

client_write_key = key_block[32..36]

server_write_key = key_block[37..41]

2.     计算得到密钥

final_client_write_key  = PRF(client_write_key,

                          "client write key",

                          client_random +

                          server_random)[0..15]

client write keyASCII字符串为:

63 6c 69 65 6e 74 20 77 72 69 74 65 5f 6b 65 79

final_server_write_key  = PRF(server_write_key,

                           "server write key",

                           client_random +

                           server_random)[0..15]

server write keyASCII字符串为:

73 65 72 76 65 72 20 77 72 69 74 65 5F 6B 65 79

iv_block= PRF("", "IV block",client_random +server_random)[0..15]

client_write_IV = iv_block[0..7]

server_write_IV = iv_block[8..15]

IV blockASCII字符串为:

49 56 2062 6C 6F 63 6B

          后根据主密钥计算的到6个实际使用的密 钥:client_write_MAC_secretserver_write_MAC_secretclient_write_keyserver_write_keyclient_write_IVserver_write_IV