5.1.2 Generating the Licensing Encryption and MAC Salt Keys

Both the client and the server use the licensing encryption key when necessary to encrypt and decrypt licensing message data. Both the client and the server use the method described in this section to generate the licensing encryption key. The key generating procedure is described as follows. Note that the "+" symbol is used in the following procedure to represent concatenation of the keys.

1. The client and server random values and the decrypted premaster secret are first used to generate a 384-bit master secret, as follows. Note that SHA-1 hash is used.

    SaltedHash(S, I) = MD5(S + SHA-1 (I + S + ClientRandom + ServerRandom))
    PreMasterHash(I) = SaltedHash(PremasterSecret, I)
    MasterSecret = PreMasterHash('A') + PreMasterHash('BB')
                   + PreMasterHash('CCC')
   

2. A 384-bit SessionKeyBlob is generated.

    SaltedHash2(S, I) = MD5(S + SHA-1 (I + S + ServerRandom + ClientRandom))
     
    MasterHash(I) = SaltedHash2(MasterSecret, I)
    SessionKeyBlob = MasterHash('A') + MasterHash('BB')
                     + MasterHash('CCC')
   

3. The first 128 bits of the SessionKeyBlob are used to generate the MAC salt key.

    MAC-salt-key = First128Bits(SessionKeyBlob)
   

4. The MAC salt key is used to generate the MAC checksum that the recipient uses to check the integrity of the licensing message.

5. The licensing encryption key is derived from the SessionKeyBlob. Note that the "+" symbol is used in the following procedure to represent concatenation of the keys.

    FinalHash(K) = MD5(K + ClientRandom + ServerRandom)
    LicensingEncryptionKey = FinalHash(Second128Bits(SessionKeyBlob))