The Record Protocol requires an algorithm to generate keys, IVs, and
MAC secrets from the security parameters provided by the handshake
The master secret is hashed into a sequence of secure bytes, which
are assigned to the MAC secrets, keys, and non-export IVs required by
the current connection state (see Appendix A.6). CipherSpecs require
a client write MAC secret, a server write MAC secret, a client write
key, a server write key, a client write IV, and a server write IV,
which are generated from the master secret in that order. Unused
values are empty.
When generating keys and MAC secrets, the master secret is used as an
entropy source, and the random values provide unencrypted salt
material and IVs for exportable ciphers.
To generate the key material, computer
key_block = PRF(SecurityParameters.master_secret,
until enough output has been generated. Then the key_block is
partitioned as follows: ......... (RFC2246 6.3 Key Calcurationより)