Wan-Teh Chang wrote:
Without looking at your code, I'm afraid that we won't be able to help much.
Yes, I know it's difficult to guess what I may have done. That's why I
provide in attachment a patch supposed to provide a "new" cipher named
MYC as MYCipher. It is actually SEED.
You probably won't have time to look at it but... who knows ?
You can use the NSS command-line tool 'ssltap' to inspect the SSL handshake
messages: http://www.mozilla.org/projects/security/pki/nss/tools/ssltap.html
You only need to capture the ClientHello and ServerHello messages (the
first two messages of a handshake).
You can also write a simple program that iterate over the SSL_ImplementedCiphers
array (the array size is SSL_NumImplementedCiphers) and see if your cipher is
in it.
Ok, I'll look into that.
What I really don't understand is that in ssltap, I modified
TLS-RSA-SEED-CBC-SHA (0x000096) by 0x000296 and MYC is 0x000196. I did
the same thing in sslproto.h.
When I build successfully and then run selfserv -c :0196 or :0296 it
fails whereas it still works with :0096. In my opinion, it is not
supposed to work anymore, that's why I'm confused. And if I grep -irn
0096 I find 0 occurrence.
How is that possible ? And because it still works with :0096, I believe
I've forgotten to do something in my patch.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto