Errata 5128: https://www.rfc-editor.org/errata/eid5128 Proposed State: Verified Revision:
Section 5.2. says IMCK[j] = TLS-PRF(S-IMCK[j-1], "Inner Methods Compound Keys", IMSK[j], 60) It should say: IMCK[j] = TLS-PRF(S-IMCK[j-1], "Inner Methods Compound Keys", IMSK[j] | 60) Note: According to RFC5246 The Transport Layer Security (TLS) Protocol Version 1.2 5. HMAC and the Pseudorandom Function "TLS's PRF is created by applying P_hash to the secret as: PRF(secret, label, seed) = P_<hash>(secret, label + seed)" In terms of P_<hash> this would look like the following with the length represented as a 2 byte value in network byte order: IMCK[j] = P_<hash>(S-IMCK[j-1], "Inner Methods Compound Keys" | IMSK[j] | 0x00 | 0x3C)
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu