Hello all, I needed some help on how to verify the client finished handshake message. I get a encrypted client finished message on the server(java based). The negotiated cipher suite is TLS_RSA_WITH_RC4_128_MD5
Using the rc4 cipher and the "client write key" I am able to decrypt the message Decrypted message ***************** " 20 0 0 12 35 -44 66 13 -3 97 -2 68 57 -33 124 13 -49 93 20 -61 -78 -22 -111 -87 110 -88 -86 -127 -32 -56 -62 105 " The last 16 bytes are the MAC. Could someone tell me how do I verify this MAC? Do I create the HMAC_MD5 of the entire TLS record,starting from content type(22)? TIA. Regards, Avinash - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html