Avinash Agarwal wrote: > Hello all, > > I needed some help on how to verify the client finished handshake message. > I get a encrypted client finished message on the server(java based). > The negotiated cipher suite is TLS_RSA_WITH_RC4_128_MD5 > > Using the rc4 cipher and the "client write key" I am able to decrypt the > message > Decrypted message > ***************** > " > 20 0 0 12 35 -44 66 13 -3 97 -2 68 57 -33 124 13 -49 93 20 -61 -78 -22 -111 > -87 110 -88 -86 > -127 -32 -56 -62 105 > " > The last 16 bytes are the MAC. Could someone tell me how do I verify this > MAC?
This verify the data fragment of the finished message. For more info on the data fragment, please refer to paragraph 6.2.3. of RFC 2246, it explains that better than me :) > Do I create the HMAC_MD5 of the entire TLS record,starting from content > type(22)? > Yes, look to the following formula: The MAC is generated as: HMAC_hash(MAC_write_secret, seq_num + TLSCompressed.type + TLSCompressed.version + TLSCompressed.length + TLSCompressed.fragment)); You can refer to 6.2.3.1. of RFC 2246 for more details P.S. the seq_num is 0 in the Finished mesage. Badra > > TIA. > > Regards, > Avinash > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html