Avinash Agarwal wrote:
> Hello all,
>
> I needed some help on how to verify the client finished handshake message.
> I get a encrypted client finished message on the server(java based).
> The negotiated cipher suite is TLS_RSA_WITH_RC4_128_MD5
>
> Using the rc4 cipher and the "client write key" I am able to decrypt the
> message
> Decrypted message
> *****************
> "
> 20 0 0 12 35 -44 66 13 -3 97 -2 68 57 -33 124 13 -49 93 20 -61 -78 -22 -111
> -87 110 -88 -86
> -127 -32 -56 -62 105
> "
> The last 16 bytes are the MAC. Could someone tell me how do I verify this
> MAC?
This verify the data fragment of the finished message. For more info on the data
fragment, please refer to paragraph 6.2.3. of RFC 2246, it explains that better
than me :)
> Do I create the HMAC_MD5 of the entire TLS record,starting from content
> type(22)?
>
Yes, look to the following formula:
The MAC is generated as:
HMAC_hash(MAC_write_secret, seq_num + TLSCompressed.type +
TLSCompressed.version + TLSCompressed.length +
TLSCompressed.fragment));
You can refer to 6.2.3.1. of RFC 2246 for more details
P.S. the seq_num is 0 in the Finished mesage.
Badra
>
> TIA.
>
> Regards,
> Avinash
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
