Hello,
I went thru paragraph 6.2.3. of RFC 2246.
I tried to verify the MAC ,but I'm still unable to do it.
I've written the steps that I have performed.
1) I get the following data after decrypting the
client finshed handshake
"
20 0 0 12 35 -44 66 13 -3 97 -2 68 57 -33 124
13 -49 93 20 -61 -78 -22 -111 -87 110 -88 -86
-127 -32 -56 -62 105
"
2) The MAC from this is the last 16 bytes i.e.
"
-49 93 20 -61 -78 -22 -111 -87 110 -88 -86
-127 -32 -56 -62 105
"
3) I do a HMAC_MD5 with the following contents and
"client write mac" as the key
HMAC_MD5{"client write mac",
{ Seq no = 0 +
Type = 22 +
Version = 0x0301 +
Length = 16 +
Fragment = "
20 0 0 12 35 -44 66 13 -3
97 -2 68 57 -33 124 13
"
which I get after decrypting
}
Shouldn't the output of the above be the same as the MAC obtained
after decrypting the client finished handshake?
My output is different.
Could you please help me in pointing out the possible problems?
TIA.
Regards,
Avinash
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mohamad
Badra
Sent: Tuesday, August 03, 2004 11:32 PM
To: [EMAIL PROTECTED]
Subject: Re: verify client finished handshake message
Avinash Agarwal wrote:
> Hello all,
>
> I needed some help on how to verify the client finished handshake message.
> I get a encrypted client finished message on the server(java based).
> The negotiated cipher suite is TLS_RSA_WITH_RC4_128_MD5
>
> Using the rc4 cipher and the "client write key" I am able to decrypt the
> message
> Decrypted message
> *****************
> "
> 20 0 0 12 35 -44 66 13 -3 97 -2 68 57 -33 124 13 -49 93 20 -61 -78 -22
-111
> -87 110 -88 -86
> -127 -32 -56 -62 105
> "
> The last 16 bytes are the MAC. Could someone tell me how do I verify this
> MAC?
This verify the data fragment of the finished message. For more info on the
data
fragment, please refer to paragraph 6.2.3. of RFC 2246, it explains that
better
than me :)
> Do I create the HMAC_MD5 of the entire TLS record,starting from content
> type(22)?
>
Yes, look to the following formula:
The MAC is generated as:
HMAC_hash(MAC_write_secret, seq_num + TLSCompressed.type +
TLSCompressed.version + TLSCompressed.length +
TLSCompressed.fragment));
You can refer to 6.2.3.1. of RFC 2246 for more details
P.S. the seq_num is 0 in the Finished mesage.
Badra
>
> TIA.
>
> Regards,
> Avinash
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
