The encrypted pre-master secret is one of those variable length vector
thingy's and so has its length prepended to it.
>From rfc2246, section 4.7:
A public-key-encrypted element is encoded as an opaque vector
<0..2^16-1>
>From section 7.4.7.1:
struct {
public-key-encrypted PreMasterSecret pre_master_secret;
} EncryptedPreMasterSecret;
-----
Greg Stark, [EMAIL PROTECTED]
Ethentica, Inc.
www.ethentica.com
----- Original Message -----
From: "Mohammed SADIQ" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, January 10, 2001 7:37 AM
Subject: SSL - Can some enlighten me?
> Hi,
>
> Can somebody help me with understanding SSL better?
>
> (1) When a client is sending a 'Client Key Exchange' Handshake Message,
the data which is being sent to the server is 10 00 00 82 00 80 <128 bytes
of Encrypted Premaster Secret>
>
> PROBLEM: I am not able to understand why '00 80' is used in the above
Handshake Message. The structure of a 'Client Key Exchange', from what I
understand is as follows:
> TYPE: 1 Byte, here 10h (16, Handshake type for ClientKeyExchange)
> LENGTH: 3 bytes
> ENCRYPTED PREMASTER SECRET: Depends on the Cipher Suite negotiated. In my
case the negotiated cipher suite is SSL_RSA_WITH_RC4_128_SHA.
>
> Without much strain on my brain, I realised that 00 80 is the length of
the data(the 'actual' Encrypted Premaster Secret) which is going as part of
the handshake message(here, the Encrypted Premaster Secret). But it is not
mentioned anywhere in the SSL documents that the encrypted premaster secret
has to be pre-pended by the length of the encrypted premaster secret(00 80,
in this case). Please note that there is already the 3 byte length of the
handshake message in the Data(00 00 82, in this case).
>
> (2) During the sending of 'Handshake Finished' message, the client as part
of data, considered
> 14 00 00 0C 4B 7F A0 F1 CF 0F 9E 93 27 03 C8 49 to compute the MD5 and SHA
digests.
>
> According to the SSL, the 'Finished Message' will contain the hashed
result of "all the previous SSL handshake messages exchanged during the
session" + other things like 'sender's role', 'master secret', 'padding'
which is understood.
>
> PROBLEM: I am not able to correlate the last 12 bytes(4B 7F A0 F1 CF 0F 9E
93 27 03 C8 49) of the 'Handshake Finished' with the exchanged handshake
messages. I think the first byte, 14h = Handshake message type(Handshake
Finished), and the next 3 bytes, 00 00 0C is the length of the data(4B 7F A0
F1 CF 0F 9E 93 27 03 C8 49). Can somebody enlighten me as to what these 12
bytes are? I tried for these bytes in all the Handshake Messages, but
couldn't find them.
>
> Thanks & Regards
>
> ----------
> When you steal from one author, it's plagiarism;
> if you steal from many, it's research.
> - Wilson Mizner
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
