Ok thanks, and this HMACs keys are used to forge TLS Record Layer : Hanshake Protocol : Encrypted Hanshake Message HMACs(shared secret+DAta). Is it used to control integrity of the TLS Handshake packet ?
Not for ensuring the integrity of the TLS Handshake packets, but for ensuring the integrity of the application data exchanged after the handshake: All TLS cipher suites which can be negotiated, even the ones with no data encryption, use HMACs. The suite TLS_NULL_WITH_NULL_NULL without HMACs, which is the inital state at the first handshake, can't be negotiated: see RFC 2246, p.54.
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
