Hi Marek
Last year, you wrote that
If you add to server initialization routine something like:
> RSA *rsa;
> rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
> if (!SSL_CTX_set_tmp_rsa(SSL_context,rsa)){
> ExitPostmaster(1);
> }
> RSA_free(rsa);
So this routine is only called one time ??? Cost ?? So FOR ALL OF THE
SESSION, THE SAME temp rsa above is used to encrypted the
pre_master_secret from client to server and decrypted. But because of
pre_master_secret, client_random and server_random are different for
each sessions, so the symmetric encryption is different for each
session. Is this correctly what I am thinking ?? How about
RSA_generate_key(1024,RSA_F4,NULL,NULL) ??
Thank You
TD
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Thursday, March 15, 2007 14:03
To: openssl-users@openssl.org
Subject: RE: Root Certificates dir
Hello,
> I have to interface with a client running
> TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means:
>
> 1) Authentification with RSA
> 2) Key exchange RSA
> 3) Encrytion 3DES_EDE_CBC
> 4) Digest SHA1
I agree.
> My question is how do they get Key exchange if they not using DH ??
> Another thought is that:
> 1)Client will send Random number in ClientHello.
> 2)Server will response with another Random in ServerHello.
> 3) Client send PreMaster Secret encrypt with Server's public key.
> 4) This PreMaster Secret is used to encrypt data
Yes, pre_master_secret (48 bytes) is generated on client with PRNG (to
be more specific, first two bytes of this pre_master_secret should be
protocol version, eg. 0x0300 for SSL3 and next 46 bytes should be random
data). client_random and server_random are generated on client and
server and are 32 bytes long with first four bytes created from actual
time and 28 bytes from PRNG (this may differ when SSL2 client_hello is
sent to SSL3/TLS1 server).
Pre_master_secret encrypted on client is sent to server and decrypted.
Based on this data (pre_master_secret, client_random and server_random)
both sides generate so called key_material with special algorithms
(using mostly MD5/SHA1 and XOR). Key_material may be any size, something
like PRNG algorithms.
Next key_material is used as keys to symmetric encryption algorithms
(des/aes) and digest functions (sha1/md5/hmac).
> Please very my thought is correctly . DH is not involved at all ??? I
> always think that DH have to be involved when using symmetric key.
Yes, in this case DH is not used.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
