Hello, > I have a general question about RSA Key Block. Maybe key_material is more precise.
> The output of PRF with the master_secret to give us many keys. It > includes: client_write_MAC_secret, server_wriet_MAC_secret, > client_write_key, server_write_key, client_write_IV, server_write_IV. > Could you Please verify what I think about how four of these keys > being use correcly: > > 1) SSL record format: Length + Data + MAC ( in general) : client----> > server > > client_write_MAC_secret is used to encrypted the MAC portion > message from client---->server > client_write_key is used to encrypted the Data portion message > from client----> server SSL data record is build from ssl_record_header, application_data and MAC where application_data and MAC is encrypted. When writing packet from client to server first thing is to calculate MAC data, but in TLS1 this is not simple SHA1() or MD5() but HMAC_SHA1() or HMAC_MD5(). This functions requires some key (client_write_MAC_secret in this case) and data to calculate MAC. In this case data is: data = write_seq_num + proto + version + application_data_len + application_data and than, MAC is calculated as (for SHA1): MAC = HMAC_SHA1(client_write_MAC_secret, data) This MAC is concatenated to application_data, some padding is added too and all this is encrypted using client_write_key (with IV for CBC). > 2) SSL record format: Length + Data + MAC ( in general) : server----> > client > > servert_write_MAC_secret is used to encrypted the MAC portion > message from server----> client > client_write_key is used to encrypted the Data portion message > from server----> client Like above but with different keys. > 3) Data from Sever to Client is encrypted with different key from > Client to Server ???. Yes. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]