Re: Regarding construction of MasterSecret in ssl v3 handshake

Thu, 13 Dec 2007 06:17:33 -0800 

Hi Jimmy,
                     RFC-2246 is for TLS v1. However, i am going for SSL v3. I 
don't know whether there is any function for the same. I went through 
ssl3_enc.c in openssl code:

int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
             int len)
        {
        static const unsigned char *salt[3]={
#ifndef CHARSET_EBCDIC
                (const unsigned char *)"A",
                (const unsigned char *)"BB",
                (const unsigned char *)"CCC",
#else
                (const unsigned char *)"\x41",
                (const unsigned char *)"\x42\x42",
                (const unsigned char *)"\x43\x43\x43",
#endif
                };
        unsigned char buf[EVP_MAX_MD_SIZE];
        EVP_MD_CTX ctx;
        int i,ret=0;
        unsigned int n;

        EVP_MD_CTX_init(&ctx);
        for (i=0; i<3; i++)
                {
                EVP_DigestInit_ex(&ctx,s->ctx->sha1, NULL);
                EVP_DigestUpdate(&ctx,salt[i],strlen((const char *)salt[i]));
                EVP_DigestUpdate(&ctx,p,len);
                EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
                        SSL3_RANDOM_SIZE);
                EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]),
                        SSL3_RANDOM_SIZE);
                EVP_DigestFinal_ex(&ctx,buf,&n);

                EVP_DigestInit_ex(&ctx,s->ctx->md5, NULL);
                EVP_DigestUpdate(&ctx,p,len);
                EVP_DigestUpdate(&ctx,buf,n);
                EVP_DigestFinal_ex(&ctx,out,&n);
                out+=n;
                ret+=n;
                }
        EVP_MD_CTX_cleanup(&ctx);
        return(ret);
        }


I guess *p above is pointer to premaster secret. I am doing the same thing 
here, only that EVP_Digest_Update is replaced MD5_Update/SHA_Update. I am not 
still sure whether my algorithm is correct or not!

Thanks and Regards,
Suchindra Chandrahas




jimmy bahuleyan <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote:
> Hi Jimmy,
>                     Yes i changed the no. of bytes to 32 (both client
> and server random). Also, is it ok to use openssl tls1_prf for ssl v3
> handshake?
> 

if you only want to do the prf calculation tls1_PRF() does just that for
you. It does the PRF as specified in rfc-2246, if that is what you have
in mind tls1_PRF() should work.

-jb
-- 
Don't have a sig to call my own; care to donate a fortune?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]


       
---------------------------------
Never miss a thing.   Make Yahoo your homepage.

Reply via email to