MAC Calculation help needed

Suchindra Chandrahas Mon, 17 Dec 2007 19:39:48 -0800

Hi All,
             I am doing the following to calculate MAC
as per SSL v3 handshake:


        printf("\nRESULT: Plain Record encryption:\n");
                for ( i = 0; i < rec_len; i ++)
                        printf("%x ", rec[i]);

                total_length = rec_len + 16
                /* 16 is the size of MAC */

                s2n(tot_len, p);
                MD5_Init(&ctx);
                MD5_Update(&ctx,ssl->wMACptr,16);
/* Doubtful here. wMACptr is Write MAC key of the
client. However, i am not sure whether to use wMACkey
or do a RC4_set_key(wMACptr...) and then use the
result */
                MD5_Update(&ctx,pad_1_md5,48);


                /* The following sequence is only for 2 digit
sequence number as of now 
                   but the total sequence number is 8 bytes
unsigned char representation */

                seq[0] = (ssl->write_seq & 0xff00)>>8;
                seq[1] = ssl->write_seq & 0xff;
                MD5_Update(&ctx, seq, 8);

                ihash[0] = 0;
                MD5_Update(&ctx, ihash, 1);


                ihash[0] = (rec_len & 0xff00) >>8;
                ihash[1] = rec_len & 0xff;
                MD5_Update(&ctx, ihash, 2);
                MD5_Update(&ctx, rec, rec_len);
                MD5_Final(dgst,&ctx);
                //MD5_Init(&ctx);
                
                MD5_Update(&ctx,ssl->wMACptr,16);
                MD5_Update(&ctx,pad_2_md5,48);
                MD5_Update(&ctx,dgst,16);
                MD5_Final(dgst,&ctx);


                printf("\n\nRESULT: MAC Calculated:\n");
                for ( i = 0; i < 16; i ++)
                        printf("%x ", dgst[i]);

                for ( i = 0; i < rec_len; i ++)
                        *p++ = rec[i];
                for (i = 0; i < 16; i ++)
                        *p++ = dgst[i];

                printf("\nINFO: Record Unencrypted:\n");
                for ( i = 5; i < tot_len + 5; i ++)
                        printf("%x ", buf[i]);

Does the calculation of MD5 (stream cipher is used in
this case, RC4-128), require a separate RC4_set_key()
function to be used on ssl->wMACptr (Write MAC key of
client)?

I just modified Wireshark to print all the keys etc
during SSL packet sniffing, and it uses 64 byte key
material. However, my Write MAC key, Read MAC key,
Write Key, Read Key are all fine as per comparison

I am implementing an opensource ssl fuzzing client
without using openssl libraries extensively

Thanks for your help in advance, and Regards,
Suchindra Chandrahas


      
____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

MAC Calculation help needed

Reply via email to