Hi All, I am doing the following to calculate MAC as per SSL v3 handshake:
printf("\nRESULT: Plain Record encryption:\n"); for ( i = 0; i < rec_len; i ++) printf("%x ", rec[i]); total_length = rec_len + 16 /* 16 is the size of MAC */ s2n(tot_len, p); MD5_Init(&ctx); MD5_Update(&ctx,ssl->wMACptr,16); /* Doubtful here. wMACptr is Write MAC key of the client. However, i am not sure whether to use wMACkey or do a RC4_set_key(wMACptr...) and then use the result */ MD5_Update(&ctx,pad_1_md5,48); /* The following sequence is only for 2 digit sequence number as of now but the total sequence number is 8 bytes unsigned char representation */ seq[0] = (ssl->write_seq & 0xff00)>>8; seq[1] = ssl->write_seq & 0xff; MD5_Update(&ctx, seq, 8); ihash[0] = 0; MD5_Update(&ctx, ihash, 1); ihash[0] = (rec_len & 0xff00) >>8; ihash[1] = rec_len & 0xff; MD5_Update(&ctx, ihash, 2); MD5_Update(&ctx, rec, rec_len); MD5_Final(dgst,&ctx); //MD5_Init(&ctx); MD5_Update(&ctx,ssl->wMACptr,16); MD5_Update(&ctx,pad_2_md5,48); MD5_Update(&ctx,dgst,16); MD5_Final(dgst,&ctx); printf("\n\nRESULT: MAC Calculated:\n"); for ( i = 0; i < 16; i ++) printf("%x ", dgst[i]); for ( i = 0; i < rec_len; i ++) *p++ = rec[i]; for (i = 0; i < 16; i ++) *p++ = dgst[i]; printf("\nINFO: Record Unencrypted:\n"); for ( i = 5; i < tot_len + 5; i ++) printf("%x ", buf[i]); Does the calculation of MD5 (stream cipher is used in this case, RC4-128), require a separate RC4_set_key() function to be used on ssl->wMACptr (Write MAC key of client)? I just modified Wireshark to print all the keys etc during SSL packet sniffing, and it uses 64 byte key material. However, my Write MAC key, Read MAC key, Write Key, Read Key are all fine as per comparison I am implementing an opensource ssl fuzzing client without using openssl libraries extensively Thanks for your help in advance, and Regards, Suchindra Chandrahas ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]