Hi All,
ClientFinished message has 2 hashes (md5 and
sha1) of "All Handshake Messages" till that but not
including ClientFinished message itself. In a
Handshake message, i notice that there are two
sections:
1. Record Layer Header (16 03 00...)
2. Handshake Protocol (<handshake type>, <length of
handshake message> <ssl version> <handshake message>)
In the RFC for ssl v3, i notice that we should not use
the record layer headers in calculating ClientFinished
message Hashes. So should i take the second one
mentioned above (with Handshake Type, Length, SSL
Version and the message) or should i consider only the
Handshake Message (the last part of 2. above)?
Thanks a lot and Regards,
Suchindra Chandrahas
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
