Forwarding to dev team as well
---------- Forwarded message ----------
From: Rajeswari K <raji.kotamr...@gmail.com>
Date: Thu, Feb 14, 2013 at 4:58 PM
Subject: Openssl-0.9.8q
To: openssl-us...@openssl.org
Hello Team,
Our project uses openssl to perform ssl handshake and uses hardware crypto
engine to encrypt and decrypt. Once we receive first Encrypted message in
ssl handshake (i.e FINISHED message), we forward it to hardware crypto
engine to decrypt.
When used* openssl0.9.8g* version, and tried to connect from browser
handshake was successful and hardware crypto engine successfully decrypted
the FINISHED message.
When ported with *OPENSSL0.9.8q* version, and tried to connect from browser
handshake is not successful and hardware crypto engine is returning an
error.
After contacting hardware crypto engine team for the reason for failure,
they responded that "AUTH key used at openssl for the MAC calculation is
incorrect/wrong".
Observations :
1) TLS1.0 & SSL3.0 handshakes were successful with OPENSSL0.9.8g
2) SSL3.0 handshake with OPENSSL0.9.8q is successful
3) *TLS1.0* handshake with *OPENSSL0.9.8q is failed*.
Please provide some pointers if anyone come across similar kind of
situation.
Thanks in advance,
Rajeswari.
