Thanks to Eric Young and Dr. Stephen Henson for replying to my query. Both referred me to some test vectors from RFC 2104 (HMAC algorithm). However, unless I'm mistaken, the HMAC algorithm documented in RFC 2104 is different from the SSL MAC algorithm as documented in The SSL Protocol Version 3.0, 18-Nov-96. HMAC xors the secret key with a known byte pattern, whereas SSL MAC appends the secret key with a known byte pattern. HMAC can also have variable length keys, whereas SSL MAC requires the key to be to same length as the hash length. I guess I can assume that my implementation is right, generate my own test vectors, and as soon as someone files a bug regarding "connection dropped, bad MAC", I can revisit the issue! +-------------------------------------------------------------------------+ | Administrative requests should be sent to [EMAIL PROTECTED] | | List service provided by Open Software Associates, http://www.osa.com/ | +-------------------------------------------------------------------------+
