Rusdy13 wrote, On 2008-11-12 02:25: > I've been developing a web server (research) based on ssl version 3 doc > (ssl-version3-02.txt), choosing cipher suite 0x000a (ssl-tripleDes-sha) and > using firefox browser to test the program. > > It works successfully from client hello until server finished (handshake > protocol). All key materials (MAC secrets, cihper secrets and initial > vectors) seem to be correctly produced. > > But, there is a problem when it tries to process the first application data > sent by firefox (decrypting the data). The first block (8-bytes) of the > result (plain text) is meaningless (the rest blocks are correct). I suspect > that the initialization vectors used is this program is different than the > one used by firefox(client). > > Is there anyone can share or explain why it can happen, because it uses the > same key and IV when verifying the client finished message successfully.
Are you using the same IV for each record? If so, see RFC 2246, page 20, last paragraph. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
