Comic Sans. Need I say more? On Tue, Dec 26, 2017 at 4:53 AM, Sai Teja Chowdary < asteja.chowdary.ec...@itbhu.ac.in> wrote:
> > > Hi, > > > > Happy Holidays everyone. > > > > I want to send client certificate, client key exchange and client verify > in a single handshake message which appears as multiple handshake messages > in a single record. But to sent the client verify I need to first make a > hash of previous messages(client certificate and client key exchange) to > create the signature. > > > > Can anyone help me to find the function in OpenSSL 1.1.1-dev xx XXX xxxx > (or right procedure that needs to be done before creating a certificate > verify message)that can do a proper transcript(digest or hash not clear). I > tried using *ssl3_finish_mac() *on the message containing client > certificate and client key exchange and then tried to generate the > signature in certificate verify message. > > But it is giving me a digest error. I am new to the mailing list want a > bit of help to proceed forward stuck here. Please reply in case if anything > is not clear. > > > > Here is a code snippet, how I am forming the data containing all client > certificate , client key exchange and certificate verify messages inside > write_state_machine(). > > > > if(WPACKET_init(&pkt, s->init_buf)){ > > //Client certificate formation > > if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL > && !confunc(s,&pkt) || !ssl_close_construct_packet(s,&pkt,mt)){ > > printf("PROBLEM\n"); > > } > > transition(s); //transition to next state i.e client key > exchange > > > > get_construct_message_f(s, &pkt, &confunc, &mt); > > //client key exchange formation > > if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL > && !confunc(s,&pkt) || !ssl_close_construct_packet(s,&pkt,mt)){ > > printf("AGAIN A PROBLEMO\n"); > > } > > > > //ssl3_finish_mac(s, &s->init_buf->data[s->init_off], s->init_num); > > st->write_state_work = post_work(s, st->write_state_work); > > transition(s); // transition to next state i.e certificate > verify > > > > get_construct_message_f(s, &pkt, &confunc, &mt); > > //certificate verify message formation. > > if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL > && !confunc(s,&pkt) || > !ssl_close_construct_packet(s,&pkt,mt)){ > > printf("AGAIN A PROBLEMO\n"); > > } > > WPACKET_finish(&pkt); > > > > > > Please take a look at it, appreciate every bit of help. > > > > Regards, > > Saiteja > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred." - The Mahābhārata
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users