On Fri, Feb 8, 2013 at 12:11 AM, T J jordan.tre...@gmail.com wrote:
TLS keying material exporter, i.e., SSL_export_keying_material(), will
make your life much easier if you are just looking for a mechanism to
derive suitable keys for other uses assuming you are using recent
enough OpenSSL.
On Thu, Feb 07, 2013 at 08:00:42PM +1300, Trevor Jordan wrote:
It is bad practice to clone keys. You should also not depend on
OpenSSL negotiating a particular algorithm. OpenSSL's key are
for the OpenSSL session only. Keys for your application should
be the result of a suitably independent
s-s3-tmp.key_block
s-s3-tmp.key_block_length
I think, these are the variables you are looking for.. Memory for the
key_block is allocated in ssl3_setup_key_block() or tls1_setup_key_block()
functions. Key Block contains keys and IVs in the following order as
specified in RFC.
client write
On Thu, Feb 7, 2013 at 9:00 AM, Trevor Jordan jordan.tre...@gmail.com wrote:
From what I understand so far, the KeyBlock is the place to look for the
key? It's just a matter of getting the sizes and order of the individual
Keys and IV's so that I can extract the bits I need. Any pointers in
From what I understand so far, the KeyBlock is the place to look for the
key? It's just a matter of getting the sizes and order of the individual
Keys and IV's so that I can extract the bits I need. Any pointers in that
area?
While it is technically possible to extract keys (search for
Sorry to keep hammering away at this, but I think I am missing something
here.
OpenSSL does all this for a TLS connection anyway right? I mean, after a
handshake, encryption keys, IV's etc are generated so that the TLS
connection can use them for encrypting/decrypting data. Surely I
On Thu, Feb 07, 2013 at 11:12:13AM +1300, T J wrote:
Sorry to keep hammering away at this, but I think I am missing
something here.
OpenSSL does all this for a TLS connection anyway right? I mean,
after a handshake, encryption keys, IV's etc are generated so that
the TLS connection can use
On 7/02/2013 7:11 p.m., Viktor Dukhovni wrote:
On Thu, Feb 07, 2013 at 11:12:13AM +1300, T J wrote:
Sorry to keep hammering away at this, but I think I am missing
something here.
OpenSSL does all this for a TLS connection anyway right? I mean,
after a handshake, encryption keys, IV's etc are
On Wed, Jan 30, 2013 at 06:15:27PM +, Viktor Dukhovni wrote:
If the OP does not mind potential future binary compatibility
issues, and is willing to use non-public interfaces, then
the master secret can be accessed via:
SSL *ssl;
/* ... */
SSL_SESSION *sess =
On Fri, Feb 01, 2013 at 10:05:15AM +1300, T J wrote:
These are sufficient to generate a session unique key via a suitable KDF
salted with an application-specific string.
OK, great. So I get the master key and run it through the a KDF and
I get a 256 bit encryption key for use in my
On 1/30/2013 6:42 AM, Viktor Dukhovni wrote:
On Wed, Jan 30, 2013 at 05:29:51PM +1300, T J wrote:
How does one obtain the session key from a SSL structure after a
successful TLS handshake?
You don't, but, you shold instead obtain the tls-unique channel
binding data (
On Wed, Jan 30, 2013 at 07:03:09PM +0100, Jakob Bohm wrote:
You don't, but, you shold instead obtain the tls-unique channel
binding data ( https://tools.ietf.org/html/rfc5929#section-3 ) and
run the result through a KDF (HKDF should work well) on both ends
to obtain a suitable key for a
On 1/30/2013 7:15 PM, Viktor Dukhovni wrote:
On Wed, Jan 30, 2013 at 07:03:09PM +0100, Jakob Bohm wrote:
You don't, but, you shold instead obtain the tls-unique channel
binding data ( https://tools.ietf.org/html/rfc5929#section-3 ) and
run the result through a KDF (HKDF should work well) on
How does one obtain the session key from a SSL structure after a
successful TLS handshake?
I'm planning to implement a TLS connection to do nothing more than
authenticated key agreement. Once I've established the connection I plan
to somehow extract a AES256 key (from the session key?),
On Wed, Jan 30, 2013 at 05:29:51PM +1300, T J wrote:
How does one obtain the session key from a SSL structure after a
successful TLS handshake?
You don't, but, you shold instead obtain the tls-unique channel
binding data ( https://tools.ietf.org/html/rfc5929#section-3 ) and
run the result
15 matches
Mail list logo