Thank Nelson, it work... Actually I already read rfc2246 and others many times, switch from ssl to tls v1.0 back and fort, tried rc4, and even got worse.
Rusdy Nelson B Bolyard wrote: > Rusdy13 wrote, On 2008-11-12 02:25: > > I've been developing a web server (research) based on ssl version 3 doc > > (ssl-version3-02.txt), choosing cipher suite 0x000a (ssl-tripleDes-sha) and > > using firefox browser to test the program. > > > > It works successfully from client hello until server finished (handshake > > protocol). All key materials (MAC secrets, cihper secrets and initial > > vectors) seem to be correctly produced. > > > > But, there is a problem when it tries to process the first application data > > sent by firefox (decrypting the data). The first block (8-bytes) of the > > result (plain text) is meaningless (the rest blocks are correct). I suspect > > that the initialization vectors used is this program is different than the > > one used by firefox(client). > > > > Is there anyone can share or explain why it can happen, because it uses the > > same key and IV when verifying the client finished message successfully. > > Are you using the same IV for each record? > If so, see RFC 2246, page 20, last paragraph. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto