> Sorry, I don't have much knowledge of the SSL API's. So have to rely on the > published Standards: > According to http://www.ietf.org/rfc/rfc2246.txt, below is an example of > calculating overhead: > > "Example: If the block length is 8 bytes, the content length > (TLSCompressed.length) is 61 bytes, and the MAC length is 20 > bytes, the length before padding is 82 bytes. Thus, the > padding length modulo 8 must be equal to 6 in order to make > the total length an even multiple of 8 bytes (the block > length). The padding length can be 6, 14, 22, and so on, > through 254. If the padding length were the minimum necessary, > 6, the padding would be 6 bytes, each containing the value 6. > Thus, the last 8 octets of the GenericBlockCipher before block > encryption would be xx 06 06 06 06 06 06 06, where xx is the > last octet of the MAC. > " > > In the above example, I just replace the block length by 16 Bytes, and > TLSCompressed.length is 144 Bytes (Input to SSL). > Since I am using SHA1 as the MAC (20 bytes) + 1 Byte padding length, my > length before padding is 165 bytes. To make it a multiple of 16 Bytes, i add > either 11 Bytes or 27 Bytes or > so on, thus giving a data of either 176, 192 and 208 Bytes. > > Add to this the protocol version (1Byte), Content Type (1B) and Length (2B). > thus we can have either 180, 196 or 212 Bytes > > However, I observe, using a packet sniffer (ethereal), that the SSL layer > produces an output of 202 bytes (in all my experiments) for input of 144 > bytes. > > Am I missing some fields somewhere? I repeated the experiment with multiple sizes of input, and in everycase, , I miss the sniffed output by 6 bytes ..(Even in the above case, we arrived at 196 bytes, which is less than 212 by 6 bytes)/
I did not find any defined extensions. So will really appreciate if someone can let me, where am i missing these bytes. Shank > > Thanks for any hekp, > Shashank > > > > > > > > Fred Crable > > -----Original Message----- > > From: Shashank Khanvilkar [mailto:[EMAIL PROTECTED] > > Sent: Monday, July 07, 2003 12:05 PM > > To: [EMAIL PROTECTED] > > Subject: Estimating the packet overhead imposed by SSL. > > > > > > Is there any way (or document) in which i can estimate the packet > > overhead added by SSL. > > Assume that i am sending 100 bytes of data (with no compression), using > > some symmetric cipher (say aes-128-cbc). In this case, how many more > > bytes of overhead will be introduced by the SSL layer (I guess the > > record layer). > > (I will appreciate if someone can provide a breakup). > > > > Will reading the SSLv3 spec help me in this (i tried to read it here > > http://wp.netscape.com/eng/ssl3/draft302.txt > > , but it seems that the draft has expired).. > > Any help is appreciated. > > Shashank > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]