Hi Jimmy,
Yes i changed the no. of bytes to 32 (both client and
server random). Also, is it ok to use openssl tls1_prf for ssl v3 handshake?
Thanks and Regards,
Suchindra Chandrahas
jimmy bahuleyan <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote:
> Hi All,
> I am trying to write an SSL v3 handshake without using
> openssl libraries. I have some problem with creation of MasterSecret in
> SSL v3. Here is the code snippet of hardcoded client that i am
> experimenting with:
>
> client_random is 28 bytes of 0x66 as of now
>
> My Server Random is stored in ssl->server_random[28] array (excluding
> gmt 4 bytes)
> My Client Random is stored in ssl->client_random[28] array (excluding
> gmt 4 bytes)
>
> Note: I am guessing that client random and server random are 28 bytes
> long. I am excluding the 4 bytes of gmt time spec from the random for
> calculating the Master Secret
>
Why are you excluding the 4 bytes of time stamp? The client_random is
part of prf calculation which means client_random is 32 bytes, and that
implies time-stamp is part of PRF calculation.
> Is something wrong with the MasterSecret calculation algorithm? Can i
> use a generic OpenSSL v3 PRF function to calculate the same, without
> defining the other parameters of ssl connection structure (because i am
> only required to calculate the MasterSecret)?
You can use the PRF function code from openssl, tls1_PRF doesn't require
any connection parameters as input.
>
> Thanks and Regards,
> Suchindra Chandrahas
-jb
--
Don't have a sig to call my own; care to donate a fortune?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
---------------------------------
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
