Hello, [EMAIL PROTECTED] wrote on 06/26/2008 01:56:33 PM:
> Well, I tried it like you guys said, but I keep getting an error from > EVP_DecryptFinal_ex() (returns 0) and the resulting decrypted packet that I got is not > right. However, doing it like I said previously, that is reassemblng the packets and > merging them into one and then passing it to the above mentioned Decrypt functions seem > to be working fine. Then you will get error at third packet which arrives after that two. Merging SSL/TLS records is not good solution. > Also, how is it exactly that you suggest that I go along? > If I send the message "Hello World" from my server to client and I capture the > aforementioned packet, lets say, I treat it as two separate records and decrypt each > record. I now have two decrypted records. Should I merge these now? If that were the > case, are you implying that my inital message "Hello World" has been broken into two > parts before it was encrypted? (Maybe one part is "Hello" and the other is " World"?) > That does not sound right. > > The situation that I am facing can actually be repeated by just running the s_server and > s_client programs in debug mode and then observing the output. > > Also, in the packet dump that I had posted earlier, > > 17 03 01 00 20 85 99 2a 94 4d 0e 56 2c 81 bc fc > 4d c9 32 aa 85 46 90 02 6d 4e b6 c6 da 4b d9 82 > e9 ab cf 77 e7 17 03 01 00 20 76 68 51 17 9e 86 > d4 20 6e 31 3e 7a 96 17 d5 cd c0 ba 5c cd ba 11 > 2b 18 b1 8d d8 3c 15 3d e9 c7 > > and comparing this to the packet format here. I have 32 bytes of application data that > should be followed by some amount of padding and 20 Bytes of MAC, which is not available > here. But I can clearly see that the algorithm being used is DHE-RSA-AES256-SHA, > specifying that SHA is being used. Even, the debug mode in s_server program that I am > using shows the same data being transmitted. You must be aware that after decrypting first packet and calling EVP_DecryptFinal_ex() you have cleared decryption context. In other words - this function erases your key and iv. When you try to decrypt second packet function EVP_DecryptUpdate() works ok because this function only applies decryption algorithm do your data, its not important if your key is proper or not. But when you call EVP_DecryptFinal_ex() at the end of decryption you get error because this function checks proper last block padding. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]