> From: owner-openssl-us...@openssl.org On Behalf Of re.est > Sent: Tuesday, 01 November, 2011 10:22
> > I am a newbie in the cryptography area and learning by writing some > > test code. > > I have setup the apache server and capturing packets using > wireshark. > > I have a query specific to RC4. With the given server > private key, I > > am able to generate master secret and key block correctly. > > My test code output matches with Wireshark debug logs (i.e. > the master > > secret generated and key block generated using > pseudo-random function). > > This isn't specific to RC4, it is specific to RC4 *used in SSL/TLS*. RC4 (both in the abstract and as implemented in OpenSSL) can be used in lots of other ways also. > > However, I am unable to understand how to use the RC4_set_key() and > > RC4() APIs. > > What exact part of key_block should I feed to RC4_set_key()? > > key_block[0..15] - client MAC > > key_block[16..31] - server MAC Only if the (H)MAC is 128bits i.e. MD5. Suites using SHA(1) take 0..19 and 20..39. > > key_block[32..48] - client Write key > For SSL/TLS protocol, > > set by client as encryption key, set by server as decryption key > > key_block[49..64] - server Write key > set by server as encryption key, set by client as decryption key > 32..47 and 48..63 (off by 1) IF for a 128bit-key stream cipher like RC4-128 AND a 128bit MAC (MD5). Otherwise quite different. Export suites use modified derivation logic as well. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
