On 1/30/2013 7:15 PM, Viktor Dukhovni wrote:
On Wed, Jan 30, 2013 at 07:03:09PM +0100, Jakob Bohm wrote:
You don't, but, you shold instead obtain the "tls-unique" channel
binding data ( https://tools.ietf.org/html/rfc5929#section-3 ) and
run the result through a KDF (HKDF should work well) on b
On Wed, Jan 30, 2013 at 06:15:27PM +, Viktor Dukhovni wrote:
> If 96-bits is not enough, one needs to get at the master secret
> on both sides, and run that through a KDF together with client
> and server random plus a suitable application-specific salt.
>
> Does OpenSSL provide a public inte
On 31/01/13 07:15, Viktor Dukhovni wrote:
Does OpenSSL provide a public interface for getting at the master
secret or otherwise generating application-specific derived keys?
Or is there some other way I can get the AES256 key out of a
(D)TLS_RSA_WITH_AES_256_CBC_SHA connection at each end
On 31/01/13 07:15, Viktor Dukhovni wrote:
This is fair, the tls-unique value is in practice only 96 bits. And
indeed its intended use is channel-binding with GSSAPI, ... If 96-bits
is not enough, one needs to get at the master secret on both sides,
and run that through a KDF together with clie
On Wed, Jan 30, 2013 at 07:03:09PM +0100, Jakob Bohm wrote:
> >You don't, but, you shold instead obtain the "tls-unique" channel
> >binding data ( https://tools.ietf.org/html/rfc5929#section-3 ) and
> >run the result through a KDF (HKDF should work well) on both ends
> >to obtain a suitable key fo
With aRSA ciphers we see that the new TLS 1.2 ciphers with SHA-2 MACs
are by default preferred over the older TLS 1.1 SHA-1 ciphers. For
example, looking at just the AES subset we see groups of 3 in which
the first is always GCM, the second SHA-2 and the 3rd SHA-1:
$ openssl ciphers -v aRSA+AES+H
On 1/30/2013 6:42 AM, Viktor Dukhovni wrote:
On Wed, Jan 30, 2013 at 05:29:51PM +1300, T J wrote:
How does one obtain the session key from a SSL structure after a
successful TLS handshake?
You don't, but, you shold instead obtain the "tls-unique" channel
binding data ( https://tools.ietf.org/
FYI ECC was added to Windows VISTA,
Ryan Hurst
Sent from my phone, please forgive the brevity.
On Jan 30, 2013, at 5:51 AM, "Dr. Stephen Henson" wrote:
> On Wed, Jan 30, 2013, cellecial wrote:
>
>> Hi,
>>
>> I write some code to generate an ECC certificate, it works partly.
>> The certifica
On Wed, Jan 30, 2013, cellecial wrote:
> Hi,
>
> I write some code to generate an ECC certificate, it works partly.
> The certificate can be parsed by IE but prompt "signature corrupt".
Are you sure that version of Windows supports ECC cerrificates?
> So I dump the cert using X509_print_fp(),he