Decrypting Client TLS Finish

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Decrypting Client TLS Finish

Brijesh Nambiar

I am trying to decrypt the client TLS finish.

The TLS client finish message should contain 4 bytes of header (1 byte
of type + 3 bytes of len), 12 bytes of verify data, 20 bytes of
sha1-mac, 3 bytes of padding an 1 bytes of padlen.

The EVP_CipherFinal fails with the following error message:

13255:error:06065064:digital envelope routines:EVP_DecryptFinal:bad

The outlen is set to 32 after EVP_CipherUpdate .

Any help will be appreciated.


int inlen = 40;

EVP_CIPHER_CTX_init (&ctx);
EVP_CipherInit (&ctx, EVP_des_ede3_cbc(),
tkb->client_write_key,tkb->client_write_iv, 0);

if (EVP_CipherUpdate (&ctx, out, &outlen, in, inlen) != 1)
  ERR_print_errors_fp (stderr);
if (EVP_CipherFinal (&ctx, out + outlen, &plen) != 1)
  ERR_print_errors_fp (stderr);
outlen += plen;
OpenSSL Project                       
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]