Decrypting Client TLS Finish

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Decrypting Client TLS Finish

Brijesh Nambiar
Hi,

I am trying to decrypt the client TLS finish.

The TLS client finish message should contain 4 bytes of header (1 byte
of type + 3 bytes of len), 12 bytes of verify data, 20 bytes of
sha1-mac, 3 bytes of padding an 1 bytes of padlen.

The EVP_CipherFinal fails with the following error message:


13255:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
decrypt:evp_enc.c:450:

The outlen is set to 32 after EVP_CipherUpdate .


Any help will be appreciated.

Thanks,
Brijesh


int inlen = 40;

EVP_CIPHER_CTX  ctx;
EVP_CIPHER_CTX_init (&ctx);
EVP_CipherInit (&ctx, EVP_des_ede3_cbc(),
tkb->client_write_key,tkb->client_write_iv, 0);

if (EVP_CipherUpdate (&ctx, out, &outlen, in, inlen) != 1)
{
  ERR_print_errors_fp (stderr);
}
if (EVP_CipherFinal (&ctx, out + outlen, &plen) != 1)
{
  ERR_print_errors_fp (stderr);
}
outlen += plen;
EVP_CIPHER_CTX_cleanup(&ctx);
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]