Regarding Client Finished message

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Regarding Client Finished message

Suchindra Chandrahas
Hi All,
             I have been able to complete handshake till client_finished message. However, i am a little confused in client_finished message. Here is what i understand:

client finished message as given in RFC draft, is:

<snip>

enum { client(0x434C4E54), server(0x53525652) } Sender;

struct {
opaque md5_hash[16];
opaque sha_hash[20];
} Finished;

md5_hash MD5(master_secret + pad2 +
MD5(handshake_messages + Sender +
master_secret + pad1));
sha_hash SHA(master_secret + pad2 +
SHA(handshake_messages + Sender +
master_secret + pad1));

handshake_messages All of the data from all handshake messages
up to but not including this message. This
is only data visible at the handshake layer
and does not include record layer headers.

</snip>

However, i am not able to understand what they mean by handshake_messages

Is it:

client_random_number sent in client_hello message [28] +
server_random_number received in server_hello_message [28] +
client_random_number sent in client_key_exchange [48 bits]
???

Also, to form a md5 hash, shall i use:

<snip>

MD5_CTX ctx;
MD5_Init(&ctx);

and repeat
MD5_Update(&ctx,<handshake_messages>,length of handshake_messages);

till i exhaust all messages
</snip>

Is PRF function in TLS easier than this, because, i read somewhere that, in TLS, we have:

master secret = PRF(server random number, client random number, pre master secret)

key_material = PRF(master secret, client random number, server random number)

Please advice me if there is any tls library function that finds Pseudo Random (PRF?)

Thanks and Regards,
Suchindra Chandrahas


Boardwalk for $500? In 2007? Ha!
Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games.
Reply | Threaded
Open this post in threaded view
|

Re: Regarding Client Finished message

Marek.Marcola
Hello,

>              I have been able to complete handshake till
> client_finished message. However, i am a little confused in
> client_finished message. Here is what i understand:
>
> client finished message as given in RFC draft, is:
>
> <snip>
>
> enum { client(0x434C4E54), server(0x53525652) } Sender;
>
>      struct {
>          opaque md5_hash[16];
>          opaque sha_hash[20];
>      } Finished;
>
>      md5_hash       MD5(master_secret + pad2 +
>                         MD5(handshake_messages + Sender +
>                             master_secret + pad1));
>      sha_hash        SHA(master_secret + pad2 +
>                          SHA(handshake_messages + Sender +
>                              master_secret + pad1));
>
>      handshake_messages    All of the data from all handshake messages
>                            up to but not including this message.  This
>  
>                           is only data visible at the handshake layer
>                            and does not include record layer headers.
>
> </snip>
>
> However, i am not able to understand what they mean by handshake_messages
>
> Is it:
>
> client_random_number sent in client_hello message [28] +
> server_random_number received in server_hello_message [28] +
> client_random_number sent in client_key_exchange [48 bits]
> ???
No, it is FULL handshake packets data, without SSL Record header
and without ChangeCipherSpec packet (which is not handshake packet).

> Also, to form a md5 hash, shall i use:
>
> <snip>
>
> MD5_CTX ctx;
> MD5_Init(&ctx);
>
> and repeat
> MD5_Update(&ctx,<handshake_messages>,length of handshake_messages);
>
> till i exhaust all messages
Yes.

> Is PRF function in TLS easier than this, because, i read somewhere
> that, in TLS, we have:
>
> master secret = PRF(server random number, client random number, pre
> master secret)
>
> key_material = PRF(master secret, client random number, server random
> number)
TLS PRF uses standard HMAC while SSL3 uses some special algorithm.
But you must implement PRF (witch looks similar to SSL3 method).

Best regards,
--
Marek Marcola <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding Client Finished message

Suchindra Chandrahas
Thanks Merek. Will start working on this. Any docs that might have implementations of this in some code snippet forms, because i am not so well versed with MD5/Crypto libraries ?

Thanks and Regards,
Suchindra Chandrahas

Marek Marcola <[hidden email]> wrote:
Hello,

> I have been able to complete handshake till
> client_finished message. However, i am a little confused in
> client_finished message. Here is what i understand:
>
> client finished message as given in RFC draft, is:
>
>
>
> enum { client(0x434C4E54), server(0x53525652) } Sender;
>
> struct {
> opaque md5_hash[16];
> opaque sha_hash[20];
> } Finished;
>
> md5_hash MD5(master_secret + pad2 +
> MD5(handshake_messages + Sender +
> master_secret + pad1));
> sha_hash SHA(master_secret + pad2 +
> SHA(handshake_messages + Sender +
> master_secret + pad1));
>
> handshake_messages All of the data from all handshake messages
> up to but not including this message. This
>
> is only data visible at the handshake layer
> and does not include record layer headers.
>
>

>
> However, i am not able to understand what they mean by handshake_messages
>
> Is it:
>
> client_random_number sent in client_hello message [28] +
> server_random_number received in server_hello_message [28] +
> client_random_number sent in client_key_exchange [48 bits]
> ???
No, it is FULL handshake packets data, without SSL Record header
and without ChangeCipherSpec packet (which is not handshake packet).

> Also, to form a md5 hash, shall i use:
>
>
>
> MD5_CTX ctx;
> MD5_Init(&ctx);
>
> and repeat
> MD5_Update(&ctx,,length of handshake_messages);
>
> till i exhaust all messages
Yes.

> Is PRF function in TLS easier than this, because, i read somewhere
> that, in TLS, we have:
>
> master secret = PRF(server random number, client random number, pre
> master secret)
>
> key_material = PRF(master secret, client random number, server random
> number)
TLS PRF uses standard HMAC while SSL3 uses some special algorithm.
But you must implement PRF (witch looks similar to SSL3 method).

Best regards,
--
Marek Marcola

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]


Catch up on fall's hot new shows on Yahoo! TV. Watch previews, get listings, and more!
Reply | Threaded
Open this post in threaded view
|

Re: Regarding Client Finished message

Marek.Marcola
Hello,
> Thanks Merek. Will start working on this. Any docs that might have
> implementations of this in some code snippet forms, because i am not
> so well versed with MD5/Crypto libraries ?
If you want to look at very clear and well commented implementation
of SSL you may look at MatrixSSL

Best regards,
--
Marek Marcola <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding Client Finished message

Suchindra Chandrahas
Thanks Merek. I have compiled a somewhat working version of it. Hope to complete by tomorrow

Thanks for Matrix SSL

Thanks and Regards,
Suchindra Chandrahas

Marek Marcola <[hidden email]> wrote:
Hello,
> Thanks Merek. Will start working on this. Any docs that might have
> implementations of this in some code snippet forms, because i am not
> so well versed with MD5/Crypto libraries ?
If you want to look at very clear and well commented implementation
of SSL you may look at MatrixSSL

Best regards,
--
Marek Marcola

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]


Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.