Regarding Client Finished message

enum { client(0x434C4E54), server(0x53525652) } Sender;

     struct {
         opaque md5_hash[16];
         opaque sha_hash[20];
     } Finished;

     md5_hash       MD5(master_secret + pad2 +
                        MD5(handshake_messages + Sender +
                            master_secret + pad1));
     sha_hash        SHA(master_secret + pad2 +
                         SHA(handshake_messages + Sender +
                             master_secret + pad1));

     handshake_messages    All of the data from all handshake messages
                           up to but not including this message.  This
 
                          is only data visible at the handshake layer
                           and does not include record layer headers.

</snip>

However, i am not able to understand what they mean by handshake_messages

Is it:

client_random_number sent in client_hello message [28] +
server_random_number received in server_hello_message [28] +
client_random_number sent in client_key_exchange [48 bits] 

Hello,

> I have been able to complete handshake till
> client_finished message. However, i am a little confused in
> client_finished message. Here is what i understand:
>
> client finished message as given in RFC draft, is:
>
>
>
> enum { client(0x434C4E54), server(0x53525652) } Sender;
>
> struct {
> opaque md5_hash[16];
> opaque sha_hash[20];
> } Finished;
>
> md5_hash MD5(master_secret + pad2 +
> MD5(handshake_messages + Sender +
> master_secret + pad1));
> sha_hash SHA(master_secret + pad2 +
> SHA(handshake_messages + Sender +
> master_secret + pad1));
>
> handshake_messages All of the data from all handshake messages
> up to but not including this message. This
>
> is only data visible at the handshake layer
> and does not include record layer headers.
>
>
>
> However, i am not able to understand what they mean by handshake_messages
>
> Is it:
>
> client_random_number sent in client_hello message [28] +
> server_random_number received in server_hello_message [28] +
> client_random_number sent in client_key_exchange [48 bits]
> ???

No, it is FULL handshake packets data, without SSL Record header
and without ChangeCipherSpec packet (which is not handshake packet).

> Also, to form a md5 hash, shall i use:
>
>
>
> MD5_CTX ctx;
> MD5_Init(&ctx);
>
> and repeat
> MD5_Update(&ctx,,length of handshake_messages);
>
> till i exhaust all messages

Yes.

> Is PRF function in TLS easier than this, because, i read somewhere
> that, in TLS, we have:
>
> master secret = PRF(server random number, client random number, pre
> master secret)
>
> key_material = PRF(master secret, client random number, server random
> number)
TLS PRF uses standard HMAC while SSL3 uses some special algorithm.
But you must implement PRF (witch looks similar to SSL3 method).

Best regards,
--
Marek Marcola

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]

Hello,
> Thanks Merek. Will start working on this. Any docs that might have
> implementations of this in some code snippet forms, because i am not
> so well versed with MD5/Crypto libraries ?
If you want to look at very clear and well commented implementation
of SSL you may look at MatrixSSL

Best regards,
--
Marek Marcola

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]