Regarding openssl function ssl3_handshake_mac

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Regarding openssl function ssl3_handshake_mac

Suchindra Chandrahas
Hi All,
               Just went through this in openssl source in s3_enc.c:

static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
             const char *sender, int len, unsigned char *p)
        {
        unsigned int ret;
        int npad,n;
        unsigned int i;
        unsigned char md_buf[EVP_MAX_MD_SIZE];
        EVP_MD_CTX ctx;

        EVP_MD_CTX_init(&ctx);
        EVP_MD_CTX_copy_ex(&ctx,in_ctx);

        n=EVP_MD_CTX_size(&ctx);
        npad=(48/n)*n;

        if (sender != NULL)
                EVP_DigestUpdate(&ctx,sender,len);
        EVP_DigestUpdate(&ctx,s->session->master_key,
                s->session->master_key_length);
        EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
        EVP_DigestFinal_ex(&ctx,md_buf,&i);

        EVP_DigestInit_ex(&ctx,EVP_MD_CTX_md(&ctx), NULL);
        EVP_DigestUpdate(&ctx,s->session->master_key,
                s->session->master_key_length);
        EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
        EVP_DigestUpdate(&ctx,md_buf,i);
        EVP_DigestFinal_ex(&ctx,p,&ret);

        EVP_MD_CTX_cleanup(&ctx);


This seems to be the function for generating the final md5 and sha hashes for client_finished messages. However, i am not able to find the handshake messages in the above EVP_DigestUpdates. But in RFC, the handshake messages are needed it says. Am i missing something here, or is this fine for an MD5 or SHA hash to be sent in client_finished message? Please let me know if i am wrong!!!

Thanks and Regards,
Suchindra Chandrahas


Never miss a thing. Make Yahoo your homepage.
Reply | Threaded
Open this post in threaded view
|

Re: Regarding openssl function ssl3_handshake_mac

Marek.Marcola

On Thu, 2008-01-03 at 03:30 -0800, Suchindra Chandrahas wrote:

> Hi All,
>                Just went through this in openssl source in s3_enc.c:
>
> static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
>              const char *sender, int len, unsigned char *p)
>         {
>         unsigned int ret;
>         int npad,n;
>         unsigned int i;
>         unsigned char md_buf[EVP_MAX_MD_SIZE];
>         EVP_MD_CTX ctx;
>
>         EVP_MD_CTX_init(&ctx);
>         EVP_MD_CTX_copy_ex(&ctx,in_ctx);
>
>         n=EVP_MD_CTX_size(&ctx);
>         npad=(48/n)*n;
>
>         if (sender != NULL)
>                 EVP_DigestUpdate(&ctx,sender,len);
>         EVP_DigestUpdate(&ctx,s->session->master_key,
>                 s->session->master_key_length);
>         EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
>         EVP_DigestFinal_ex(&ctx,md_buf,&i);
>
>         EVP_DigestInit_ex(&ctx,EVP_MD_CTX_md(&ctx), NULL);
>         EVP_DigestUpdate(&ctx,s->session->master_key,
>                 s->session->master_key_length);
>         EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
>         EVP_DigestUpdate(&ctx,md_buf,i);
>         EVP_DigestFinal_ex(&ctx,p,&ret);
>
>         EVP_MD_CTX_cleanup(&ctx);
>
>
> This seems to be the function for generating the final md5 and sha
> hashes for client_finished messages. However, i am not able to find
> the handshake messages in the above EVP_DigestUpdates. But in RFC, the
> handshake messages are needed it says. Am i missing something here, or
> is this fine for an MD5 or SHA hash to be sent in client_finished
> message? Please let me know if i am wrong!!!
This function may be used to calculate client CertificateVerify hash and
client/server Finished hash (depending on function parameters) . Already
calculated hash of exchanged handshake packets is contained in in_ctx
structure.

Best regards,
--
Marek Marcola <[hidden email]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding openssl function ssl3_handshake_mac

jimmy bahuleyan
In reply to this post by Suchindra Chandrahas
Suchindra Chandrahas wrote:
> Hi All,
>                Just went through this in openssl source in s3_enc.c:
>
> static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
>              const char *sender, int len, unsigned char *p)
>         {

[snip]..

>
> This seems to be the function for generating the final md5 and sha
> hashes for client_finished messages. However, i am not able to find the
> handshake messages in the above EVP_DigestUpdates. But in RFC, the
> handshake messages are needed it says. Am i missing something here, or
> is this fine for an MD5 or SHA hash to be sent in client_finished
> message? Please let me know if i am wrong!!!
>
> Thanks and Regards,
> Suchindra Chandrahas

The partial hashes of handshake messages are accumulated during the
handshake. You may want to take a look at ssl3_finish_mac() and where it
is called.

-jb
--
Don't have a sig to call my own; care to donate a fortune?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding openssl function ssl3_handshake_mac

Suchindra Chandrahas
In reply to this post by Marek.Marcola
OK. So, this is after the rest of the calculations. OK understood!

Thanks !


Thanks and Regards,
Suchindra Chandrahas

Marek Marcola <[hidden email]> wrote:

On Thu, 2008-01-03 at 03:30 -0800, Suchindra Chandrahas wrote:

> Hi All,
> Just went through this in openssl source in s3_enc.c:
>
> static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
> const char *sender, int len, unsigned char *p)
> {
> unsigned int ret;
> int npad,n;
> unsigned int i;
> unsigned char md_buf[EVP_MAX_MD_SIZE];
> EVP_MD_CTX ctx;
>
> EVP_MD_CTX_init(&ctx);
> EVP_MD_CTX_copy_ex(&ctx,in_ctx);
>
> n=EVP_MD_CTX_size(&ctx);
> npad=(48/n)*n;
>
> if (sender != NULL)
> EVP_DigestUpdate(&ctx,sender,len);
> EVP_DigestUpdate(&ctx,s->session->master_key,
> s->session->master_key_length);
> EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
> EVP_DigestFinal_ex(&ctx,md_buf,&i);
>
> EVP_DigestInit_ex(&ctx,EVP_MD_CTX_md(&ctx), NULL);
> EVP_DigestUpdate(&ctx,s->session->master_key,
> s->session->master_key_length);
> EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
> EVP_DigestUpdate(&ctx,md_buf,i);
> EVP_DigestFinal_ex(&ctx,p,&ret);
>
> EVP_MD_CTX_cleanup(&ctx);
>
>
> This seems to be the function for generating the final md5 and sha
> hashes for client_finished messages. However, i am not able to find
> the handshake messages in the above EVP_DigestUpdates. But in RFC, the
> handshake messages are needed it says. Am i missing something here, or
> is this fine for an MD5 or SHA hash to be sent in client_finished
> message? Please let me know if i am wrong!!!
This function may be used to calculate client CertificateVerify hash and
client/server Finished hash (depending on function parameters) . Already
calculated hash of exchanged handshake packets is contained in in_ctx
structure.

Best regards,
--
Marek Marcola

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]


Looking for last minute shopping deals? Find them fast with Yahoo! Search.
Reply | Threaded
Open this post in threaded view
|

Re: Regarding openssl function ssl3_handshake_mac

Suchindra Chandrahas
In reply to this post by jimmy bahuleyan
Thanks Jimmy, now i properly understood!

Thanks and Regards,
Suchindra Chandrahas






jimmy bahuleyan <[hidden email]> wrote:
Suchindra Chandrahas wrote:
> Hi All,
> Just went through this in openssl source in s3_enc.c:
>
> static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
> const char *sender, int len, unsigned char *p)
> {

[snip]..

>
> This seems to be the function for generating the final md5 and sha
> hashes for client_finished messages. However, i am not able to find the
> handshake messages in the above EVP_DigestUpdates. But in RFC, the
> handshake messages are needed it says. Am i missing something here, or
> is this fine for an MD5 or SHA hash to be sent in client_finished
> message? Please let me know if i am wrong!!!
>
> Thanks and Regards,
> Suchindra Chandrahas

The partial hashes of handshake messages are accumulated during the
handshake. You may want to take a look at ssl3_finish_mac() and where it
is called.

-jb
--
Don't have a sig to call my own; care to donate a fortune?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [hidden email]
Automated List Manager [hidden email]


Looking for last minute shopping deals? Find them fast with Yahoo! Search.