I was using DES-CBC3-SHA1 for the testing. I tested it with DES-CBS and
it is only the 1st 8 bytes of the decrypted message that are in
variance. The rest of the bytes match those in the plain text sent by
the server. I guess that rules out new key material.
Andy S.
-----Original Message-----
From: Eric Rescorla
Sent: Thu 9/20/2001 4:09 PM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: SSL renegotiation and SSL_bio (more data)
"Andy Schneider" <[EMAIL PROTECTED]> writes:
> With further instrumentation I can see what happens. The server sends
> the server hello encrypted. The client gets the correct data but when
it
> decrypts it the plain text is different from the plain text of the
> server hello message and hence the MAC is wrong. The only reason I can
> think of is that somehow the key material has changed. I compiled with
> -DTLS_DEBUG but key material doesn't seem to be updated at the point
the
> server hello is sent (which it shouldn't). Anyone got any ideas?
I'm still working on this. However, a question occurs: What algorithm
are you using? Try using DES-CBC and see if it's only the first block
that's damaged or if it's the entire message. This will tell us
whether it's some sort of sequencing error or totally different
keying material.
-Ekr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
winmail.dat
