Hello to you both. Eric, I have a question regarding what you said (just for interest):-> look below...
-->-----Original Message----- -->From: Eric Rescorla [mailto:[EMAIL PROTECTED]] -->Sent: Fri, June 07, 2002 4:20 PM -->To: [EMAIL PROTECTED] -->Subject: Re: fragmentation --> --> -->"Oleg Tyschenko" <[EMAIL PROTECTED]> writes: -->> I am developing something like "Sniffer". -->> After establishing TCP connection and SSL handshake client -->and server -->> start to transmit the data. If the data is in one TCP segment it is -->> fine. But when SSL data record is longer than one TCP -->segment I need to -->> store them and decrypt after last segment arrived using -->EVP_Cipher() -->> function. Is any other way to decrypt data by segments? -->Let say after -->> first segment I can decrypt it without waiting for all -->data segments. -->Not in general, for two reasons: --> -->(1) You need to check the MAC which only appears at the end of -->the record. Is it right that you still can say that maximum *SSL* record size (not TCP) is about 16K - I don't remember the exact number, but this is the maximum size of encrypted block as defined in OpenSSL headers. Or, it will be wrong assumption? And, if it right, who defined it like that, RFC? Thanks & Best Regards, Sharon Hezy. -->(2) If it's a block cipher there's no guarantee you'll get the -->data in one block chunks so you may need to buffer them. --> -->BTW, ssldump (http://www.rtfm.com/ssldump) already does -->what it sounds like you're trying to do. --> -->-Ekr --> -->-- -->[Eric Rescorla [EMAIL PROTECTED]] --> http://www.rtfm.com/ -->_____________________________________________________________ -->_________ -->OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
