Hello,
> > Hello,
> > > H = HMAC(packet_proto+ssl_version+data_len+M, server_write_mac)
> > Should be:
> > H = HMAC(packet_sequence+packet_proto+ssl_version+data_len+M,
> > server_write_mac)
> >
>
> Marek,
>
> You forgot to mention that HMAC has a secret key associated with it so
> that you cannot forge MD5 or SHA1 digests.
This secret key from text above is called server_write_mac.
HMAC() has two parameters - data to hash and key.
> This is done by simply appending the key to the digest input.
I can not agree. In HMAC you use some message digest algorithm
(MD5/SHA1/...) with HMAC algorithm.
Let MD() will be some message digest algorithm, M - message to hash, K -
HMAC key, B - message digest block size.
Then HMAC result H is calculated as:
ipad = the byte 0x36 repeated B time
opad = the byte 0x5C repeated B times
H = MD(K XOR opad, MD(K XOR ipad, M))
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
