Regarding construction of MasterSecret in ssl v3 handshake

Wed, 12 Dec 2007 23:57:58 -0800 

Hi All,
              I am trying to write an SSL v3 handshake without using openssl 
libraries. I have some problem with creation of MasterSecret in SSL v3. Here is 
the code snippet of hardcoded client that i am experimenting with:

My ClientHello:

unsigned char buf[BUFSIZE] =
        "\x01"                     /* Client Hello Message */
        "\x00\x00\x29"                 /* Length */
        "\x03\x00"                 /* Client Version */
        "\x44\x44\x44\x44"             /* GMT - just dummy values taken for now 
*/
        "\x66\x66\x66\x66\x66\x66\x66\x66"
        "\x66\x66\x66\x66\x66\x66\x66\x66"
        "\x66\x66\x66\x66\x66\x66\x66\x66" 
        "\x66\x66\x66\x66"             /* Random Bytes 28 */
        "\x00"                     /* Session ID Length */
        "\x00\x02"                 /* Cipers */
        "\x00\x35"                 /* One cipher - compatible with esx */
        "\x01\x00";                 /* Compression related details */

client_random is 28 bytes of 0x66 as of now

My Server Random is stored in ssl->server_random[28] array (excluding gmt 4 
bytes)
My Client Random is stored in ssl->client_random[28] array (excluding gmt 4 
bytes)

Note: I am guessing that client random and server random are 28 bytes long. I 
am excluding the 4 bytes of gmt time spec from the random for calculating the 
Master Secret

Master Secret Algorithm:

static const unsigned char *salt[10]={
        (const unsigned char *)"A",
        (const unsigned char *)"BB",
        (const unsigned char *)"CCC",
        (const unsigned char *)"DDDD",
        (const unsigned char *)"EEEEE",
        (const unsigned char *)"FFFFFF",
        (const unsigned char *)"GGGGGGG",
        (const unsigned char *)"HHHHHHHH",
        (const unsigned char *)"IIIIIIIII",
        (const unsigned char *)"JJJJJJJJJJ"
    };


/*                    
 * client_master_secret = MD5(client_premaster_secret + SHA('A' + client_random 
+ server_random + client_premaster_secret)) +
 *              MD5(client_premaster_secret + SHA('BB' + client_random + 
server_random + client_premaster_secret)) +
 *              MD5(client_premaster_secret + SHA('CCC' + client_random + 
server_random + client_premaster_secret))
 *
 */

tmp = ssl->client_master_secret;

    for (i = 0; i < 3; i++) {

        SHA_Init(&ctx1_sha);

        SHA_Update(&ctx1_sha, salt[i], i + 1);

        SHA_Update(&ctx1_sha, ssl->client_random, 28);

        SHA_Update(&ctx1_sha, ssl->server_random, 28);            
        SHA_Update(&ctx1_sha, ssl->client_premaster_secret, 48);

        SHA_Final(buf,&ctx1_sha);

        

        MD5_Init(&ctx1_md5);

        MD5_Update(&ctx1_md5, ssl->client_premaster_secret, 48);

        MD5_Update(&ctx1_md5, buf, 20);

        MD5_Final(tmp, &ctx1_md5);

        tmp += 16;

    }

However, when i analyze using the wireshark decoder for ssl (with the key 
specified), i am getting a different MasterSecret calculated in Wireshark than 
that calculated by me, though both use the same mechanism

Is something wrong with the MasterSecret calculation algorithm? Can i use a 
generic OpenSSL v3 PRF function to calculate the same, without defining the 
other parameters of ssl connection structure (because i am only required to 
calculate the MasterSecret)?

Thanks and Regards,
Suchindra Chandrahas







       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

Reply via email to