Thanks Mererk. Will implement the same! Thanks and Regards, Suchindra Chandrahas
Marek Marcola <[EMAIL PROTECTED]> wrote: On Fri, 2007-12-21 at 22:23 -0800, Suchindra Chandrahas wrote: > Hi All, > ClientFinished message has 2 hashes (md5 and > sha1) of "All Handshake Messages" till that but not > including ClientFinished message itself. In a > Handshake message, i notice that there are two > sections: > > 1. Record Layer Header (16 03 00...) > 2. Handshake Protocol (, > handshake message> ) > > In the RFC for ssl v3, i notice that we should not use > the record layer headers in calculating ClientFinished > message Hashes. So should i take the second one > mentioned above (with Handshake Type, Length, SSL > Version and the message) or should i consider only the > Handshake Message (the last part of 2. above)? You should use all handshake data (type,len,version,msg) in calculation of Finished digests. You should not include in this calculation ChangeCipherSpec packet because this packet is not part of handshake protocol (this packet is protocol itself). Best regards, -- Marek Marcola ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] --------------------------------- Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
