> From: owner-openssl-us...@openssl.org On Behalf Of Tayade, Nilesh > Sent: Wednesday, 22 August, 2012 16:13
> The 'Client Key Exchange' packet carries the encrypted > premaster. I am working on utility for decrypting the data > and supported cipher suites are RC4_128_MD5 and RC4_128_SHA. > Only for RSA key-exchange (which is the most commonly used). For DH* and ECDH* suites ClientKeyExchange is quite different. (Not to mention Kerberos or PreShared.) > I observed that the encrypted premaster length varies in the > 'Client key exchange' packet. Sometimes it is 128bytes and > sometimes 256bytes. > If I am correct, the length depends upon the RSA key size > (128bytes for 1024bit key). Is there some way to know before > hand if the RSA key being used is 1024bits or different (some > information in certificates etc.)? So that based on that I > could look for the encrypted premaster length. > Yes, an RSA EncryptedPremaster value is the same size as the server's RSA public key, in and taken from the server's cert. (Or to be exact, the same size as the modulus in the key; the public key as distributed contains some additional data, usually only a little, and thus is slightly larger.) But you don't need to "look for" the length of this value. It is encoded as a vector in SSL/TLS, which means it has a length prefix right in the protocol message. See 4.7 and 4.3 in RFC5246 (likely the same earlier, but I didn't re-check). And it's the only field in the (CKE) message which has a length header, and typically that message is the only message in the (handshake) record which as a length header. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
