On Tue, May 2, 2017 at 2:10 PM, Matt Caswell <m...@openssl.org> wrote:
> > > On 30/04/17 19:51, Stiju Easo wrote: > > Hi , > > > > I got the answer to this, and now the question looks bit stupid. > > Generation of master key is different in case of "Extended Master > > Secret" , > > > > I still have a doubt, what would be the contents in SSL* > > s->s3->handshake_buffer? > > I need to manually set this for my tool, i assume it holds both > > client and server handshakes, am i right? > > > > > > if i am right , in openssl , i just need to populate > > s3->handshake_buffer and set flags to s->session->flags & > > SSL_SESS_FLAG_EXTMS. > > only unknown thing i have is s3->handshake_buffer , what value to > > copy there. > > handshake_buffer is a mem BIO that contains a copy of all the handshake > messages sent and received so far - but only sometimes. Dependant on how > the handshake proceeds sometimes this buffer stays active for a while. > Other times it gets released early and instead we keep a rolling hash of > the handshake messages. > as per my understanding, if I set Handshake_buffer with all SSL3_RT_HANDSHAKE, it should work, right? I had gone through RFC's regarding this, there is no clear statement regarding what is included. I assume everything from CLIENT HELLO to FINISHED. I had verified implementation in Wireshark, they generate Extended master secret by hashing all handshakes. > > The problem is your code is reaching right into the internals of libssl > and playing around with the internal state. In OpenSSL 1.1.0 you will be > unable to do that (the SSL struct is opaque). > This is hurting me, right now. > > Matt > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- Stiju Easo The unexamined life is not worth living for man. Socrates, in Plato, Dialogues, Apology Greek philosopher in Athens (469 BC - 399 BC)
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
