Re: [TLS] A small detail in HMAC key generation for Finished message
Christian Huitema <huitema@microsoft.com> Thu, 24 December 2015 01:05 UTC
Return-Path: <huitema@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1E6D1A8A90 for <tls@ietfa.amsl.com>; Wed, 23 Dec 2015 17:05:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbgHiMkXTtKp for <tls@ietfa.amsl.com>; Wed, 23 Dec 2015 17:05:01 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0119.outbound.protection.outlook.com [207.46.100.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77E231A8A8D for <tls@ietf.org>; Wed, 23 Dec 2015 17:05:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=c1Sv3w+4vwviVghx0T3kglQlqOo/Yn8cjXpKjSlXh9w=; b=cyuZhsiixpJURXwnlB9hXaq9mTwDxJ3RBww2hGvaZwh7CHCcREE7BWaQneuoq1iir5/T9KgI9ramFUgbh45zed8CEmj9vJnWuCeT80f9AMbHmd8WLN2oAEv7e5iLwD6UjZHck08YDEaAcE3DjdKTBub1DgL0ZX+QXScJ2aMjo5U=
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) by DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) with Microsoft SMTP Server (TLS) id 15.1.361.13; Thu, 24 Dec 2015 01:04:59 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) with mapi id 15.01.0361.006; Thu, 24 Dec 2015 01:04:59 +0000
From: Christian Huitema <huitema@microsoft.com>
To: Eric Rescorla <ekr@rtfm.com>
Thread-Topic: [TLS] A small detail in HMAC key generation for Finished message
Thread-Index: AdE9zLUIRqzr9WCoSK+Y1yfu8/UHSAACaE6AAAQTZqA=
Date: Thu, 24 Dec 2015 01:04:59 +0000
Message-ID: <DM2PR0301MB06553CF1DDF35B6B96F64290A8E70@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <DM2PR0301MB06550A43EC188A16E8C8464DA8E60@DM2PR0301MB0655.namprd03.prod.outlook.com> <CABcZeBO6shkEF1puy+YgEzM8CgRRvmb3sypQUevpKoC=CEj0oQ@mail.gmail.com>
In-Reply-To: <CABcZeBO6shkEF1puy+YgEzM8CgRRvmb3sypQUevpKoC=CEj0oQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=huitema@microsoft.com;
x-originating-ip: [2601:600:8900:31e1:dd84:ed7c:8cb:cd28]
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0655; 5:YeKhLQ+hso3rNIl7Df3DNSR8qL/TYk+BN32FnggvgejKbJKJeTNDmMUEW9FtOlz8SbKXjBXWWJS9Unowak1D1gVgu2h1NCgLaTcHHTPtV8KFSgynpQ1Lwggjsbyjp3dsuRr5tFq0giLU+4Hh4OmVVA==; 24:goZPs7KXpWenVnI6Hpba8rSrElcz9zNaNTsTi9U2w76Wa6rKCPQ7PLlK8dKNxl7PrawS21UnuWJ8vdjiR4q37XhXmwgOUfaaXmNxu38qTXU=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0655;
x-microsoft-antispam-prvs: <DM2PR0301MB065506A7AC0E941872570842A8E70@DM2PR0301MB0655.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(520078)(8121501046)(10201501046)(3002001)(61426038)(61427038); SRVR:DM2PR0301MB0655; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0655;
x-forefront-prvs: 0800C0C167
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(54094003)(377454003)(189002)(199003)(24454002)(77096005)(5004730100002)(5005710100001)(586003)(92566002)(11100500001)(102836003)(2950100001)(6116002)(101416001)(87936001)(2900100001)(8990500004)(76576001)(5003600100002)(5002640100001)(1096002)(1220700001)(40100003)(10290500002)(33656002)(122556002)(10400500002)(5008740100001)(74316001)(54356999)(50986999)(86362001)(189998001)(97736004)(81156007)(76176999)(10090500001)(106356001)(99286002)(105586002)(86612001)(110136002)(5001960100002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0655; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Dec 2015 01:04:59.4453 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0655
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/cymkh4hgBE8WMDmRVBXXf5lKwNo>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] A small detail in HMAC key generation for Finished message
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Dec 2015 01:05:03 -0000
On Wednesday, December 23, 2015 3:05 PM, Eric Rescorla wrote: >> I wonder what the zero length string actually means. Is it a null-terminated string >> that would encode in binary as a one octet byte string of value 0, or an empty >> string that would encode in binary as a zero length string? > > I see what you mean about the ambiguity here. What I meant was 0 bytes > (i.e., no trailing '\0'). OK, makes sense. >> There is one example of encoding a string in section 4.8.1, and the binary representation >> shows the encoding of the final null byte. Is that a common assumption? > > No. > >> Similarly, in the HKDF-Expand-Label, do we assume a final null byte for the "label"? > > No. I wonder if we should instead add the '\0' explicitly in the 4.8.1 for maximal clarity. Either that, or just remove the trailing 00 from the binary description. -- Christian Huitema
- [TLS] A small detail in HMAC key generation for F… Christian Huitema
- Re: [TLS] A small detail in HMAC key generation f… Eric Rescorla
- Re: [TLS] A small detail in HMAC key generation f… Christian Huitema
- Re: [TLS] A small detail in HMAC key generation f… Michael StJohns
- Re: [TLS] A small detail in HMAC key generation f… Hubert Kario
- Re: [TLS] A small detail in HMAC key generation f… Eric Rescorla
- Re: [TLS] A small detail in HMAC key generation f… Salz, Rich
- Re: [TLS] A small detail in HMAC key generation f… Hubert Kario
- Re: [TLS] A small detail in HMAC key generation f… Eric Rescorla
- Re: [TLS] A small detail in HMAC key generation f… Martin Thomson
- Re: [TLS] A small detail in HMAC key generation f… Eric Rescorla