Re: [TLS] Regarding the length of encrypted premaster secret.
Juho Vähä-Herttua <juhovh@iki.fi> Tue, 11 October 2011 13:23 UTC
Return-Path: <juhovh@iki.fi>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1625821F8B89 for <tls@ietfa.amsl.com>; Tue, 11 Oct 2011 06:23:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.903
X-Spam-Level:
X-Spam-Status: No, score=-0.903 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xpoNtqx-8kCL for <tls@ietfa.amsl.com>; Tue, 11 Oct 2011 06:23:51 -0700 (PDT)
Received: from kirsi1.inet.fi (mta-out.inet.fi [195.156.147.13]) by ietfa.amsl.com (Postfix) with ESMTP id 5519E21F8B30 for <tls@ietf.org>; Tue, 11 Oct 2011 06:23:51 -0700 (PDT)
Received: from mail.visino.fi (88.192.37.90) by kirsi1.inet.fi (8.5.133) id 4E8F89DD002CC8F3; Tue, 11 Oct 2011 16:23:49 +0300
Received: from [192.168.0.63] (62.1.179.109.dsl.dyn.forthnet.gr [62.1.179.109]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: juhovh) by mail.visino.fi (Postfix) with ESMTPSA id 6E03F1FF3B; Tue, 11 Oct 2011 16:23:48 +0300 (EEST)
References: <4E9425B3.8070109@netscout.com>
In-Reply-To: <4E9425B3.8070109@netscout.com>
Mime-Version: 1.0 (iPhone Mail 8L1)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"
Message-Id: <990A24B9-E252-4A9B-BBBE-0900E82A0D1E@iki.fi>
X-Mailer: iPhone Mail (8L1)
From: Juho Vähä-Herttua <juhovh@iki.fi>
Date: Tue, 11 Oct 2011 16:23:12 +0300
To: nilesh <nilesh.tayade@netscout.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Regarding the length of encrypted premaster secret.
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2011 13:23:52 -0000
On 11.10.2011, at 14.17, nilesh <nilesh.tayade@netscout.com> wrote: > If I remove initial 2bytes of encrypted premaster secret (make it 128bytes) - then I am able to decrypt it without failure. In TLS 1.0 first two bytes is the length of encrypted premaster secret in bytes, in SSL 3.0 they are not used. > But the master_secret and key block generated are not correct then (the application data get decrypted to junk - > again, I verified my code to generate master_secret and key block with different trace). I would recommend verifying again. If the encrypted premaster decrypts to 48 bytes of data it is most likely correct and your problem is elsewhere. So check that first. > Could someone please advise if I missed anything? Should the encrypted premaster be always 128bytes? > I have attached the trace file and key file with the email. The length depends on RSA key size, with 1024-bit keys it is 128 bytes. I'm not looking at the trace file since I'm writing on my phone. However Wireshark has a very good SSL debug log feature that logs the premaster secret and master secret and other useful information, use it for debugging. I don't think this list is the right place to debug own implementation though. Test your program against other widely used implementations, if it fails it is probably broken. Juho
- [TLS] Regarding the length of encrypted premaster… nilesh
- Re: [TLS] Regarding the length of encrypted prema… Juho Vähä-Herttua