SSLv3 MAC calculation

To: www-security@ns2.rutgers.edu, ssl-users@mincom.oz.au, ssl-talk@netscape.com
Subject: SSLv3 MAC calculation
From: Jeroen de Borst <jeroen@hprc.tandem.com>
Date: Sat, 06 Jul 1996 14:20:29 +0200
Organization: Tandem Computers
Reply-To: jeroen@hprc.tandem.com

Hi,

I need some help, I found 2 differenct specifications for the MAC
calculation in SSLv3:

http://home.netscape.com/newsref/ssl/3-SPEC.htm#RTFToC20

does not include any padding, but adds SSLCompressed.type and

http://home.netscape.com.eng/ssl3/3-SPEC.htm#7-2-3-1

does include padding but leaves out SSLCompressed.type.

I have tried both but none seem to compatible with what Netscape does
(or I have a bug). A have been able to decrypt the Client-Finish and
can see that the hashes of the handshake messages match so that means
that my session keys must be ok.

Could it be that the length is more than 2 bytes or that the 
sequence number is less than 8 bytes? Any other secret ingredients?

Any help appreciated,
Jeroen de Borst

--
+------------------------------+-----------------------------------+
| Jeroen de Borst              | Tel: +49 6172 736937              |
| Tandem Computers Europe Inc. | Fax: +49 6172 74655               |
| Max Planckstrasse 36         | E-mail: deborst_jeroen@tandem.com |
| D-61381 Friedrichsdorf       |                                   |
| Germany                      |                                   |
+------------------------------+-----------------------------------+

Follow-Ups:

Re: SSLv3 MAC calculation

From: Tom Weinstein <tomw@netscape.com>

Previous: SV: Which are the security implications
Next: Re: Need a Security Consultant
Index(es):
- Index
- Thread