Re: How to form a proper hash after writing somethinginto SSL handshake.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

For the same reason one doesn't wear a halloween costume to a technical meeting, Comic Sans is looked down upon when used outside comics and day-care centers.  It is considered a snub to use it in non-trivial settings.

Much as lifting up your middle finger has no inherent meaning per se, but once one realizes that it definitely has meaning to others and one lifts one's middle finger to others anyway, it can only be assumed that one has intended to send the message others have assigned to it.  So, for whatever vague societal reasons, comic sans has become equivalent to wearing a speedo to a formal wedding, giggling hysterically during one's performance review, or skipping around the track in a tu-tu and clownface during the 440 meter track event at the Olympics.  Those are the breaks!  Sorry for your loss of a connotation free comic sans.  I feel your pain.  Herd dynamics can be brutal and bleak.

http://knowyourmeme.com/memes/comic-sans
"...While adequate for certain industry sectors like childcare and entertainment, its usage in business or professional settings has been criticized by many aesthetic-conscious Internet users, who say Comic Sans conveys silliness and irreverence that is hardly suitable for serious matters....:
On 12/29/2017 08:14 AM, Sai Teja Chowdary wrote:

 

Why? What is the problem with Comic Sans. I like it!

 

You can say more if you have something useful.

 

Thanks

 

Saiteja.

 

From: Michael Sierchio
Sent: Friday, December 29, 2017 10:38 AM
To: openssl-users@xxxxxxxxxxx
Subject: Re: How to form a proper hash after writing somethinginto SSL handshake.

 

 

Comic Sans. Need I say more?

 

On Tue, Dec 26, 2017 at 4:53 AM, Sai Teja Chowdary <asteja.chowdary.ece13@xxxxxxxxxxx> wrote:

 

Hi,

 

Happy Holidays everyone.

 

I want to send client certificate, client key exchange and client verify in a single handshake message which appears as multiple handshake messages in a single record. But to sent the client verify I need to first make a hash of previous messages(client certificate and client key exchange) to create the signature.

 

Can anyone help me to find the function in OpenSSL 1.1.1-dev  xx XXX xxxx (or right procedure that needs to be done before creating a certificate verify message)that can do a proper transcript(digest or hash not clear). I tried using ssl3_finish_mac() on the message containing client certificate and client key exchange and then tried to generate the signature in certificate verify message.

But it is giving me a digest error. I am new to the mailing list want a bit of help to proceed forward stuck here. Please reply in case if anything is not clear.

 

Here is a code snippet, how I am forming the data containing all client certificate , client key exchange and certificate verify messages inside write_state_machine().

 

if(WPACKET_init(&pkt, s->init_buf)){

//Client certificate formation

             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||         !ssl_close_construct_packet(s,&pkt,mt)){

                  printf("PROBLEM\n");

                }

             transition(s);  //transition to next state i.e client key exchange

 

             get_construct_message_f(s, &pkt, &confunc, &mt);

//client key exchange formation

             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||         !ssl_close_construct_packet(s,&pkt,mt)){

                   printf("AGAIN A PROBLEMO\n");

                }

 

//ssl3_finish_mac(s, &s->init_buf->data[s->init_off], s->init_num);

             st->write_state_work = post_work(s, st->write_state_work);

             transition(s);  // transition to next state i.e  certificate verify

 

             get_construct_message_f(s, &pkt, &confunc, &mt);

//certificate verify message formation.

             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||                                          !ssl_close_construct_packet(s,&pkt,mt)){

                   printf("AGAIN A PROBLEMO\n");

                }

             WPACKET_finish(&pkt);

 

 

Please take a look at it, appreciate every bit of help.

 

Regards,

Saiteja

 


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



 

--

"Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred."


- The Mahābhārata

 




-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux