Not able to calculate the mac for client finish correctly
I am using TLS 1.2, both client and server using openssl
openssl s_client -tls1_2 -ciphersuites TLS_RSA_WITH_AES_256_CBC_SHA256 -connect 10.254.254.101:4444 -keylogfile dk-rsa.txt
openssl s_server -accept 4444 -www -tls1_2 -ciphersuites TLS_RSA_WITH_AES_256_CBC_SHA256 -key rsa-priv.pem -cert cert-rsa.pem
From my Wireshark Debug file, I am able to get the secrets
ClientMacKey
mackey='18db0fb10326e5511f278e0a88edbbfaa1280e28202875ac62ed46f4d7fab273'
Client Write Key
hexkey='ccd8389905abd3b5f3daf5349ab7e62fcdbac970c0705f770b51b9d5c2fbd59c'
I am using Encrypt then Mac extension. When I look at the encrypted client finish message, I see 80 Bytes of Cipher text
Ciphertext[80]:
| 8f 77 7c 98 ae ae 89 6c b3 40 45 d3 93 a2 01 23 |.w|....l.@E....#|
| 26 2d dd 1f f7 92 9c c5 ba 40 0b 1f 47 bb 95 3a |&-.......@..G..:|
| 54 3e 0b da be 92 32 ae 54 45 90 78 a4 ec be 14 |T>....2.TE.x....|
| 5e d5 70 77 cc 59 77 bd 10 88 89 0e d3 8b 9a 35 |^.pw.Yw........5|
| a1 17 db 0b fa f2 0f 7f ff f0 d7 db c6 f1 22 26 |.............."&|
I am assuming the first 16 Bytes are IV, the next 32 Bytes are Message+Pad+Padlength and the last 32 bytes are mac. My Problem is when I try to calculate the mac , I dont get the value shown in the ciphertext: Here are my Keys from the Debug file:
Client MAC key[32]:
| 18 db 0f b1 03 26 e5 51 1f 27 8e 0a 88 ed bb fa |.....&.Q.'......|
| a1 28 0e 28 20 28 75 ac 62 ed 46 f4 d7 fa b2 73 |.(.( (u.b.F....s|
Server MAC key[32]:
| 6a 70 2f 39 af 12 53 d4 aa c6 09 b1 0d e3 65 9f |jp/9..S.......e.|
| 75 cf d0 cd cc ff 14 5d 6a 55 be 1c 5d df 86 0b |u......]jU..]...|
Client Write key[32]:
| cc d8 38 99 05 ab d3 b5 f3 da f5 34 9a b7 e6 2f |..8........4.../|
| cd ba c9 70 c0 70 5f 77 0b 51 b9 d5 c2 fb d5 9c |...p.p_w.Q......|
Server Write key[32]:
| aa c7 16 8c 9c 88 cd 0b 79 58 ce 39 80 9a de 33 |........yX.9...3|
| c5 ba b9 d2 ec 87 62 38 3a 93 e5 52 ba 6e d6 11 |......b8:..R.n..|
Client Write IV[16]:
| 14 21 f3 67 41 10 36 19 aa 64 8d fb 4e c4 90 b6 |.!.gA.6..d..N...|
Server Write IV[16]:
| b1 cb 9a e0 3e 8e 6b cd 67 08 f9 6e 32 66 49 59 |....>.k.g..n2fIY|
This is how I am checking the Hash:
#sequence='0000000000000000'
#rechdr='16 03 03'
#datalen='00 50'
#iv='8f 77 7c 98 ae ae 89 6c b3 40 45 d3 93 a2 01 23'
#echo $sequence $rechdr $datalen $iv $data | xxd -r -p | openssl dgst -sha256 -mac HMAC -macopt hexkey:$mackey
(stdin)= 32c869452c5a4da6e718ae7a6c52e74cd3317a58c422c03a8886f06018c51205
#datalen='00 10 ...