On Sat, Mar 03, 2007 at 12:23:56PM -0500, James Muir wrote: > Does anyone know the bit-length of the symmetric keys used in HMAC after > two nodes establish a TLS session? I've tried to discover this from the > specs, source code and using various "openssl s_client" commands, but no > luck. Check out section 6.3 of RFC2246: the MAC secrets are derived from the first 2*SecurityParmeters.hash_size bytes of the generated key block. So this will be 20 bytes if the hash is SHA-1, etc. hth, -- Nick Mathewson
Attachment:
pgpoPMV2X0NTe.pgp
Description: PGP signature