Nelson B Bolyard wrote:
Sounds like you're not running your build. Are you perhaps still getting
the 'system" libraries in your tests, rather than your own built libs?
I made some progress today.
Damn Nelson, you were right. I got to say I don't know where else it
could have been from but at the moment, it wasn't obvious.
It helped me to know that the MYC cipher gets selected with selfserv and
tstclnt.
Wan-Teh, you were right I forgot these parts in sslimpl.h but it was
only in MYC which is the copy of SEED I did in 45minutes. The real
cipher got this part right.
I made some progress but now I have a problem in the OpenSSL part. It's
hard to know where a problem could be from with many entities.
This is the error I have in the postfix log. What is printed is OpenSSL:
Mar 18 19:40:15 pico postfix/smtpd[3842]: SSL3 alert write:fatal:bad
record mac
Mar 18 19:40:15 pico postfix/smtpd[3842]: SSL_accept:error in SSLv3 read
certificate verify A
Mar 18 19:40:15 pico postfix/smtpd[3842]: SSL_accept error from
unknown[10.0.0.69]: -1
Mar 18 19:40:15 pico postfix/smtpd[3842]: warning: TLS library problem:
3842:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or
bad record mac:s3_pkt.c:422:
Mar 18 19:40:15 pico postfix/smtpd[3842]: lost connection after STARTTLS
from unknown[10.0.0.69]
I copy this here because you may have an idea even though it's not about
the NSS Project. What's sure now is that part of the negociation works
because I put a printf in the cbc encryption of my cipher and it gets
printed when I try to send an email with SMTPs.
The weird thing is NSS works with S/Mime and OpenSSL works with a TLS
session between "openssl s_server" and "openssl s_client" but not
together... yet (I hope).
Thanks for your inputs.
Gregory.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
