You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.

Domestic Server SSL Connection Details

This document contains traces of two SSL connections between a domestic (U.S. and Canada) client and an SSL server, as seen by the server.

This document shows actual values of all the cryptographic computations, their inputs and outputs, in order in the example SSL connections. This is to aid others in developing SSL implementations. The public and private certificates and keys used (revealed) in this example are used only for SSL session samples.

The connections use certificate-based client-authentication. They use RC4 with a full 128-bit key.

This table shows the different messages in the first connection. Each link will take you directly to the relevant portion of the document.

First Connection Messages

Client	Server
Client Hello
	Server Hello
	Certificate
	Certificate Request
	Server Hello Done
Client Certificate
Client Key Exchange
Certificate Verify
Change Cipher Spec
Finished
	Change Cipher Spec
	Finished
HTTP request
	HTTP response
	Close Notify Alert
Close Notify Alert

The second connection uses the "session resume" (or "session restart") feature of SSL, to avoid repeating all the computation of the client_key_exchange message.

Second ("Restarted") Connection Messages

Client	Server
Client Hello (V3)
	Server Hello
	Change Cipher Spec
	Finished
Change Cipher Spec
Finished
HTTP request
	HTTP response
	Close Notify Alert
Close Notify Alert

Notes on presentation (format) of following data:

Data that is transmitted, received, or that is input to or output from functions that hash, compress, encrypt or decrypt, are shown in both hexadecimal and in ASCII, with unprintable charaacters shown as dots.

Other lines contain comments or analysis of the data. Comments generally preceed the data they describe.

Lines beginning with a plus ("+") symbol denote data that is actually transmitted or received over the underlying transport (TCP) connection. All other lines of data are used only internally.

The intermediate state of the MD5 and SHA-1 hashes is shown in two parts, the contents of the 4 (MD5) or 5 (SHA-1) 32-bit state variables are shown in hexadecimal, followed by the content of any buffered input to the hash function (partial hash input block) that has not yet been processed by the hash function.

The first Connection.

Client Hello

The first connection begins with an SSL version 2 client-hello message from the client.

raw gather data: [Len: 2]
+  80 34                                             .4
recv clear record: [Len: 52]
+  01 03 00 00 1b 00 00 00 10 01 00 80 03 00 80 06   ................
+  00 40 07 00 c0 00 00 04 00 00 0a 00 00 09 00 00   .@..............
+  03 00 00 06 d8 90 d7 86 4e 5c 92 9f 90 07 da 83   ........N\......
+  1c 25 89 01                                       .%..
got handshake record of 52 bytes
dump-msg: Client-Hello
          version (Major)=3
          version (minor)=0
          cipher-specs [Len: 27]
            01 00 80 03 00 80 06 00 40 07 00 c0 00 00 04 00 
            00 0a 00 00 09 00 00 03 00 00 06 
          session-id [Len: 0]
          challenge [Len: 16]
            d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01 
handle v2 client_hello
start handshake hashes

The server interprets the "challenge" data from the V2 client-hello as the low order, right-most, bytes of the SSL3 "client random" data.

client random: [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

All handshake messages, from either client or server, beginning with the client-hello, must be included in the ongoing "handshake hashes". There are two handshake hashes, one MD5, the other SHA1. The content of the handshake messages, excluding any record-layer headers, is hashed into each of the two hashes.

The client-hello shown above is the first input to the handshake hashes:

MD5 & SHA handshake hash input: [Len: 52]
   01 03 00 00 1b 00 00 00 10 01 00 80 03 00 80 06   ................
   00 40 07 00 c0 00 00 04 00 00 0a 00 00 09 00 00   .@..............
   03 00 00 06 d8 90 d7 86 4e 5c 92 9f 90 07 da 83   ........N\......
   1c 25 89 01                                       .%..

After hashing the client_hello handshake, the hashshake hashes are:

MD5 state: 67452301 efcdab89 98badcfe 10325476
MD5_TraceState: buffered input [Len: 52]
   01 03 00 00 1b 00 00 00 10 01 00 80 03 00 80 06   ................
   00 40 07 00 c0 00 00 04 00 00 0a 00 00 09 00 00   .@..............
   03 00 00 06 d8 90 d7 86 4e 5c 92 9f 90 07 da 83   ........N\......
   1c 25 89 01                                       .%..
SHA1 state: 67452301 efcdab89 98badcfe 10325476 c3d2e1f0
SHA1_TraceState: buffered input [Len: 52]
   01 03 00 00 1b 00 00 00 10 01 00 80 03 00 80 06   ................
   00 40 07 00 c0 00 00 04 00 00 0a 00 00 09 00 00   .@..............
   03 00 00 06 d8 90 d7 86 4e 5c 92 9f 90 07 da 83   ........N\......
   1c 25 89 01                                       .%..

Server Hello Handshake

The server now sends a response, a single handshake record containing 4 handshake messages:

server_hello
certificate
certificate request
server_hello_done

begin send server_hello sequence

The server_hello handshake message, shown below, is entirely included in the handshake hashes.

append handshake header: type server_hello  (2)
   02                                                .
   00 00 46                                          ..F
   03 00                                             ..
server random:
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
   20                                                 
session ID:
   00 00 4f 47 95 8f 49 f8 7b d8 41 71 5f 36 f9 6f   ..OG..I.{.Aq_6.o
   7d a2 31 fa 25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c   }.1.%..E<......\
   00 04                                             ..
   00                                                .

Set Pending Cipher Suite to 0x0004 -- SSL_RSA_WITH_RC4_128_MD5

After hashing the server_hello handshake, the handshake hashes are now:

MD5 state: 88c9b8df c144c316 3d5f0a6f 5c8050c2
MD5_TraceState: buffered input [Len: 62]
   ce e0 92 9c ff 03 be d3 c5 25 a2 ec 61 85 b1 ea   .........%..a...
   93 bf a0 5e a9 79 1c 8a ed 16 20 00 00 4f 47 95   ...^.y.... ..OG.
   8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa 25   .I.{.Aq_6.o}.1.%
   07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00         ..E<......\...
SHA1 state: 626c5d48 a75e6328 14b572a7 a6342561 95d4b038
SHA1_TraceState: buffered input [Len: 62]
   ce e0 92 9c ff 03 be d3 c5 25 a2 ec 61 85 b1 ea   .........%..a...
   93 bf a0 5e a9 79 1c 8a ed 16 20 00 00 4f 47 95   ...^.y.... ..OG.
   8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa 25   .I.{.Aq_6.o}.1.%
   07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00         ..E<......\...

Server's Certificate Handhake

The Server constructs the following certificate handshake message, which is entirely included in the handshake hashes.

send certificate handshake
append handshake header: type certificate  (11)
   0b                                                .
   00 05 2f                                          ../
   00 05 2c                                          ..,
   00 02 7c                                          ..|
   30 82 02 78 30 82 01 e1 a0 03 02 01 02 02 01 70   0..x0..........p
   30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30   0...*.H........0
   77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 2c   w1.0...U....US1,
   30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61 70   0*..U...#Netscap
   65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73   e Communications
   20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 11 30 0f    Corporation1.0.
   06 03 55 04 0b 13 08 48 61 72 64 63 6f 72 65 31   ..U....Hardcore1
   27 30 25 06 03 55 04 03 13 1e 48 61 72 64 63 6f   '0%..U....Hardco
   72 65 20 43 65 72 74 69 66 69 63 61 74 65 20 53   re Certificate S
   65 72 76 65 72 20 49 49 30 1e 17 0d 39 37 30 38   erver II0...9708
   31 39 30 34 33 32 32 38 5a 17 0d 39 38 30 32 31   19043228Z..98021
   35 30 34 33 32 32 38 5a 30 81 98 31 0b 30 09 06   5043228Z0..1.0..
   03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04   .U....US1.0...U.
   0a 13 08 4e 65 74 73 63 61 70 65 31 1d 30 1b 06   ...Netscape1.0..
   03 55 04 0b 13 14 48 61 72 64 63 6f 72 65 20 53   .U....Hardcore S
   53 4c 20 74 65 73 74 69 6e 67 31 19 30 17 06 0a   SL testing1.0...
   09 92 26 89 93 f2 2c 64 01 01 13 09 53 53 4c 54   ..&...,d....SSLT
   65 73 74 65 72 31 17 30 15 06 03 55 04 03 13 0e   ester1.0...U....
   62 69 6a 6f 75 2e 6d 63 6f 6d 2e 63 6f 6d 31 23   bijou.mcom.com1#
   30 21 06 09 2a 86 48 86 f7 0d 01 09 01 16 14 6e   0!..*.H........n
   65 6c 73 6f 6e 62 40 6e 65 74 73 63 61 70 65 2e   elsonb@netscape.
   63 6f 6d 30 5c 30 0d 06 09 2a 86 48 86 f7 0d 01   com0\0...*.H....
   01 01 05 00 03 4b 00 30 48 02 41 00 e3 f3 ba 48   .....K.0H.A....H
   dd 2e bd a8 e9 87 8e 5f 8a 9e cb c9 6d c1 8b 79   ......._....m..y
   31 ad b0 26 39 ba dc 28 d1 f0 20 75 a4 24 d2 e8   1..&9..(.. u.$..
   16 e7 b3 b6 aa 39 e5 e2 4c bf 8e 5f 96 4b cd 09   .....9..L.._.K..
   75 71 b1 69 1f 67 df b7 ac 58 29 a1 02 03 01 00   uq.i.g...X).....
   01 a3 36 30 34 30 11 06 09 60 86 48 01 86 f8 42   ..6040...`.H...B
   01 01 04 04 03 02 00 40 30 1f 06 03 55 1d 23 04   .......@0...U.#.
   18 30 16 80 14 97 b1 6d b2 b6 02 16 54 0c 97 d7   .0.....m....T...
   e3 32 6d cb 9c df ee de 80 30 0d 06 09 2a 86 48   .2m......0...*.H
   86 f7 0d 01 01 04 05 00 03 81 81 00 a0 e6 3f 22   ..............?"
   15 fb 54 8f ee a3 d8 81 ee 20 ad 67 d6 a4 64 67   ..T...... .g..dg
   3a d1 74 4f 19 4a ba 9e 9d ce b9 4c d7 40 c1 f0   :.tO.J.....L.@..
   fd 32 5e 7b 73 c5 27 55 e4 e0 f0 7d ee ec fe 10   .2^{s.'U...}....
   16 0f 6f c5 a0 12 5e c6 74 c9 16 c4 d7 43 cc 78   ..o...^.t....C.x
   16 2b 4c 98 7f be 27 cf d9 bd 76 53 e8 ed f9 1a   .+L...'...vS....
   05 77 9e fd 80 a9 e6 05 14 bf d2 0d 0f ff 17 38   .w.............8
   5c 74 62 e9 f1 1b 41 3b 74 36 06 cc 67 da 03 ca   \tb...A;t6..g...
   37 d2 1c 66 37 fc c0 be fd 20 32 e0               7..f7.... 2.
   00 02 aa                                          ...
   30 82 02 a6 30 82 02 0f a0 03 02 01 02 02 01 01   0...0...........
   30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30   0...*.H........0
   77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 2c   w1.0...U....US1,
   30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61 70   0*..U...#Netscap
   65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73   e Communications
   20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 11 30 0f    Corporation1.0.
   06 03 55 04 0b 13 08 48 61 72 64 63 6f 72 65 31   ..U....Hardcore1
   27 30 25 06 03 55 04 03 13 1e 48 61 72 64 63 6f   '0%..U....Hardco
   72 65 20 43 65 72 74 69 66 69 63 61 74 65 20 53   re Certificate S
   65 72 76 65 72 20 49 49 30 1e 17 0d 39 37 30 35   erver II0...9705
   32 37 31 38 30 39 34 37 5a 17 0d 39 38 30 35 32   27180947Z..98052
   37 31 38 30 39 34 37 5a 30 77 31 0b 30 09 06 03   7180947Z0w1.0...
   55 04 06 13 02 55 53 31 2c 30 2a 06 03 55 04 0a   U....US1,0*..U..
   13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d 75   .#Netscape Commu
   6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f 72   nications Corpor
   61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13 08   ation1.0...U....
   48 61 72 64 63 6f 72 65 31 27 30 25 06 03 55 04   Hardcore1'0%..U.
   03 13 1e 48 61 72 64 63 6f 72 65 20 43 65 72 74   ...Hardcore Cert
   69 66 69 63 61 74 65 20 53 65 72 76 65 72 20 49   ificate Server I
   49 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01   I0..0...*.H.....
   01 05 00 03 81 8d 00 30 81 89 02 81 81 00 bc 14   .......0........
   a0 c0 53 fa e1 4d b9 cd 0e b7 42 e3 cd 98 46 e0   ..S..M....B...F.
   b3 1e 13 76 c7 c5 e5 3d e5 24 18 dd 72 1a 37 7f   ...v...=.$..r.7.
   c4 66 51 36 7f e1 ae e9 11 5e 29 6f ac ff 28 ce   .fQ6.....^)o..(.
   cd 53 ae 39 09 75 a1 eb d2 ec 79 d4 e9 6b 4c 99   .S.9.u....y..kL.
   e4 b6 42 d0 f7 52 8b ae 4a 33 6b 58 5b 47 57 13   ..B..R..J3kX[GW.
   a3 61 32 86 02 e8 63 e6 7a 27 c2 99 7a 22 48 d9   .a2...c.z'..z"H.
   c8 d1 5c 6d b1 37 84 66 4b 9e a2 ce 31 6c 1c 06   ..\m.7.fK...1l..
   7a 5f c5 7b b8 ff 58 89 f6 0b 40 6f 7c 0d 02 03   z_.{..X...@o|...
   01 00 01 a3 42 30 40 30 1d 06 03 55 1d 0e 04 16   ....B0@0...U....
   04 14 97 b1 6d b2 b6 02 16 54 0c 97 d7 e3 32 6d   ....m....T....2m
   cb 9c df ee de 80 30 1f 06 03 55 1d 23 04 18 30   ......0...U.#..0
   16 80 14 97 b1 6d b2 b6 02 16 54 0c 97 d7 e3 32   .....m....T....2
   6d cb 9c df ee de 80 30 0d 06 09 2a 86 48 86 f7   m......0...*.H..
   0d 01 01 05 05 00 03 81 81 00 9b 52 fe 93 fa 40   ...........R...@
   4d a9 8d 72 f9 f6 f6 c9 32 40 dc 20 fe be a5 a2   M..r....2@. ....
   db e6 2c df d1 5f a0 66 45 d1 6e 5f 0a 91 e9 0b   ..,.._.fE.n_....
   c1 7c 8a c0 64 a0 d4 24 56 85 b5 a0 aa 1e c8 8c   .|..d..$V.......
   15 40 ac fc 5a 2f 94 18 44 b9 73 23 c1 49 a0 24   .@..Z/..D.s#.I.$
   ff b0 47 9c d8 28 1f b3 70 a7 62 b3 5b 8e 4d 82   ..G..(..p.b.[.M.
   bd 4d 85 eb 0d 5a 87 c0 41 c9 a6 c2 69 9c ee 81   .M...Z..A...i...
   49 2a fb 01 55 6f b1 df 21 a7 b0 70 e4 5d 34 3b   I*..Uo..!..p.]4;
   90 29 f9 14 c3 2e 07 79 13 c7                     .).....y..

After hashing the certificate handshake message, the handshake hashes are:

MD5 state: 9cbff56d 42b7e94e f4ff1acf 323703fa
MD5_TraceState: buffered input [Len: 49]
   a7 62 b3 5b 8e 4d 82 bd 4d 85 eb 0d 5a 87 c0 41   .b.[.M..M...Z..A
   c9 a6 c2 69 9c ee 81 49 2a fb 01 55 6f b1 df 21   ...i...I*..Uo..!
   a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3 2e 07 79 13   ..p.]4;.).....y.
   c7                                                .
SHA1 state: bb19323f 4e8e5ab8 b1cbe0a2 687c706b d8f29c00
SHA1_TraceState: buffered input [Len: 49]
   a7 62 b3 5b 8e 4d 82 bd 4d 85 eb 0d 5a 87 c0 41   .b.[.M..M...Z..A
   c9 a6 c2 69 9c ee 81 49 2a fb 01 55 6f b1 df 21   ...i...I*..Uo..!
   a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3 2e 07 79 13   ..p.]4;.).....y.
   c7                                                .

Certificate Request Handshake

The following certificate_request handshake message is entirely included in the handshake hashes.

send certificate_request handshake
append handshake header: type certificate_request (13)
   0d                                                .
   00 12 ea                                          ...
   02                                                .
   01 02                                             ..
   12 e5                                             ..
   00 64                                             .d
   30 62 31 11 30 0f 06 03 55 04 07 13 08 49 6e 74   0b1.0...U....Int
   65 72 6e 65 74 31 17 30 15 06 03 55 04 0a 13 0e   ernet1.0...U....
   56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31 34   VeriSign, Inc.14
   30 32 06 03 55 04 0b 13 2b 56 65 72 69 53 69 67   02..U...+VeriSig
   6e 20 43 6c 61 73 73 20 31 20 43 41 20 2d 20 49   n Class 1 CA - I
   6e 64 69 76 69 64 75 61 6c 20 53 75 62 73 63 72   ndividual Subscr
   69 62 65 72                                       iber
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   1b 30 19 06 03 55 04 0a 13 12 49 42 4d 20 57 6f   .0...U....IBM Wo
   72 6c 64 20 52 65 67 69 73 74 72 79 31 33 30 31   rld Registry1301
   06 03 55 04 03 13 2a 49 42 4d 20 57 6f 72 6c 64   ..U...*IBM World
   20 52 65 67 69 73 74 72 79 20 43 65 72 74 69 66    Registry Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 5f                                             ._
   30 5d 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0]1.0...U....US1
   21 30 1f 06 03 55 04 0a 13 18 42 42 4e 20 43 65   !0...U....BBN Ce
   72 74 69 66 69 63 61 74 65 20 53 65 72 76 69 63   rtificate Servic
   65 73 31 2b 30 29 06 03 55 04 03 13 22 42 42 4e   es1+0)..U..."BBN
   20 43 65 72 74 69 66 69 63 61 74 65 20 53 65 72    Certificate Ser
   76 69 63 65 73 20 43 41 20 52 6f 6f 74 20 31      vices CA Root 1
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53 69   .0...U....VeriSi
   67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55 04   gn, Inc.1705..U.
   0b 13 2e 43 6c 61 73 73 20 31 20 50 75 62 6c 69   ...Class 1 Publi
   63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69 66   c Primary Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 99                                             ..
   30 81 96 31 0b 30 09 06 03 55 04 06 13 02 55 4b   0..1.0...U....UK
   31 0f 30 0d 06 03 55 04 08 13 06 4c 6f 6e 64 6f   1.0...U....Londo
   6e 31 19 30 17 06 03 55 04 0a 13 10 55 70 74 69   n1.0...U....Upti
   6d 65 20 47 72 6f 75 70 20 50 6c 63 31 1c 30 1a   me Group Plc1.0.
   06 03 55 04 0b 13 13 55 70 74 69 6d 65 20 43 6f   ..U....Uptime Co
   6d 6d 65 72 63 65 20 4c 74 64 31 17 30 15 06 03   mmerce Ltd1.0...
   55 04 03 13 0e 55 54 43 20 43 6c 61 73 73 20 31   U....UTC Class 1
   20 43 41 31 24 30 22 06 09 2a 86 48 86 f7 0d 01    CA1$0"..*.H....
   09 01 16 15 63 65 72 74 73 40 75 70 74 69 6d 65   ....certs@uptime
   67 72 6f 75 70 2e 63 6f 6d                        group.com
   00 c7                                             ..
   30 81 c4 31 0b 30 09 06 03 55 04 06 13 02 5a 41   0..1.0...U....ZA
   31 15 30 13 06 03 55 04 08 13 0c 57 65 73 74 65   1.0...U....Weste
   72 6e 20 43 61 70 65 31 12 30 10 06 03 55 04 07   rn Cape1.0...U..
   13 09 43 61 70 65 20 54 6f 77 6e 31 1d 30 1b 06   ..Cape Town1.0..
   03 55 04 0a 13 14 54 68 61 77 74 65 20 43 6f 6e   .U....Thawte Con
   73 75 6c 74 69 6e 67 20 63 63 31 28 30 26 06 03   sulting cc1(0&..
   55 04 0b 13 1f 43 65 72 74 69 66 69 63 61 74 69   U....Certificati
   6f 6e 20 53 65 72 76 69 63 65 73 20 44 69 76 69   on Services Divi
   73 69 6f 6e 31 19 30 17 06 03 55 04 03 13 10 54   sion1.0...U....T
   68 61 77 74 65 20 53 65 72 76 65 72 20 43 41 31   hawte Server CA1
   26 30 24 06 09 2a 86 48 86 f7 0d 01 09 01 16 17   &0$..*.H........
   73 65 72 76 65 72 2d 63 65 72 74 73 40 74 68 61   server-certs@tha
   77 74 65 2e 63 6f 6d                              wte.com
   00 5d                                             .]
   30 5b 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0[1.0...U....US1
   18 30 16 06 03 55 04 0a 13 0f 47 54 45 20 43 6f   .0...U....GTE Co
   72 70 6f 72 61 74 69 6f 6e 31 32 30 30 06 03 55   rporation1200..U
   04 03 13 29 47 54 45 20 53 65 63 75 72 65 20 53   ...)GTE Secure S
   65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74   erver Certificat
   69 6f 6e 20 41 75 74 68 6f 72 69 74 79            ion Authority
   00 3b                                             .;
   30 39 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   091.0...U....US1
   0d 30 0b 06 03 55 04 0a 14 04 41 54 26 54 31 1b   .0...U....AT&T1.
   30 19 06 03 55 04 0b 14 12 44 69 72 65 63 74 6f   0...U....Directo
   72 79 20 53 65 72 76 69 63 65 73                  ry Services
   00 79                                             .y
   30 77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0w1.0...U....US1
   2c 30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61   ,0*..U...#Netsca
   70 65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e   pe Communication
   73 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 11 30   s Corporation1.0
   0f 06 03 55 04 0b 13 08 48 61 72 64 63 6f 72 65   ...U....Hardcore
   31 27 30 25 06 03 55 04 03 13 1e 48 61 72 64 63   1'0%..U....Hardc
   6f 72 65 20 43 65 72 74 69 66 69 63 61 74 65 20   ore Certificate 
   53 65 72 76 65 72 20 49 49                        Server II
   00 42                                             .B
   30 40 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0@1.0...U....US1
   0c 30 0a 06 03 55 04 0a 13 03 4d 43 49 31 14 30   .0...U....MCI1.0
   12 06 03 55 04 0b 13 0b 69 6e 74 65 72 6e 65 74   ...U....internet
   4d 43 49 31 0d 30 0b 06 03 55 04 0b 13 04 4d 41   MCI1.0...U....MA
   4c 4c                                             LL
   00 79                                             .y
   30 77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0w1.0...U....US1
   2c 30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61   ,0*..U...#Netsca
   70 65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e   pe Communication
   73 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 1c 30   s Corporation1.0
   1a 06 03 55 04 0b 13 13 49 6e 66 6f 72 6d 61 74   ...U....Informat
   69 6f 6e 20 53 79 73 74 65 6d 73 31 1c 30 1a 06   ion Systems1.0..
   03 55 04 03 13 13 72 6f 6f 74 63 61 2e 6e 65 74   .U....rootca.net
   73 63 61 70 65 2e 63 6f 6d                        scape.com
   00 66                                             .f
   30 64 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0d1.0...U....US1
   24 30 22 06 03 55 04 0a 13 1b 49 6e 74 65 67 72   $0"..U....Integr
   69 6f 6e 20 46 69 6e 61 6e 63 69 61 6c 20 4e 65   ion Financial Ne
   74 77 6f 72 6b 31 2f 30 2d 06 03 55 04 03 13 26   twork1/0-..U...&
   49 6e 74 65 67 72 69 6f 6e 20 43 65 72 74 69 66   Integrion Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79 20 52 6f 6f 74                                 y Root
   00 40                                             .@
   30 3e 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0>1.0...U....US1
   0d 30 0b 06 03 55 04 0a 14 04 41 54 26 54 31 20   .0...U....AT&T1 
   30 1e 06 03 55 04 0b 13 17 43 65 72 74 69 66 69   0...U....Certifi
   63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79   cation Authority
   00 99                                             ..
   30 81 96 31 0b 30 09 06 03 55 04 06 13 02 55 4b   0..1.0...U....UK
   31 0f 30 0d 06 03 55 04 08 13 06 4c 6f 6e 64 6f   1.0...U....Londo
   6e 31 19 30 17 06 03 55 04 0a 13 10 55 70 74 69   n1.0...U....Upti
   6d 65 20 47 72 6f 75 70 20 50 6c 63 31 1c 30 1a   me Group Plc1.0.
   06 03 55 04 0b 13 13 55 70 74 69 6d 65 20 43 6f   ..U....Uptime Co
   6d 6d 65 72 63 65 20 4c 74 64 31 17 30 15 06 03   mmerce Ltd1.0...
   55 04 03 13 0e 55 54 43 20 43 6c 61 73 73 20 34   U....UTC Class 4
   20 43 41 31 24 30 22 06 09 2a 86 48 86 f7 0d 01    CA1$0"..*.H....
   09 01 16 15 63 65 72 74 73 40 75 70 74 69 6d 65   ....certs@uptime
   67 72 6f 75 70 2e 63 6f 6d                        group.com
   00 47                                             .G
   30 45 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0E1.0...U....US1
   18 30 16 06 03 55 04 0a 13 0f 47 54 45 20 43 6f   .0...U....GTE Co
   72 70 6f 72 61 74 69 6f 6e 31 1c 30 1a 06 03 55   rporation1.0...U
   04 03 13 13 47 54 45 20 43 79 62 65 72 54 72 75   ....GTE CyberTru
   73 74 20 52 6f 6f 74                              st Root
   00 64                                             .d
   30 62 31 11 30 0f 06 03 55 04 07 13 08 49 6e 74   0b1.0...U....Int
   65 72 6e 65 74 31 17 30 15 06 03 55 04 0a 13 0e   ernet1.0...U....
   56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31 34   VeriSign, Inc.14
   30 32 06 03 55 04 0b 13 2b 56 65 72 69 53 69 67   02..U...+VeriSig
   6e 20 43 6c 61 73 73 20 31 20 43 41 20 2d 20 49   n Class 1 CA - I
   6e 64 69 76 69 64 75 61 6c 20 53 75 62 73 63 72   ndividual Subscr
   69 62 65 72                                       iber
   00 d1                                             ..
   30 81 ce 31 0b 30 09 06 03 55 04 06 13 02 5a 41   0..1.0...U....ZA
   31 15 30 13 06 03 55 04 08 13 0c 57 65 73 74 65   1.0...U....Weste
   72 6e 20 43 61 70 65 31 12 30 10 06 03 55 04 07   rn Cape1.0...U..
   13 09 43 61 70 65 20 54 6f 77 6e 31 1d 30 1b 06   ..Cape Town1.0..
   03 55 04 0a 13 14 54 68 61 77 74 65 20 43 6f 6e   .U....Thawte Con
   73 75 6c 74 69 6e 67 20 63 63 31 28 30 26 06 03   sulting cc1(0&..
   55 04 0b 13 1f 43 65 72 74 69 66 69 63 61 74 69   U....Certificati
   6f 6e 20 53 65 72 76 69 63 65 73 20 44 69 76 69   on Services Divi
   73 69 6f 6e 31 21 30 1f 06 03 55 04 03 13 18 54   sion1!0...U....T
   68 61 77 74 65 20 50 72 65 6d 69 75 6d 20 53 65   hawte Premium Se
   72 76 65 72 20 43 41 31 28 30 26 06 09 2a 86 48   rver CA1(0&..*.H
   86 f7 0d 01 09 01 16 19 70 72 65 6d 69 75 6d 2d   ........premium-
   73 65 72 76 65 72 40 74 68 61 77 74 65 2e 63 6f   server@thawte.co
   6d                                                m
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53 69   .0...U....VeriSi
   67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55 04   gn, Inc.1705..U.
   0b 13 2e 43 6c 61 73 73 20 32 20 50 75 62 6c 69   ...Class 2 Publi
   63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69 66   c Primary Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 63                                             .c
   30 61 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0a1.0...U....US1
   13 30 11 06 03 55 04 08 13 0a 43 61 6c 69 66 6f   .0...U....Califo
   72 6e 69 61 31 14 30 12 06 03 55 04 0a 13 0b 43   rnia1.0...U....C
   6f 6d 6d 65 72 63 65 4e 65 74 31 27 30 25 06 03   ommerceNet1'0%..
   55 04 0b 13 1e 53 65 72 76 65 72 20 43 65 72 74   U....Server Cert
   69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72   ification Author
   69 74 79                                          ity
   00 62                                             .b
   30 60 31 0b 30 09 06 03 55 04 06 13 02 42 52 31   0`1.0...U....BR1
   2d 30 2b 06 03 55 04 0a 13 24 43 65 72 74 69 53   -0+..U...$CertiS
   69 67 6e 20 43 65 72 74 69 66 69 63 61 64 6f 72   ign Certificador
   61 20 44 69 67 69 74 61 6c 20 4c 74 64 61 31 22   a Digital Ltda1"
   30 20 06 03 55 04 0b 13 19 42 52 20 43 65 72 74   0 ..U....BR Cert
   69 66 69 63 61 74 69 6f 6e 20 53 65 72 76 69 63   ification Servic
   65 73                                             es
   00 64                                             .d
   30 62 31 11 30 0f 06 03 55 04 07 13 08 49 6e 74   0b1.0...U....Int
   65 72 6e 65 74 31 17 30 15 06 03 55 04 0a 13 0e   ernet1.0...U....
   56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31 34   VeriSign, Inc.14
   30 32 06 03 55 04 0b 13 2b 56 65 72 69 53 69 67   02..U...+VeriSig
   6e 20 43 6c 61 73 73 20 31 20 43 41 20 2d 20 49   n Class 1 CA - I
   6e 64 69 76 69 64 75 61 6c 20 53 75 62 73 63 72   ndividual Subscr
   69 62 65 72                                       iber
   00 ce                                             ..
   30 81 cb 31 0b 30 09 06 03 55 04 06 13 02 5a 41   0..1.0...U....ZA
   31 15 30 13 06 03 55 04 08 13 0c 57 65 73 74 65   1.0...U....Weste
   72 6e 20 43 61 70 65 31 12 30 10 06 03 55 04 07   rn Cape1.0...U..
   13 09 43 61 70 65 20 54 6f 77 6e 31 1a 30 18 06   ..Cape Town1.0..
   03 55 04 0a 13 11 54 68 61 77 74 65 20 43 6f 6e   .U....Thawte Con
   73 75 6c 74 69 6e 67 31 28 30 26 06 03 55 04 0b   sulting1(0&..U..
   13 1f 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20   ..Certification 
   53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 6f   Services Divisio
   6e 31 21 30 1f 06 03 55 04 03 13 18 54 68 61 77   n1!0...U....Thaw
   74 65 20 50 65 72 73 6f 6e 61 6c 20 42 61 73 69   te Personal Basi
   63 20 43 41 31 28 30 26 06 09 2a 86 48 86 f7 0d   c CA1(0&..*.H...
   01 09 01 16 19 70 65 72 73 6f 6e 61 6c 2d 62 61   .....personal-ba
   73 69 63 40 74 68 61 77 74 65 2e 63 6f 6d         sic@thawte.com
   00 42                                             .B
   30 40 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0@1.0...U....US1
   0c 30 0a 06 03 55 04 0a 13 03 4d 43 49 31 14 30   .0...U....MCI1.0
   12 06 03 55 04 0b 13 0b 69 6e 74 65 72 6e 65 74   ...U....internet
   4d 43 49 31 0d 30 0b 06 03 55 04 0b 13 04 4d 41   MCI1.0...U....MA
   4c 4c                                             LL
   00 64                                             .d
   30 62 31 11 30 0f 06 03 55 04 07 13 08 49 6e 74   0b1.0...U....Int
   65 72 6e 65 74 31 17 30 15 06 03 55 04 0a 13 0e   ernet1.0...U....
   56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31 34   VeriSign, Inc.14
   30 32 06 03 55 04 0b 13 2b 56 65 72 69 53 69 67   02..U...+VeriSig
   6e 20 43 6c 61 73 73 20 32 20 43 41 20 2d 20 49   n Class 2 CA - I
   6e 64 69 76 69 64 75 61 6c 20 53 75 62 73 63 72   ndividual Subscr
   69 62 65 72                                       iber
   00 5e                                             .^
   30 5c 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0\1.0...U....US1
   20 30 1e 06 03 55 04 0a 13 17 52 53 41 20 44 61    0...U....RSA Da
   74 61 20 53 65 63 75 72 69 74 79 2c 20 49 6e 63   ta Security, Inc
   2e 31 2b 30 29 06 03 55 04 0b 13 22 43 6f 6d 6d   .1+0)..U..."Comm
   65 72 63 69 61 6c 20 43 65 72 74 69 66 69 63 61   ercial Certifica
   74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79         tion Authority
   00 3d                                             .=
   30 3b 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0;1.0...U....US1
   0d 30 0b 06 03 55 04 0a 14 04 41 54 26 54 31 1d   .0...U....AT&T1.
   30 1b 06 03 55 04 0b 13 14 43 65 72 74 69 66 69   0...U....Certifi
   63 61 74 65 20 53 65 72 76 69 63 65 73            cate Services
   00 99                                             ..
   30 81 96 31 0b 30 09 06 03 55 04 06 13 02 55 4b   0..1.0...U....UK
   31 0f 30 0d 06 03 55 04 08 13 06 4c 6f 6e 64 6f   1.0...U....Londo
   6e 31 19 30 17 06 03 55 04 0a 13 10 55 70 74 69   n1.0...U....Upti
   6d 65 20 47 72 6f 75 70 20 50 6c 63 31 1c 30 1a   me Group Plc1.0.
   06 03 55 04 0b 13 13 55 70 74 69 6d 65 20 43 6f   ..U....Uptime Co
   6d 6d 65 72 63 65 20 4c 74 64 31 17 30 15 06 03   mmerce Ltd1.0...
   55 04 03 13 0e 55 54 43 20 43 6c 61 73 73 20 33   U....UTC Class 3
   20 43 41 31 24 30 22 06 09 2a 86 48 86 f7 0d 01    CA1$0"..*.H....
   09 01 16 15 63 65 72 74 73 40 75 70 74 69 6d 65   ....certs@uptime
   67 72 6f 75 70 2e 63 6f 6d                        group.com
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53 69   .0...U....VeriSi
   67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55 04   gn, Inc.1705..U.
   0b 13 2e 43 6c 61 73 73 20 33 20 50 75 62 6c 69   ...Class 3 Publi
   63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69 66   c Primary Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 cc                                             ..
   30 81 c9 31 1f 30 1d 06 03 55 04 0a 13 16 56 65   0..1.0...U....Ve
   72 69 53 69 67 6e 20 54 72 75 73 74 20 4e 65 74   riSign Trust Net
   77 6f 72 6b 31 2c 30 2a 06 03 55 04 0b 13 23 4e   work1,0*..U...#N
   65 74 73 63 61 70 65 20 43 6f 6d 6d 75 6e 69 63   etscape Communic
   61 74 69 6f 6e 73 20 43 6f 72 70 6f 72 61 74 69   ations Corporati
   6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4e 65 74   on1-0+..U...$Net
   73 63 61 70 65 20 45 78 70 6f 72 74 20 43 6f 6e   scape Export Con
   74 72 6f 6c 20 43 41 20 2d 20 43 6c 61 73 73 20   trol CA - Class 
   33 31 49 30 47 06 03 55 04 0b 13 40 77 77 77 2e   31I0G..U...@www.
   76 65 72 69 73 69 67 6e 2e 63 6f 6d 2f 43 50 53   verisign.com/CPS
   20 49 6e 63 6f 72 70 2e 62 79 20 52 65 66 2e 20    Incorp.by Ref. 
   4c 49 41 42 49 4c 49 54 59 20 4c 54 44 2e 28 63   LIABILITY LTD.(c
   29 39 37 20 56 65 72 69 53 69 67 6e               )97 VeriSign
   00 34                                             .4
   30 32 31 0b 30 09 06 03 55 04 06 13 02 43 41 31   021.0...U....CA1
   23 30 21 06 03 55 04 0a 13 1a 43 61 6e 61 64 61   #0!..U....Canada
   20 50 6f 73 74 20 43 6f 72 70 6f 72 61 74 69 6f    Post Corporatio
   6e 20 43 41                                       n CA
   00 2e                                             ..
   30 2c 31 0b 30 09 06 03 55 04 06 13 02 43 41 31   0,1.0...U....CA1
   0b 30 09 06 03 55 04 0a 13 02 67 63 31 10 30 0e   .0...U....gc1.0.
   06 03 55 04 03 13 07 47 54 49 53 2e 43 41         ..U....GTIS.CA
   00 d4                                             ..
   30 81 d1 31 0b 30 09 06 03 55 04 06 13 02 5a 41   0..1.0...U....ZA
   31 15 30 13 06 03 55 04 08 13 0c 57 65 73 74 65   1.0...U....Weste
   72 6e 20 43 61 70 65 31 12 30 10 06 03 55 04 07   rn Cape1.0...U..
   13 09 43 61 70 65 20 54 6f 77 6e 31 1a 30 18 06   ..Cape Town1.0..
   03 55 04 0a 13 11 54 68 61 77 74 65 20 43 6f 6e   .U....Thawte Con
   73 75 6c 74 69 6e 67 31 28 30 26 06 03 55 04 0b   sulting1(0&..U..
   13 1f 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20   ..Certification 
   53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 6f   Services Divisio
   6e 31 24 30 22 06 03 55 04 03 13 1b 54 68 61 77   n1$0"..U....Thaw
   74 65 20 50 65 72 73 6f 6e 61 6c 20 46 72 65 65   te Personal Free
   6d 61 69 6c 20 43 41 31 2b 30 29 06 09 2a 86 48   mail CA1+0)..*.H
   86 f7 0d 01 09 01 16 1c 70 65 72 73 6f 6e 61 6c   ........personal
   2d 66 72 65 65 6d 61 69 6c 40 74 68 61 77 74 65   -freemail@thawte
   2e 63 6f 6d                                       .com
   00 31                                             .1
   30 2f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31   0/1.0...U....CA1
   0b 30 09 06 03 55 04 0a 13 02 67 63 31 13 30 11   .0...U....gc1.0.
   06 03 55 04 0b 13 0a 47 54 49 53 2e 57 65 62 43   ..U....GTIS.WebC
   41                                                A
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53 69   .0...U....VeriSi
   67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55 04   gn, Inc.1705..U.
   0b 13 2e 43 6c 61 73 73 20 34 20 50 75 62 6c 69   ...Class 4 Publi
   63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69 66   c Primary Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 49                                             .I
   30 47 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0G1.0...U....US1
   10 30 0e 06 03 55 04 0b 13 07 54 65 73 74 20 43   .0...U....Test C
   41 31 26 30 24 06 03 55 04 0a 13 1d 4e 65 74 73   A1&0$..U....Nets
   63 61 70 65 20 43 6f 6d 6d 75 6e 69 63 61 74 69   cape Communicati
   6f 6e 73 20 43 6f 72 70 2e                        ons Corp.
   00 61                                             .a
   30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0_1.0...U....US1
   20 30 1e 06 03 55 04 0a 13 17 52 53 41 20 44 61    0...U....RSA Da
   74 61 20 53 65 63 75 72 69 74 79 2c 20 49 6e 63   ta Security, Inc
   2e 31 2e 30 2c 06 03 55 04 0b 13 25 53 65 63 75   .1.0,..U...%Secu
   72 65 20 53 65 72 76 65 72 20 43 65 72 74 69 66   re Server Certif
   69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
   79                                                y
   00 99                                             ..
   30 81 96 31 0b 30 09 06 03 55 04 06 13 02 55 4b   0..1.0...U....UK
   31 0f 30 0d 06 03 55 04 08 13 06 4c 6f 6e 64 6f   1.0...U....Londo
   6e 31 19 30 17 06 03 55 04 0a 13 10 55 70 74 69   n1.0...U....Upti
   6d 65 20 47 72 6f 75 70 20 50 6c 63 31 1c 30 1a   me Group Plc1.0.
   06 03 55 04 0b 13 13 55 70 74 69 6d 65 20 43 6f   ..U....Uptime Co
   6d 6d 65 72 63 65 20 4c 74 64 31 17 30 15 06 03   mmerce Ltd1.0...
   55 04 03 13 0e 55 54 43 20 43 6c 61 73 73 20 32   U....UTC Class 2
   20 43 41 31 24 30 22 06 09 2a 86 48 86 f7 0d 01    CA1$0"..*.H....
   09 01 16 15 63 65 72 74 73 40 75 70 74 69 6d 65   ....certs@uptime
   67 72 6f 75 70 2e 63 6f 6d                        group.com
   00 50                                             .P
   30 4e 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0N1.0...U....US1
   1f 30 1d 06 03 55 04 0a 14 16 41 54 26 54 20 42   .0...U....AT&T B
   65 6c 6c 20 4c 61 62 6f 72 61 74 6f 72 69 65 73   ell Laboratories
   31 1e 30 1c 06 03 55 04 0b 14 15 50 72 6f 74 6f   1.0...U....Proto
   74 79 70 65 20 52 65 73 65 61 72 63 68 20 43 41   type Research CA
   00 63                                             .c
   30 61 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0a1.0...U....US1
   13 30 11 06 03 55 04 08 13 0a 43 61 6c 69 66 6f   .0...U....Califo
   72 6e 69 61 31 14 30 12 06 03 55 04 0a 13 0b 43   rnia1.0...U....C
   6f 6d 6d 65 72 63 65 4e 65 74 31 27 30 25 06 03   ommerceNet1'0%..
   55 04 0b 13 1e 53 65 72 76 65 72 20 43 65 72 74   U....Server Cert
   69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72   ification Author
   69 74 79                                          ity
   00 45                                             .E
   30 43 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0C1.0...U....US1
   25 30 23 06 03 55 04 0a 13 1c 55 6e 69 74 65 64   %0#..U....United
   20 53 74 61 74 65 73 20 50 6f 73 74 61 6c 20 53    States Postal S
   65 72 76 69 63 65 31 0d 30 0b 06 03 55 04 03 13   ervice1.0...U...
   04 55 53 50 53                                    .USPS
   00 d2                                             ..
   30 81 cf 31 0b 30 09 06 03 55 04 06 13 02 5a 41   0..1.0...U....ZA
   31 15 30 13 06 03 55 04 08 13 0c 57 65 73 74 65   1.0...U....Weste
   72 6e 20 43 61 70 65 31 12 30 10 06 03 55 04 07   rn Cape1.0...U..
   13 09 43 61 70 65 20 54 6f 77 6e 31 1a 30 18 06   ..Cape Town1.0..
   03 55 04 0a 13 11 54 68 61 77 74 65 20 43 6f 6e   .U....Thawte Con
   73 75 6c 74 69 6e 67 31 28 30 26 06 03 55 04 0b   sulting1(0&..U..
   13 1f 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20   ..Certification 
   53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 6f   Services Divisio
   6e 31 23 30 21 06 03 55 04 03 13 1a 54 68 61 77   n1#0!..U....Thaw
   74 65 20 50 65 72 73 6f 6e 61 6c 20 50 72 65 6d   te Personal Prem
   69 75 6d 20 43 41 31 2a 30 28 06 09 2a 86 48 86   ium CA1*0(..*.H.
   f7 0d 01 09 01 16 1b 70 65 72 73 6f 6e 61 6c 2d   .......personal-
   70 72 65 6d 69 75 6d 40 74 68 61 77 74 65 2e 63   premium@thawte.c
   6f 6d                                             om
   00 5a                                             .Z
   30 58 31 0b 30 09 06 03 55 04 06 13 02 43 41 31   0X1.0...U....CA1
   1f 30 1d 06 03 55 04 03 13 16 4b 65 79 77 69 74   .0...U....Keywit
   6e 65 73 73 20 43 61 6e 61 64 61 20 49 6e 63 2e   ness Canada Inc.
   31 28 30 26 06 0a 2b 06 01 04 01 2a 02 0b 02 01   1(0&..+....*....
   13 18 6b 65 79 77 69 74 6e 65 73 73 40 6b 65 79   ..keywitness@key
   77 69 74 6e 65 73 73 2e 63 61                     witness.ca
   00 95                                             ..
   30 81 92 31 0b 30 09 06 03 55 04 06 13 02 55 53   0..1.0...U....US
   31 13 30 11 06 03 55 04 08 13 0a 43 61 6c 69 66   1.0...U....Calif
   6f 72 6e 69 61 31 11 30 0f 06 03 55 04 07 13 08   ornia1.0...U....
   42 65 72 6b 65 6c 65 79 31 1e 30 1c 06 03 55 04   Berkeley1.0...U.
   0a 14 15 43 6f 6e 73 65 6e 73 75 73 20 44 65 76   ...Consensus Dev
   65 6c 6f 70 6d 65 6e 74 31 1b 30 19 06 03 55 04   elopment1.0...U.
   0b 14 12 47 65 74 20 53 6d 61 72 74 63 61 72 64   ...Get Smartcard
   20 44 65 6d 6f 31 1e 30 1c 06 03 55 04 03 14 15    Demo1.0...U....
   47 65 74 20 53 6d 61 72 74 63 61 72 64 20 44 65   Get Smartcard De
   6d 6f 20 43 41                                    mo CA

After hashing the certificate_request handshake message, the handshake hashes are:

MD5 state: 8e428cd8 2e39d5b5 5907f503 aba04860
MD5_TraceState: buffered input [Len: 31]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41      artcard Demo CA
SHA1 state: c6a44cb5 395684f2 bd4f6340 a9e71646 f27f44a1
SHA1_TraceState: buffered input [Len: 31]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41      artcard Demo CA

Server_hello_done Handshake

The following server_hello_done handshake message is entirely included in the handshake hashes.

send server_hello_done handshake
append handshake header: type server_hello_done   (14)
   0e                                                .
   00 00 00                                          ...

After hashing the server_hello_done handshake message, the handshake hashes are:

MD5 state: 8e428cd8 2e39d5b5 5907f503 aba04860
MD5_TraceState: buffered input [Len: 35]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41 0e   artcard Demo CA.
   00 00 00                                          ...
SHA1 state: c6a44cb5 395684f2 bd4f6340 a9e71646 f27f44a1
SHA1_TraceState: buffered input [Len: 35]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41 0e   artcard Demo CA.
   00 00 00                                          ...

The above four handshake messages are now sent to the client in one record. No MACing, compression, or encryption of the record is done, because no change_cipher_spec record has yet been sent. The entire record sent is as follows:

SendPlainText record type: handshake  (22) bytes=6255
send (unencrypted) record data: [Len: 6260]
+  16 03 00 18 6f 02 00 00 46 03 00 34 03 61 4b a8   ....o...F..4.aK.
+  3a ce e0 92 9c ff 03 be d3 c5 25 a2 ec 61 85 b1   :.........%..a..
+  ea 93 bf a0 5e a9 79 1c 8a ed 16 20 00 00 4f 47   ....^.y.... ..OG
+  95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
+  25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00 0b   %..E<......\....
+  00 05 2f 00 05 2c 00 02 7c 30 82 02 78 30 82 01   ../..,..|0..x0..
+  e1 a0 03 02 01 02 02 01 70 30 0d 06 09 2a 86 48   ........p0...*.H
+  86 f7 0d 01 01 04 05 00 30 77 31 0b 30 09 06 03   ........0w1.0...
+  55 04 06 13 02 55 53 31 2c 30 2a 06 03 55 04 0a   U....US1,0*..U..
+  13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d 75   .#Netscape Commu
+  6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f 72   nications Corpor
+  61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13 08   ation1.0...U....
+  48 61 72 64 63 6f 72 65 31 27 30 25 06 03 55 04   Hardcore1'0%..U.
+  03 13 1e 48 61 72 64 63 6f 72 65 20 43 65 72 74   ...Hardcore Cert
+  69 66 69 63 61 74 65 20 53 65 72 76 65 72 20 49   ificate Server I
+  49 30 1e 17 0d 39 37 30 38 31 39 30 34 33 32 32   I0...97081904322
+  38 5a 17 0d 39 38 30 32 31 35 30 34 33 32 32 38   8Z..980215043228
+  5a 30 81 98 31 0b 30 09 06 03 55 04 06 13 02 55   Z0..1.0...U....U
+  53 31 11 30 0f 06 03 55 04 0a 13 08 4e 65 74 73   S1.0...U....Nets
+  63 61 70 65 31 1d 30 1b 06 03 55 04 0b 13 14 48   cape1.0...U....H
+  61 72 64 63 6f 72 65 20 53 53 4c 20 74 65 73 74   ardcore SSL test
+  69 6e 67 31 19 30 17 06 0a 09 92 26 89 93 f2 2c   ing1.0.....&...,
+  64 01 01 13 09 53 53 4c 54 65 73 74 65 72 31 17   d....SSLTester1.
+  30 15 06 03 55 04 03 13 0e 62 69 6a 6f 75 2e 6d   0...U....bijou.m
+  63 6f 6d 2e 63 6f 6d 31 23 30 21 06 09 2a 86 48   com.com1#0!..*.H
+  86 f7 0d 01 09 01 16 14 6e 65 6c 73 6f 6e 62 40   ........nelsonb@
+  6e 65 74 73 63 61 70 65 2e 63 6f 6d 30 5c 30 0d   netscape.com0\0.
+  06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 4b 00   ..*.H.........K.
+  30 48 02 41 00 e3 f3 ba 48 dd 2e bd a8 e9 87 8e   0H.A....H.......
+  5f 8a 9e cb c9 6d c1 8b 79 31 ad b0 26 39 ba dc   _....m..y1..&9..
+  28 d1 f0 20 75 a4 24 d2 e8 16 e7 b3 b6 aa 39 e5   (.. u.$.......9.
+  e2 4c bf 8e 5f 96 4b cd 09 75 71 b1 69 1f 67 df   .L.._.K..uq.i.g.
+  b7 ac 58 29 a1 02 03 01 00 01 a3 36 30 34 30 11   ..X).......6040.
+  06 09 60 86 48 01 86 f8 42 01 01 04 04 03 02 00   ..`.H...B.......
+  40 30 1f 06 03 55 1d 23 04 18 30 16 80 14 97 b1   @0...U.#..0.....
+  6d b2 b6 02 16 54 0c 97 d7 e3 32 6d cb 9c df ee   m....T....2m....
+  de 80 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05   ..0...*.H.......
+  00 03 81 81 00 a0 e6 3f 22 15 fb 54 8f ee a3 d8   .......?"..T....
+  81 ee 20 ad 67 d6 a4 64 67 3a d1 74 4f 19 4a ba   .. .g..dg:.tO.J.
+  9e 9d ce b9 4c d7 40 c1 f0 fd 32 5e 7b 73 c5 27   ....L.@...2^{s.'
+  55 e4 e0 f0 7d ee ec fe 10 16 0f 6f c5 a0 12 5e   U...}......o...^
+  c6 74 c9 16 c4 d7 43 cc 78 16 2b 4c 98 7f be 27   .t....C.x.+L...'
+  cf d9 bd 76 53 e8 ed f9 1a 05 77 9e fd 80 a9 e6   ...vS.....w.....
+  05 14 bf d2 0d 0f ff 17 38 5c 74 62 e9 f1 1b 41   ........8\tb...A
+  3b 74 36 06 cc 67 da 03 ca 37 d2 1c 66 37 fc c0   ;t6..g...7..f7..
+  be fd 20 32 e0 00 02 aa 30 82 02 a6 30 82 02 0f   .. 2....0...0...
+  a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86   ........0...*.H.
+  f7 0d 01 01 05 05 00 30 77 31 0b 30 09 06 03 55   .......0w1.0...U
+  04 06 13 02 55 53 31 2c 30 2a 06 03 55 04 0a 13   ....US1,0*..U...
+  23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d 75 6e   #Netscape Commun
+  69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f 72 61   ications Corpora
+  74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13 08 48   tion1.0...U....H
+  61 72 64 63 6f 72 65 31 27 30 25 06 03 55 04 03   ardcore1'0%..U..
+  13 1e 48 61 72 64 63 6f 72 65 20 43 65 72 74 69   ..Hardcore Certi
+  66 69 63 61 74 65 20 53 65 72 76 65 72 20 49 49   ficate Server II
+  30 1e 17 0d 39 37 30 35 32 37 31 38 30 39 34 37   0...970527180947
+  5a 17 0d 39 38 30 35 32 37 31 38 30 39 34 37 5a   Z..980527180947Z
+  30 77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0w1.0...U....US1
+  2c 30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61   ,0*..U...#Netsca
+  70 65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e   pe Communication
+  73 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 11 30   s Corporation1.0
+  0f 06 03 55 04 0b 13 08 48 61 72 64 63 6f 72 65   ...U....Hardcore
+  31 27 30 25 06 03 55 04 03 13 1e 48 61 72 64 63   1'0%..U....Hardc
+  6f 72 65 20 43 65 72 74 69 66 69 63 61 74 65 20   ore Certificate 
+  53 65 72 76 65 72 20 49 49 30 81 9f 30 0d 06 09   Server II0..0...
+  2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30   *.H............0
+  81 89 02 81 81 00 bc 14 a0 c0 53 fa e1 4d b9 cd   ..........S..M..
+  0e b7 42 e3 cd 98 46 e0 b3 1e 13 76 c7 c5 e5 3d   ..B...F....v...=
+  e5 24 18 dd 72 1a 37 7f c4 66 51 36 7f e1 ae e9   .$..r.7..fQ6....
+  11 5e 29 6f ac ff 28 ce cd 53 ae 39 09 75 a1 eb   .^)o..(..S.9.u..
+  d2 ec 79 d4 e9 6b 4c 99 e4 b6 42 d0 f7 52 8b ae   ..y..kL...B..R..
+  4a 33 6b 58 5b 47 57 13 a3 61 32 86 02 e8 63 e6   J3kX[GW..a2...c.
+  7a 27 c2 99 7a 22 48 d9 c8 d1 5c 6d b1 37 84 66   z'..z"H...\m.7.f
+  4b 9e a2 ce 31 6c 1c 06 7a 5f c5 7b b8 ff 58 89   K...1l..z_.{..X.
+  f6 0b 40 6f 7c 0d 02 03 01 00 01 a3 42 30 40 30   ..@o|.......B0@0
+  1d 06 03 55 1d 0e 04 16 04 14 97 b1 6d b2 b6 02   ...U........m...
+  16 54 0c 97 d7 e3 32 6d cb 9c df ee de 80 30 1f   .T....2m......0.
+  06 03 55 1d 23 04 18 30 16 80 14 97 b1 6d b2 b6   ..U.#..0.....m..
+  02 16 54 0c 97 d7 e3 32 6d cb 9c df ee de 80 30   ..T....2m......0
+  0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81   ...*.H..........
+  81 00 9b 52 fe 93 fa 40 4d a9 8d 72 f9 f6 f6 c9   ...R...@M..r....
+  32 40 dc 20 fe be a5 a2 db e6 2c df d1 5f a0 66   2@. ......,.._.f
+  45 d1 6e 5f 0a 91 e9 0b c1 7c 8a c0 64 a0 d4 24   E.n_.....|..d..$
+  56 85 b5 a0 aa 1e c8 8c 15 40 ac fc 5a 2f 94 18   V........@..Z/..
+  44 b9 73 23 c1 49 a0 24 ff b0 47 9c d8 28 1f b3   D.s#.I.$..G..(..
+  70 a7 62 b3 5b 8e 4d 82 bd 4d 85 eb 0d 5a 87 c0   p.b.[.M..M...Z..
+  41 c9 a6 c2 69 9c ee 81 49 2a fb 01 55 6f b1 df   A...i...I*..Uo..
+  21 a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3 2e 07 79   !..p.]4;.).....y
+  13 c7 0d 00 12 ea 02 01 02 12 e5 00 64 30 62 31   ............d0b1
+  11 30 0f 06 03 55 04 07 13 08 49 6e 74 65 72 6e   .0...U....Intern
+  65 74 31 17 30 15 06 03 55 04 0a 13 0e 56 65 72   et1.0...U....Ver
+  69 53 69 67 6e 2c 20 49 6e 63 2e 31 34 30 32 06   iSign, Inc.1402.
+  03 55 04 0b 13 2b 56 65 72 69 53 69 67 6e 20 43   .U...+VeriSign C
+  6c 61 73 73 20 31 20 43 41 20 2d 20 49 6e 64 69   lass 1 CA - Indi
+  76 69 64 75 61 6c 20 53 75 62 73 63 72 69 62 65   vidual Subscribe
+  72 00 61 30 5f 31 0b 30 09 06 03 55 04 06 13 02   r.a0_1.0...U....
+  55 53 31 1b 30 19 06 03 55 04 0a 13 12 49 42 4d   US1.0...U....IBM
+  20 57 6f 72 6c 64 20 52 65 67 69 73 74 72 79 31    World Registry1
+  33 30 31 06 03 55 04 03 13 2a 49 42 4d 20 57 6f   301..U...*IBM Wo
+  72 6c 64 20 52 65 67 69 73 74 72 79 20 43 65 72   rld Registry Cer
+  74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f   tification Autho
+  72 69 74 79 00 5f 30 5d 31 0b 30 09 06 03 55 04   rity._0]1.0...U.
+  06 13 02 55 53 31 21 30 1f 06 03 55 04 0a 13 18   ...US1!0...U....
+  42 42 4e 20 43 65 72 74 69 66 69 63 61 74 65 20   BBN Certificate 
+  53 65 72 76 69 63 65 73 31 2b 30 29 06 03 55 04   Services1+0)..U.
+  03 13 22 42 42 4e 20 43 65 72 74 69 66 69 63 61   .."BBN Certifica
+  74 65 20 53 65 72 76 69 63 65 73 20 43 41 20 52   te Services CA R
+  6f 6f 74 20 31 00 61 30 5f 31 0b 30 09 06 03 55   oot 1.a0_1.0...U
+  04 06 13 02 55 53 31 17 30 15 06 03 55 04 0a 13   ....US1.0...U...
+  0e 56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31   .VeriSign, Inc.1
+  37 30 35 06 03 55 04 0b 13 2e 43 6c 61 73 73 20   705..U....Class 
+  31 20 50 75 62 6c 69 63 20 50 72 69 6d 61 72 79   1 Public Primary
+  20 43 65 72 74 69 66 69 63 61 74 69 6f 6e 20 41    Certification A
+  75 74 68 6f 72 69 74 79 00 99 30 81 96 31 0b 30   uthority..0..1.0
+  09 06 03 55 04 06 13 02 55 4b 31 0f 30 0d 06 03   ...U....UK1.0...
+  55 04 08 13 06 4c 6f 6e 64 6f 6e 31 19 30 17 06   U....London1.0..
+  03 55 04 0a 13 10 55 70 74 69 6d 65 20 47 72 6f   .U....Uptime Gro
+  75 70 20 50 6c 63 31 1c 30 1a 06 03 55 04 0b 13   up Plc1.0...U...
+  13 55 70 74 69 6d 65 20 43 6f 6d 6d 65 72 63 65   .Uptime Commerce
+  20 4c 74 64 31 17 30 15 06 03 55 04 03 13 0e 55    Ltd1.0...U....U
+  54 43 20 43 6c 61 73 73 20 31 20 43 41 31 24 30   TC Class 1 CA1$0
+  22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 65   "..*.H........ce
+  72 74 73 40 75 70 74 69 6d 65 67 72 6f 75 70 2e   rts@uptimegroup.
+  63 6f 6d 00 c7 30 81 c4 31 0b 30 09 06 03 55 04   com..0..1.0...U.
+  06 13 02 5a 41 31 15 30 13 06 03 55 04 08 13 0c   ...ZA1.0...U....
+  57 65 73 74 65 72 6e 20 43 61 70 65 31 12 30 10   Western Cape1.0.
+  06 03 55 04 07 13 09 43 61 70 65 20 54 6f 77 6e   ..U....Cape Town
+  31 1d 30 1b 06 03 55 04 0a 13 14 54 68 61 77 74   1.0...U....Thawt
+  65 20 43 6f 6e 73 75 6c 74 69 6e 67 20 63 63 31   e Consulting cc1
+  28 30 26 06 03 55 04 0b 13 1f 43 65 72 74 69 66   (0&..U....Certif
+  69 63 61 74 69 6f 6e 20 53 65 72 76 69 63 65 73   ication Services
+  20 44 69 76 69 73 69 6f 6e 31 19 30 17 06 03 55    Division1.0...U
+  04 03 13 10 54 68 61 77 74 65 20 53 65 72 76 65   ....Thawte Serve
+  72 20 43 41 31 26 30 24 06 09 2a 86 48 86 f7 0d   r CA1&0$..*.H...
+  01 09 01 16 17 73 65 72 76 65 72 2d 63 65 72 74   .....server-cert
+  73 40 74 68 61 77 74 65 2e 63 6f 6d 00 5d 30 5b   s@thawte.com.]0[
+  31 0b 30 09 06 03 55 04 06 13 02 55 53 31 18 30   1.0...U....US1.0
+  16 06 03 55 04 0a 13 0f 47 54 45 20 43 6f 72 70   ...U....GTE Corp
+  6f 72 61 74 69 6f 6e 31 32 30 30 06 03 55 04 03   oration1200..U..
+  13 29 47 54 45 20 53 65 63 75 72 65 20 53 65 72   .)GTE Secure Ser
+  76 65 72 20 43 65 72 74 69 66 69 63 61 74 69 6f   ver Certificatio
+  6e 20 41 75 74 68 6f 72 69 74 79 00 3b 30 39 31   n Authority.;091
+  0b 30 09 06 03 55 04 06 13 02 55 53 31 0d 30 0b   .0...U....US1.0.
+  06 03 55 04 0a 14 04 41 54 26 54 31 1b 30 19 06   ..U....AT&T1.0..
+  03 55 04 0b 14 12 44 69 72 65 63 74 6f 72 79 20   .U....Directory 
+  53 65 72 76 69 63 65 73 00 79 30 77 31 0b 30 09   Services.y0w1.0.
+  06 03 55 04 06 13 02 55 53 31 2c 30 2a 06 03 55   ..U....US1,0*..U
+  04 0a 13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d   ...#Netscape Com
+  6d 75 6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70   munications Corp
+  6f 72 61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0b   oration1.0...U..
+  13 08 48 61 72 64 63 6f 72 65 31 27 30 25 06 03   ..Hardcore1'0%..
+  55 04 03 13 1e 48 61 72 64 63 6f 72 65 20 43 65   U....Hardcore Ce
+  72 74 69 66 69 63 61 74 65 20 53 65 72 76 65 72   rtificate Server
+  20 49 49 00 42 30 40 31 0b 30 09 06 03 55 04 06    II.B0@1.0...U..
+  13 02 55 53 31 0c 30 0a 06 03 55 04 0a 13 03 4d   ..US1.0...U....M
+  43 49 31 14 30 12 06 03 55 04 0b 13 0b 69 6e 74   CI1.0...U....int
+  65 72 6e 65 74 4d 43 49 31 0d 30 0b 06 03 55 04   ernetMCI1.0...U.
+  0b 13 04 4d 41 4c 4c 00 79 30 77 31 0b 30 09 06   ...MALL.y0w1.0..
+  03 55 04 06 13 02 55 53 31 2c 30 2a 06 03 55 04   .U....US1,0*..U.
+  0a 13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d   ..#Netscape Comm
+  75 6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f   unications Corpo
+  72 61 74 69 6f 6e 31 1c 30 1a 06 03 55 04 0b 13   ration1.0...U...
+  13 49 6e 66 6f 72 6d 61 74 69 6f 6e 20 53 79 73   .Information Sys
+  74 65 6d 73 31 1c 30 1a 06 03 55 04 03 13 13 72   tems1.0...U....r
+  6f 6f 74 63 61 2e 6e 65 74 73 63 61 70 65 2e 63   ootca.netscape.c
+  6f 6d 00 66 30 64 31 0b 30 09 06 03 55 04 06 13   om.f0d1.0...U...
+  02 55 53 31 24 30 22 06 03 55 04 0a 13 1b 49 6e   .US1$0"..U....In
+  74 65 67 72 69 6f 6e 20 46 69 6e 61 6e 63 69 61   tegrion Financia
+  6c 20 4e 65 74 77 6f 72 6b 31 2f 30 2d 06 03 55   l Network1/0-..U
+  04 03 13 26 49 6e 74 65 67 72 69 6f 6e 20 43 65   ...&Integrion Ce
+  72 74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68   rtification Auth
+  6f 72 69 74 79 20 52 6f 6f 74 00 40 30 3e 31 0b   ority Root.@0>1.
+  30 09 06 03 55 04 06 13 02 55 53 31 0d 30 0b 06   0...U....US1.0..
+  03 55 04 0a 14 04 41 54 26 54 31 20 30 1e 06 03   .U....AT&T1 0...
+  55 04 0b 13 17 43 65 72 74 69 66 69 63 61 74 69   U....Certificati
+  6f 6e 20 41 75 74 68 6f 72 69 74 79 00 99 30 81   on Authority..0.
+  96 31 0b 30 09 06 03 55 04 06 13 02 55 4b 31 0f   .1.0...U....UK1.
+  30 0d 06 03 55 04 08 13 06 4c 6f 6e 64 6f 6e 31   0...U....London1
+  19 30 17 06 03 55 04 0a 13 10 55 70 74 69 6d 65   .0...U....Uptime
+  20 47 72 6f 75 70 20 50 6c 63 31 1c 30 1a 06 03    Group Plc1.0...
+  55 04 0b 13 13 55 70 74 69 6d 65 20 43 6f 6d 6d   U....Uptime Comm
+  65 72 63 65 20 4c 74 64 31 17 30 15 06 03 55 04   erce Ltd1.0...U.
+  03 13 0e 55 54 43 20 43 6c 61 73 73 20 34 20 43   ...UTC Class 4 C
+  41 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01   A1$0"..*.H......
+  16 15 63 65 72 74 73 40 75 70 74 69 6d 65 67 72   ..certs@uptimegr
+  6f 75 70 2e 63 6f 6d 00 47 30 45 31 0b 30 09 06   oup.com.G0E1.0..
+  03 55 04 06 13 02 55 53 31 18 30 16 06 03 55 04   .U....US1.0...U.
+  0a 13 0f 47 54 45 20 43 6f 72 70 6f 72 61 74 69   ...GTE Corporati
+  6f 6e 31 1c 30 1a 06 03 55 04 03 13 13 47 54 45   on1.0...U....GTE
+  20 43 79 62 65 72 54 72 75 73 74 20 52 6f 6f 74    CyberTrust Root
+  00 64 30 62 31 11 30 0f 06 03 55 04 07 13 08 49   .d0b1.0...U....I
+  6e 74 65 72 6e 65 74 31 17 30 15 06 03 55 04 0a   nternet1.0...U..
+  13 0e 56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e   ..VeriSign, Inc.
+  31 34 30 32 06 03 55 04 0b 13 2b 56 65 72 69 53   1402..U...+VeriS
+  69 67 6e 20 43 6c 61 73 73 20 31 20 43 41 20 2d   ign Class 1 CA -
+  20 49 6e 64 69 76 69 64 75 61 6c 20 53 75 62 73    Individual Subs
+  63 72 69 62 65 72 00 d1 30 81 ce 31 0b 30 09 06   criber..0..1.0..
+  03 55 04 06 13 02 5a 41 31 15 30 13 06 03 55 04   .U....ZA1.0...U.
+  08 13 0c 57 65 73 74 65 72 6e 20 43 61 70 65 31   ...Western Cape1
+  12 30 10 06 03 55 04 07 13 09 43 61 70 65 20 54   .0...U....Cape T
+  6f 77 6e 31 1d 30 1b 06 03 55 04 0a 13 14 54 68   own1.0...U....Th
+  61 77 74 65 20 43 6f 6e 73 75 6c 74 69 6e 67 20   awte Consulting 
+  63 63 31 28 30 26 06 03 55 04 0b 13 1f 43 65 72   cc1(0&..U....Cer
+  74 69 66 69 63 61 74 69 6f 6e 20 53 65 72 76 69   tification Servi
+  63 65 73 20 44 69 76 69 73 69 6f 6e 31 21 30 1f   ces Division1!0.
+  06 03 55 04 03 13 18 54 68 61 77 74 65 20 50 72   ..U....Thawte Pr
+  65 6d 69 75 6d 20 53 65 72 76 65 72 20 43 41 31   emium Server CA1
+  28 30 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19   (0&..*.H........
+  70 72 65 6d 69 75 6d 2d 73 65 72 76 65 72 40 74   premium-server@t
+  68 61 77 74 65 2e 63 6f 6d 00 61 30 5f 31 0b 30   hawte.com.a0_1.0
+  09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03   ...U....US1.0...
+  55 04 0a 13 0e 56 65 72 69 53 69 67 6e 2c 20 49   U....VeriSign, I
+  6e 63 2e 31 37 30 35 06 03 55 04 0b 13 2e 43 6c   nc.1705..U....Cl
+  61 73 73 20 32 20 50 75 62 6c 69 63 20 50 72 69   ass 2 Public Pri
+  6d 61 72 79 20 43 65 72 74 69 66 69 63 61 74 69   mary Certificati
+  6f 6e 20 41 75 74 68 6f 72 69 74 79 00 63 30 61   on Authority.c0a
+  31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30   1.0...U....US1.0
+  11 06 03 55 04 08 13 0a 43 61 6c 69 66 6f 72 6e   ...U....Californ
+  69 61 31 14 30 12 06 03 55 04 0a 13 0b 43 6f 6d   ia1.0...U....Com
+  6d 65 72 63 65 4e 65 74 31 27 30 25 06 03 55 04   merceNet1'0%..U.
+  0b 13 1e 53 65 72 76 65 72 20 43 65 72 74 69 66   ...Server Certif
+  69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74   ication Authorit
+  79 00 62 30 60 31 0b 30 09 06 03 55 04 06 13 02   y.b0`1.0...U....
+  42 52 31 2d 30 2b 06 03 55 04 0a 13 24 43 65 72   BR1-0+..U...$Cer
+  74 69 53 69 67 6e 20 43 65 72 74 69 66 69 63 61   tiSign Certifica
+  64 6f 72 61 20 44 69 67 69 74 61 6c 20 4c 74 64   dora Digital Ltd
+  61 31 22 30 20 06 03 55 04 0b 13 19 42 52 20 43   a1"0 ..U....BR C
+  65 72 74 69 66 69 63 61 74 69 6f 6e 20 53 65 72   ertification Ser
+  76 69 63 65 73 00 64 30 62 31 11 30 0f 06 03 55   vices.d0b1.0...U
+  04 07 13 08 49 6e 74 65 72 6e 65 74 31 17 30 15   ....Internet1.0.
+  06 03 55 04 0a 13 0e 56 65 72 69 53 69 67 6e 2c   ..U....VeriSign,
+  20 49 6e 63 2e 31 34 30 32 06 03 55 04 0b 13 2b    Inc.1402..U...+
+  56 65 72 69 53 69 67 6e 20 43 6c 61 73 73 20 31   VeriSign Class 1
+  20 43 41 20 2d 20 49 6e 64 69 76 69 64 75 61 6c    CA - Individual
+  20 53 75 62 73 63 72 69 62 65 72 00 ce 30 81 cb    Subscriber..0..
+  31 0b 30 09 06 03 55 04 06 13 02 5a 41 31 15 30   1.0...U....ZA1.0
+  13 06 03 55 04 08 13 0c 57 65 73 74 65 72 6e 20   ...U....Western 
+  43 61 70 65 31 12 30 10 06 03 55 04 07 13 09 43   Cape1.0...U....C
+  61 70 65 20 54 6f 77 6e 31 1a 30 18 06 03 55 04   ape Town1.0...U.
+  0a 13 11 54 68 61 77 74 65 20 43 6f 6e 73 75 6c   ...Thawte Consul
+  74 69 6e 67 31 28 30 26 06 03 55 04 0b 13 1f 43   ting1(0&..U....C
+  65 72 74 69 66 69 63 61 74 69 6f 6e 20 53 65 72   ertification Ser
+  76 69 63 65 73 20 44 69 76 69 73 69 6f 6e 31 21   vices Division1!
+  30 1f 06 03 55 04 03 13 18 54 68 61 77 74 65 20   0...U....Thawte 
+  50 65 72 73 6f 6e 61 6c 20 42 61 73 69 63 20 43   Personal Basic C
+  41 31 28 30 26 06 09 2a 86 48 86 f7 0d 01 09 01   A1(0&..*.H......
+  16 19 70 65 72 73 6f 6e 61 6c 2d 62 61 73 69 63   ..personal-basic
+  40 74 68 61 77 74 65 2e 63 6f 6d 00 42 30 40 31   @thawte.com.B0@1
+  0b 30 09 06 03 55 04 06 13 02 55 53 31 0c 30 0a   .0...U....US1.0.
+  06 03 55 04 0a 13 03 4d 43 49 31 14 30 12 06 03   ..U....MCI1.0...
+  55 04 0b 13 0b 69 6e 74 65 72 6e 65 74 4d 43 49   U....internetMCI
+  31 0d 30 0b 06 03 55 04 0b 13 04 4d 41 4c 4c 00   1.0...U....MALL.
+  64 30 62 31 11 30 0f 06 03 55 04 07 13 08 49 6e   d0b1.0...U....In
+  74 65 72 6e 65 74 31 17 30 15 06 03 55 04 0a 13   ternet1.0...U...
+  0e 56 65 72 69 53 69 67 6e 2c 20 49 6e 63 2e 31   .VeriSign, Inc.1
+  34 30 32 06 03 55 04 0b 13 2b 56 65 72 69 53 69   402..U...+VeriSi
+  67 6e 20 43 6c 61 73 73 20 32 20 43 41 20 2d 20   gn Class 2 CA - 
+  49 6e 64 69 76 69 64 75 61 6c 20 53 75 62 73 63   Individual Subsc
+  72 69 62 65 72 00 5e 30 5c 31 0b 30 09 06 03 55   riber.^0\1.0...U
+  04 06 13 02 55 53 31 20 30 1e 06 03 55 04 0a 13   ....US1 0...U...
+  17 52 53 41 20 44 61 74 61 20 53 65 63 75 72 69   .RSA Data Securi
+  74 79 2c 20 49 6e 63 2e 31 2b 30 29 06 03 55 04   ty, Inc.1+0)..U.
+  0b 13 22 43 6f 6d 6d 65 72 63 69 61 6c 20 43 65   .."Commercial Ce
+  72 74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68   rtification Auth
+  6f 72 69 74 79 00 3d 30 3b 31 0b 30 09 06 03 55   ority.=0;1.0...U
+  04 06 13 02 55 53 31 0d 30 0b 06 03 55 04 0a 14   ....US1.0...U...
+  04 41 54 26 54 31 1d 30 1b 06 03 55 04 0b 13 14   .AT&T1.0...U....
+  43 65 72 74 69 66 69 63 61 74 65 20 53 65 72 76   Certificate Serv
+  69 63 65 73 00 99 30 81 96 31 0b 30 09 06 03 55   ices..0..1.0...U
+  04 06 13 02 55 4b 31 0f 30 0d 06 03 55 04 08 13   ....UK1.0...U...
+  06 4c 6f 6e 64 6f 6e 31 19 30 17 06 03 55 04 0a   .London1.0...U..
+  13 10 55 70 74 69 6d 65 20 47 72 6f 75 70 20 50   ..Uptime Group P
+  6c 63 31 1c 30 1a 06 03 55 04 0b 13 13 55 70 74   lc1.0...U....Upt
+  69 6d 65 20 43 6f 6d 6d 65 72 63 65 20 4c 74 64   ime Commerce Ltd
+  31 17 30 15 06 03 55 04 03 13 0e 55 54 43 20 43   1.0...U....UTC C
+  6c 61 73 73 20 33 20 43 41 31 24 30 22 06 09 2a   lass 3 CA1$0"..*
+  86 48 86 f7 0d 01 09 01 16 15 63 65 72 74 73 40   .H........certs@
+  75 70 74 69 6d 65 67 72 6f 75 70 2e 63 6f 6d 00   uptimegroup.com.
+  61 30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53   a0_1.0...U....US
+  31 17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53   1.0...U....VeriS
+  69 67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55   ign, Inc.1705..U
+  04 0b 13 2e 43 6c 61 73 73 20 33 20 50 75 62 6c   ....Class 3 Publ
+  69 63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69   ic Primary Certi
+  66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69   fication Authori
+  74 79 00 cc 30 81 c9 31 1f 30 1d 06 03 55 04 0a   ty..0..1.0...U..
+  13 16 56 65 72 69 53 69 67 6e 20 54 72 75 73 74   ..VeriSign Trust
+  20 4e 65 74 77 6f 72 6b 31 2c 30 2a 06 03 55 04    Network1,0*..U.
+  0b 13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d   ..#Netscape Comm
+  75 6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f   unications Corpo
+  72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13   ration1-0+..U...
+  24 4e 65 74 73 63 61 70 65 20 45 78 70 6f 72 74   $Netscape Export
+  20 43 6f 6e 74 72 6f 6c 20 43 41 20 2d 20 43 6c    Control CA - Cl
+  61 73 73 20 33 31 49 30 47 06 03 55 04 0b 13 40   ass 31I0G..U...@
+  77 77 77 2e 76 65 72 69 73 69 67 6e 2e 63 6f 6d   www.verisign.com
+  2f 43 50 53 20 49 6e 63 6f 72 70 2e 62 79 20 52   /CPS Incorp.by R
+  65 66 2e 20 4c 49 41 42 49 4c 49 54 59 20 4c 54   ef. LIABILITY LT
+  44 2e 28 63 29 39 37 20 56 65 72 69 53 69 67 6e   D.(c)97 VeriSign
+  00 34 30 32 31 0b 30 09 06 03 55 04 06 13 02 43   .4021.0...U....C
+  41 31 23 30 21 06 03 55 04 0a 13 1a 43 61 6e 61   A1#0!..U....Cana
+  64 61 20 50 6f 73 74 20 43 6f 72 70 6f 72 61 74   da Post Corporat
+  69 6f 6e 20 43 41 00 2e 30 2c 31 0b 30 09 06 03   ion CA..0,1.0...
+  55 04 06 13 02 43 41 31 0b 30 09 06 03 55 04 0a   U....CA1.0...U..
+  13 02 67 63 31 10 30 0e 06 03 55 04 03 13 07 47   ..gc1.0...U....G
+  54 49 53 2e 43 41 00 d4 30 81 d1 31 0b 30 09 06   TIS.CA..0..1.0..
+  03 55 04 06 13 02 5a 41 31 15 30 13 06 03 55 04   .U....ZA1.0...U.
+  08 13 0c 57 65 73 74 65 72 6e 20 43 61 70 65 31   ...Western Cape1
+  12 30 10 06 03 55 04 07 13 09 43 61 70 65 20 54   .0...U....Cape T
+  6f 77 6e 31 1a 30 18 06 03 55 04 0a 13 11 54 68   own1.0...U....Th
+  61 77 74 65 20 43 6f 6e 73 75 6c 74 69 6e 67 31   awte Consulting1
+  28 30 26 06 03 55 04 0b 13 1f 43 65 72 74 69 66   (0&..U....Certif
+  69 63 61 74 69 6f 6e 20 53 65 72 76 69 63 65 73   ication Services
+  20 44 69 76 69 73 69 6f 6e 31 24 30 22 06 03 55    Division1$0"..U
+  04 03 13 1b 54 68 61 77 74 65 20 50 65 72 73 6f   ....Thawte Perso
+  6e 61 6c 20 46 72 65 65 6d 61 69 6c 20 43 41 31   nal Freemail CA1
+  2b 30 29 06 09 2a 86 48 86 f7 0d 01 09 01 16 1c   +0)..*.H........
+  70 65 72 73 6f 6e 61 6c 2d 66 72 65 65 6d 61 69   personal-freemai
+  6c 40 74 68 61 77 74 65 2e 63 6f 6d 00 31 30 2f   l@thawte.com.10/
+  31 0b 30 09 06 03 55 04 06 13 02 43 41 31 0b 30   1.0...U....CA1.0
+  09 06 03 55 04 0a 13 02 67 63 31 13 30 11 06 03   ...U....gc1.0...
+  55 04 0b 13 0a 47 54 49 53 2e 57 65 62 43 41 00   U....GTIS.WebCA.
+  61 30 5f 31 0b 30 09 06 03 55 04 06 13 02 55 53   a0_1.0...U....US
+  31 17 30 15 06 03 55 04 0a 13 0e 56 65 72 69 53   1.0...U....VeriS
+  69 67 6e 2c 20 49 6e 63 2e 31 37 30 35 06 03 55   ign, Inc.1705..U
+  04 0b 13 2e 43 6c 61 73 73 20 34 20 50 75 62 6c   ....Class 4 Publ
+  69 63 20 50 72 69 6d 61 72 79 20 43 65 72 74 69   ic Primary Certi
+  66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69   fication Authori
+  74 79 00 49 30 47 31 0b 30 09 06 03 55 04 06 13   ty.I0G1.0...U...
+  02 55 53 31 10 30 0e 06 03 55 04 0b 13 07 54 65   .US1.0...U....Te
+  73 74 20 43 41 31 26 30 24 06 03 55 04 0a 13 1d   st CA1&0$..U....
+  4e 65 74 73 63 61 70 65 20 43 6f 6d 6d 75 6e 69   Netscape Communi
+  63 61 74 69 6f 6e 73 20 43 6f 72 70 2e 00 61 30   cations Corp..a0
+  5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 20   _1.0...U....US1 
+  30 1e 06 03 55 04 0a 13 17 52 53 41 20 44 61 74   0...U....RSA Dat
+  61 20 53 65 63 75 72 69 74 79 2c 20 49 6e 63 2e   a Security, Inc.
+  31 2e 30 2c 06 03 55 04 0b 13 25 53 65 63 75 72   1.0,..U...%Secur
+  65 20 53 65 72 76 65 72 20 43 65 72 74 69 66 69   e Server Certifi
+  63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79   cation Authority
+  00 99 30 81 96 31 0b 30 09 06 03 55 04 06 13 02   ..0..1.0...U....
+  55 4b 31 0f 30 0d 06 03 55 04 08 13 06 4c 6f 6e   UK1.0...U....Lon
+  64 6f 6e 31 19 30 17 06 03 55 04 0a 13 10 55 70   don1.0...U....Up
+  74 69 6d 65 20 47 72 6f 75 70 20 50 6c 63 31 1c   time Group Plc1.
+  30 1a 06 03 55 04 0b 13 13 55 70 74 69 6d 65 20   0...U....Uptime 
+  43 6f 6d 6d 65 72 63 65 20 4c 74 64 31 17 30 15   Commerce Ltd1.0.
+  06 03 55 04 03 13 0e 55 54 43 20 43 6c 61 73 73   ..U....UTC Class
+  20 32 20 43 41 31 24 30 22 06 09 2a 86 48 86 f7    2 CA1$0"..*.H..
+  0d 01 09 01 16 15 63 65 72 74 73 40 75 70 74 69   ......certs@upti
+  6d 65 67 72 6f 75 70 2e 63 6f 6d 00 50 30 4e 31   megroup.com.P0N1
+  0b 30 09 06 03 55 04 06 13 02 55 53 31 1f 30 1d   .0...U....US1.0.
+  06 03 55 04 0a 14 16 41 54 26 54 20 42 65 6c 6c   ..U....AT&T Bell
+  20 4c 61 62 6f 72 61 74 6f 72 69 65 73 31 1e 30    Laboratories1.0
+  1c 06 03 55 04 0b 14 15 50 72 6f 74 6f 74 79 70   ...U....Prototyp
+  65 20 52 65 73 65 61 72 63 68 20 43 41 00 63 30   e Research CA.c0
+  61 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13   a1.0...U....US1.
+  30 11 06 03 55 04 08 13 0a 43 61 6c 69 66 6f 72   0...U....Califor
+  6e 69 61 31 14 30 12 06 03 55 04 0a 13 0b 43 6f   nia1.0...U....Co
+  6d 6d 65 72 63 65 4e 65 74 31 27 30 25 06 03 55   mmerceNet1'0%..U
+  04 0b 13 1e 53 65 72 76 65 72 20 43 65 72 74 69   ....Server Certi
+  66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69   fication Authori
+  74 79 00 45 30 43 31 0b 30 09 06 03 55 04 06 13   ty.E0C1.0...U...
+  02 55 53 31 25 30 23 06 03 55 04 0a 13 1c 55 6e   .US1%0#..U....Un
+  69 74 65 64 20 53 74 61 74 65 73 20 50 6f 73 74   ited States Post
+  61 6c 20 53 65 72 76 69 63 65 31 0d 30 0b 06 03   al Service1.0...
+  55 04 03 13 04 55 53 50 53 00 d2 30 81 cf 31 0b   U....USPS..0..1.
+  30 09 06 03 55 04 06 13 02 5a 41 31 15 30 13 06   0...U....ZA1.0..
+  03 55 04 08 13 0c 57 65 73 74 65 72 6e 20 43 61   .U....Western Ca
+  70 65 31 12 30 10 06 03 55 04 07 13 09 43 61 70   pe1.0...U....Cap
+  65 20 54 6f 77 6e 31 1a 30 18 06 03 55 04 0a 13   e Town1.0...U...
+  11 54 68 61 77 74 65 20 43 6f 6e 73 75 6c 74 69   .Thawte Consulti
+  6e 67 31 28 30 26 06 03 55 04 0b 13 1f 43 65 72   ng1(0&..U....Cer
+  74 69 66 69 63 61 74 69 6f 6e 20 53 65 72 76 69   tification Servi
+  63 65 73 20 44 69 76 69 73 69 6f 6e 31 23 30 21   ces Division1#0!
+  06 03 55 04 03 13 1a 54 68 61 77 74 65 20 50 65   ..U....Thawte Pe
+  72 73 6f 6e 61 6c 20 50 72 65 6d 69 75 6d 20 43   rsonal Premium C
+  41 31 2a 30 28 06 09 2a 86 48 86 f7 0d 01 09 01   A1*0(..*.H......
+  16 1b 70 65 72 73 6f 6e 61 6c 2d 70 72 65 6d 69   ..personal-premi
+  75 6d 40 74 68 61 77 74 65 2e 63 6f 6d 00 5a 30   um@thawte.com.Z0
+  58 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 1f   X1.0...U....CA1.
+  30 1d 06 03 55 04 03 13 16 4b 65 79 77 69 74 6e   0...U....Keywitn
+  65 73 73 20 43 61 6e 61 64 61 20 49 6e 63 2e 31   ess Canada Inc.1
+  28 30 26 06 0a 2b 06 01 04 01 2a 02 0b 02 01 13   (0&..+....*.....
+  18 6b 65 79 77 69 74 6e 65 73 73 40 6b 65 79 77   .keywitness@keyw
+  69 74 6e 65 73 73 2e 63 61 00 95 30 81 92 31 0b   itness.ca..0..1.
+  30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06   0...U....US1.0..
+  03 55 04 08 13 0a 43 61 6c 69 66 6f 72 6e 69 61   .U....California
+  31 11 30 0f 06 03 55 04 07 13 08 42 65 72 6b 65   1.0...U....Berke
+  6c 65 79 31 1e 30 1c 06 03 55 04 0a 14 15 43 6f   ley1.0...U....Co
+  6e 73 65 6e 73 75 73 20 44 65 76 65 6c 6f 70 6d   nsensus Developm
+  65 6e 74 31 1b 30 19 06 03 55 04 0b 14 12 47 65   ent1.0...U....Ge
+  74 20 53 6d 61 72 74 63 61 72 64 20 44 65 6d 6f   t Smartcard Demo
+  31 1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53   1.0...U....Get S
+  6d 61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41   martcard Demo CA
+  0e 00 00 00                                       ....

Client's Certificate Handshake

The server receives the client's responses. In this example, the client sends the following three records:

a handshake record containing:
- a certificate handshake
- a client_key_exchange handshake
- a certificate_verify handshake
a change_cipher_spec record
an encrypted handshake record, containing a "finished" handshake.

Here is the first record, containing the three handshakes.

raw gather data: [Len: 5]
+  16 03 00 05 bc                                    .....
plaintext: [Len: 1468]
+  0b 00 05 2e 00 05 2b 00 02 7b 30 82 02 77 30 82   ......+..{0..w0.
+  01 e0 a0 03 02 01 02 02 01 74 30 0d 06 09 2a 86   .........t0...*.
+  48 86 f7 0d 01 01 04 05 00 30 77 31 0b 30 09 06   H........0w1.0..
+  03 55 04 06 13 02 55 53 31 2c 30 2a 06 03 55 04   .U....US1,0*..U.
+  0a 13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d   ..#Netscape Comm
+  75 6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f   unications Corpo
+  72 61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13   ration1.0...U...
+  08 48 61 72 64 63 6f 72 65 31 27 30 25 06 03 55   .Hardcore1'0%..U
+  04 03 13 1e 48 61 72 64 63 6f 72 65 20 43 65 72   ....Hardcore Cer
+  74 69 66 69 63 61 74 65 20 53 65 72 76 65 72 20   tificate Server 
+  49 49 30 1e 17 0d 39 37 30 38 32 32 30 31 35 38   II0...9708220158
+  30 39 5a 17 0d 39 38 30 32 31 38 30 31 35 38 30   09Z..98021801580
+  39 5a 30 81 97 31 0b 30 09 06 03 55 04 06 13 02   9Z0..1.0...U....
+  55 53 31 11 30 0f 06 03 55 04 0a 13 08 4e 65 74   US1.0...U....Net
+  73 63 61 70 65 31 1a 30 18 06 03 55 04 0b 13 11   scape1.0...U....
+  48 61 72 64 63 6f 72 65 20 53 65 63 75 72 69 74   Hardcore Securit
+  79 31 18 30 16 06 0a 09 92 26 89 93 f2 2c 64 01   y1.0.....&...,d.
+  01 13 08 4a 51 54 65 73 74 65 72 31 1a 30 18 06   ...JQTester1.0..
+  03 55 04 03 13 11 4a 6f 68 6e 20 51 20 53 53 4c   .U....John Q SSL
+  20 54 65 73 74 65 72 31 23 30 21 06 09 2a 86 48    Tester1#0!..*.H
+  86 f7 0d 01 09 01 16 14 4a 51 54 65 73 74 65 72   ........JQTester
+  40 6e 6f 77 68 65 72 65 2e 6f 72 67 30 5c 30 0d   @nowhere.org0\0.
+  06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 4b 00   ..*.H.........K.
+  30 48 02 41 00 e6 7a 1c b7 47 81 63 39 a9 0f 07   0H.A..z..G.c9...
+  28 8a 7e e9 01 b1 bc c5 2a f0 ef ee bf 79 3f 11   (.~.....*....y?.
+  9c 40 07 0a 09 69 fa a9 a9 c2 9f bc 05 aa 20 39   .@...i........ 9
+  eb b5 23 38 07 e9 2a 67 0d 11 b8 9d 28 16 1d 62   ..#8..*g....(..b
+  b0 e2 4a 51 c1 02 03 01 00 01 a3 36 30 34 30 11   ..JQ.......6040.
+  06 09 60 86 48 01 86 f8 42 01 01 04 04 03 02 00   ..`.H...B.......
+  80 30 1f 06 03 55 1d 23 04 18 30 16 80 14 97 b1   .0...U.#..0.....
+  6d b2 b6 02 16 54 0c 97 d7 e3 32 6d cb 9c df ee   m....T....2m....
+  de 80 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05   ..0...*.H.......
+  00 03 81 81 00 22 44 a0 00 27 c0 ec c7 65 77 ec   ....."D..'...ew.
+  55 af cd 31 93 e0 fb 2a c1 94 05 da 4a b3 f6 4c   U..1...*....J..L
+  15 5d 8d 52 c0 42 5e 8d f4 0d 6a 4e d0 8e ed f0   .].R.B^...jN....
+  ff 78 2e ea 8f 0c ff 8e f6 9d f9 ed b8 99 84 b5   .x..............
+  4d 58 2b 81 ff c5 53 6a ed 5a 86 b6 67 13 62 e6   MX+...Sj.Z..g.b.
+  b4 07 77 4a ef 48 1a d3 3d ae 51 c5 7f 3e 02 f5   ..wJ.H..=.Q..>..
+  40 91 bd a8 d3 17 94 6b 49 86 38 95 74 4b e8 b7   @......kI.8.tK..
+  1d 68 5a 3a c9 d0 b1 10 9f 90 e5 6b 0b c4 db 19   .hZ:.......k....
+  c7 b1 bb e2 8a 00 02 aa 30 82 02 a6 30 82 02 0f   ........0...0...
+  a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86   ........0...*.H.
+  f7 0d 01 01 05 05 00 30 77 31 0b 30 09 06 03 55   .......0w1.0...U
+  04 06 13 02 55 53 31 2c 30 2a 06 03 55 04 0a 13   ....US1,0*..U...
+  23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d 75 6e   #Netscape Commun
+  69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f 72 61   ications Corpora
+  74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13 08 48   tion1.0...U....H
+  61 72 64 63 6f 72 65 31 27 30 25 06 03 55 04 03   ardcore1'0%..U..
+  13 1e 48 61 72 64 63 6f 72 65 20 43 65 72 74 69   ..Hardcore Certi
+  66 69 63 61 74 65 20 53 65 72 76 65 72 20 49 49   ficate Server II
+  30 1e 17 0d 39 37 30 35 32 37 31 38 30 39 34 37   0...970527180947
+  5a 17 0d 39 38 30 35 32 37 31 38 30 39 34 37 5a   Z..980527180947Z
+  30 77 31 0b 30 09 06 03 55 04 06 13 02 55 53 31   0w1.0...U....US1
+  2c 30 2a 06 03 55 04 0a 13 23 4e 65 74 73 63 61   ,0*..U...#Netsca
+  70 65 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e   pe Communication
+  73 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 11 30   s Corporation1.0
+  0f 06 03 55 04 0b 13 08 48 61 72 64 63 6f 72 65   ...U....Hardcore
+  31 27 30 25 06 03 55 04 03 13 1e 48 61 72 64 63   1'0%..U....Hardc
+  6f 72 65 20 43 65 72 74 69 66 69 63 61 74 65 20   ore Certificate 
+  53 65 72 76 65 72 20 49 49 30 81 9f 30 0d 06 09   Server II0..0...
+  2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30   *.H............0
+  81 89 02 81 81 00 bc 14 a0 c0 53 fa e1 4d b9 cd   ..........S..M..
+  0e b7 42 e3 cd 98 46 e0 b3 1e 13 76 c7 c5 e5 3d   ..B...F....v...=
+  e5 24 18 dd 72 1a 37 7f c4 66 51 36 7f e1 ae e9   .$..r.7..fQ6....
+  11 5e 29 6f ac ff 28 ce cd 53 ae 39 09 75 a1 eb   .^)o..(..S.9.u..
+  d2 ec 79 d4 e9 6b 4c 99 e4 b6 42 d0 f7 52 8b ae   ..y..kL...B..R..
+  4a 33 6b 58 5b 47 57 13 a3 61 32 86 02 e8 63 e6   J3kX[GW..a2...c.
+  7a 27 c2 99 7a 22 48 d9 c8 d1 5c 6d b1 37 84 66   z'..z"H...\m.7.f
+  4b 9e a2 ce 31 6c 1c 06 7a 5f c5 7b b8 ff 58 89   K...1l..z_.{..X.
+  f6 0b 40 6f 7c 0d 02 03 01 00 01 a3 42 30 40 30   ..@o|.......B0@0
+  1d 06 03 55 1d 0e 04 16 04 14 97 b1 6d b2 b6 02   ...U........m...
+  16 54 0c 97 d7 e3 32 6d cb 9c df ee de 80 30 1f   .T....2m......0.
+  06 03 55 1d 23 04 18 30 16 80 14 97 b1 6d b2 b6   ..U.#..0.....m..
+  02 16 54 0c 97 d7 e3 32 6d cb 9c df ee de 80 30   ..T....2m......0
+  0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81   ...*.H..........
+  81 00 9b 52 fe 93 fa 40 4d a9 8d 72 f9 f6 f6 c9   ...R...@M..r....
+  32 40 dc 20 fe be a5 a2 db e6 2c df d1 5f a0 66   2@. ......,.._.f
+  45 d1 6e 5f 0a 91 e9 0b c1 7c 8a c0 64 a0 d4 24   E.n_.....|..d..$
+  56 85 b5 a0 aa 1e c8 8c 15 40 ac fc 5a 2f 94 18   V........@..Z/..
+  44 b9 73 23 c1 49 a0 24 ff b0 47 9c d8 28 1f b3   D.s#.I.$..G..(..
+  70 a7 62 b3 5b 8e 4d 82 bd 4d 85 eb 0d 5a 87 c0   p.b.[.M..M...Z..
+  41 c9 a6 c2 69 9c ee 81 49 2a fb 01 55 6f b1 df   A...i...I*..Uo..
+  21 a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3 2e 07 79   !..p.]4;.).....y
+  13 c7 10 00 00 40 4c 3a 77 60 63 e3 0e 03 39 52   .....@L:w`c...9R
+  2b 13 25 77 8b 23 c1 89 0d e8 28 dc 02 5e d9 aa   +.%w.#....(..^..
+  33 a1 ee 67 a1 91 fc d4 a8 c3 1a d6 32 88 a4 60   3..g........2..`
+  56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38 36 1c 3d   VaW.O^:.....86.=
+  c6 b8 0a 3f bd 88 0f 00 00 42 00 40 40 86 2f b5   ...?.....B.@@./.
+  b7 d4 18 74 e8 89 07 a0 38 eb 2f ec 99 cc 10 5d   ...t....8./....]
+  29 29 c2 08 61 21 aa 7d f7 64 c6 6a 62 77 28 96   ))..a!.}.d.jbw(.
+  8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78 11 88 72   ..at...1.?OXx..r
+  4e ed 70 e8 ac e9 82 37 ec 8d 32 7b               N.p....7..2{

Recall that the values of the handshake hashes, after the previous record sent, and before the client's response has been received, are now:

MD5 state: 8e428cd8 2e39d5b5 5907f503 aba04860
MD5_TraceState: buffered input [Len: 35]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41 0e   artcard Demo CA.
   00 00 00                                          ...
SHA1 state: c6a44cb5 395684f2 bd4f6340 a9e71646 f27f44a1
SHA1_TraceState: buffered input [Len: 35]
   1e 30 1c 06 03 55 04 03 14 15 47 65 74 20 53 6d   .0...U....Get Sm
   61 72 74 63 61 72 64 20 44 65 6d 6f 20 43 41 0e   artcard Demo CA.
   00 00 00                                          ...

The entire certificate handshake message (not including the record header) is now hashed into the handshake hashes. The hash input is:

handle handshake message: certificate  (11)
   0b 00 05 2e                                       ....
   00 05 2b 00 02 7b 30 82 02 77 30 82 01 e0 a0 03   ..+..{0..w0.....
   02 01 02 02 01 74 30 0d 06 09 2a 86 48 86 f7 0d   .....t0...*.H...
   01 01 04 05 00 30 77 31 0b 30 09 06 03 55 04 06   .....0w1.0...U..
   13 02 55 53 31 2c 30 2a 06 03 55 04 0a 13 23 4e   ..US1,0*..U...#N
   65 74 73 63 61 70 65 20 43 6f 6d 6d 75 6e 69 63   etscape Communic
   61 74 69 6f 6e 73 20 43 6f 72 70 6f 72 61 74 69   ations Corporati
   6f 6e 31 11 30 0f 06 03 55 04 0b 13 08 48 61 72   on1.0...U....Har
   64 63 6f 72 65 31 27 30 25 06 03 55 04 03 13 1e   dcore1'0%..U....
   48 61 72 64 63 6f 72 65 20 43 65 72 74 69 66 69   Hardcore Certifi
   63 61 74 65 20 53 65 72 76 65 72 20 49 49 30 1e   cate Server II0.
   17 0d 39 37 30 38 32 32 30 31 35 38 30 39 5a 17   ..970822015809Z.
   0d 39 38 30 32 31 38 30 31 35 38 30 39 5a 30 81   .980218015809Z0.
   97 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11   .1.0...U....US1.
   30 0f 06 03 55 04 0a 13 08 4e 65 74 73 63 61 70   0...U....Netscap
   65 31 1a 30 18 06 03 55 04 0b 13 11 48 61 72 64   e1.0...U....Hard
   63 6f 72 65 20 53 65 63 75 72 69 74 79 31 18 30   core Security1.0
   16 06 0a 09 92 26 89 93 f2 2c 64 01 01 13 08 4a   .....&...,d....J
   51 54 65 73 74 65 72 31 1a 30 18 06 03 55 04 03   QTester1.0...U..
   13 11 4a 6f 68 6e 20 51 20 53 53 4c 20 54 65 73   ..John Q SSL Tes
   74 65 72 31 23 30 21 06 09 2a 86 48 86 f7 0d 01   ter1#0!..*.H....
   09 01 16 14 4a 51 54 65 73 74 65 72 40 6e 6f 77   ....JQTester@now
   68 65 72 65 2e 6f 72 67 30 5c 30 0d 06 09 2a 86   here.org0\0...*.
   48 86 f7 0d 01 01 01 05 00 03 4b 00 30 48 02 41   H.........K.0H.A
   00 e6 7a 1c b7 47 81 63 39 a9 0f 07 28 8a 7e e9   ..z..G.c9...(.~.
   01 b1 bc c5 2a f0 ef ee bf 79 3f 11 9c 40 07 0a   ....*....y?..@..
   09 69 fa a9 a9 c2 9f bc 05 aa 20 39 eb b5 23 38   .i........ 9..#8
   07 e9 2a 67 0d 11 b8 9d 28 16 1d 62 b0 e2 4a 51   ..*g....(..b..JQ
   c1 02 03 01 00 01 a3 36 30 34 30 11 06 09 60 86   .......6040...`.
   48 01 86 f8 42 01 01 04 04 03 02 00 80 30 1f 06   H...B........0..
   03 55 1d 23 04 18 30 16 80 14 97 b1 6d b2 b6 02   .U.#..0.....m...
   16 54 0c 97 d7 e3 32 6d cb 9c df ee de 80 30 0d   .T....2m......0.
   06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81   ..*.H...........
   00 22 44 a0 00 27 c0 ec c7 65 77 ec 55 af cd 31   ."D..'...ew.U..1
   93 e0 fb 2a c1 94 05 da 4a b3 f6 4c 15 5d 8d 52   ...*....J..L.].R
   c0 42 5e 8d f4 0d 6a 4e d0 8e ed f0 ff 78 2e ea   .B^...jN.....x..
   8f 0c ff 8e f6 9d f9 ed b8 99 84 b5 4d 58 2b 81   ............MX+.
   ff c5 53 6a ed 5a 86 b6 67 13 62 e6 b4 07 77 4a   ..Sj.Z..g.b...wJ
   ef 48 1a d3 3d ae 51 c5 7f 3e 02 f5 40 91 bd a8   .H..=.Q..>..@...
   d3 17 94 6b 49 86 38 95 74 4b e8 b7 1d 68 5a 3a   ...kI.8.tK...hZ:
   c9 d0 b1 10 9f 90 e5 6b 0b c4 db 19 c7 b1 bb e2   .......k........
   8a 00 02 aa 30 82 02 a6 30 82 02 0f a0 03 02 01   ....0...0.......
   02 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01   ....0...*.H.....
   05 05 00 30 77 31 0b 30 09 06 03 55 04 06 13 02   ...0w1.0...U....
   55 53 31 2c 30 2a 06 03 55 04 0a 13 23 4e 65 74   US1,0*..U...#Net
   73 63 61 70 65 20 43 6f 6d 6d 75 6e 69 63 61 74   scape Communicat
   69 6f 6e 73 20 43 6f 72 70 6f 72 61 74 69 6f 6e   ions Corporation
   31 11 30 0f 06 03 55 04 0b 13 08 48 61 72 64 63   1.0...U....Hardc
   6f 72 65 31 27 30 25 06 03 55 04 03 13 1e 48 61   ore1'0%..U....Ha
   72 64 63 6f 72 65 20 43 65 72 74 69 66 69 63 61   rdcore Certifica
   74 65 20 53 65 72 76 65 72 20 49 49 30 1e 17 0d   te Server II0...
   39 37 30 35 32 37 31 38 30 39 34 37 5a 17 0d 39   970527180947Z..9
   38 30 35 32 37 31 38 30 39 34 37 5a 30 77 31 0b   80527180947Z0w1.
   30 09 06 03 55 04 06 13 02 55 53 31 2c 30 2a 06   0...U....US1,0*.
   03 55 04 0a 13 23 4e 65 74 73 63 61 70 65 20 43   .U...#Netscape C
   6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 20 43 6f   ommunications Co
   72 70 6f 72 61 74 69 6f 6e 31 11 30 0f 06 03 55   rporation1.0...U
   04 0b 13 08 48 61 72 64 63 6f 72 65 31 27 30 25   ....Hardcore1'0%
   06 03 55 04 03 13 1e 48 61 72 64 63 6f 72 65 20   ..U....Hardcore 
   43 65 72 74 69 66 69 63 61 74 65 20 53 65 72 76   Certificate Serv
   65 72 20 49 49 30 81 9f 30 0d 06 09 2a 86 48 86   er II0..0...*.H.
   f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81   ...........0....
   81 00 bc 14 a0 c0 53 fa e1 4d b9 cd 0e b7 42 e3   ......S..M....B.
   cd 98 46 e0 b3 1e 13 76 c7 c5 e5 3d e5 24 18 dd   ..F....v...=.$..
   72 1a 37 7f c4 66 51 36 7f e1 ae e9 11 5e 29 6f   r.7..fQ6.....^)o
   ac ff 28 ce cd 53 ae 39 09 75 a1 eb d2 ec 79 d4   ..(..S.9.u....y.
   e9 6b 4c 99 e4 b6 42 d0 f7 52 8b ae 4a 33 6b 58   .kL...B..R..J3kX
   5b 47 57 13 a3 61 32 86 02 e8 63 e6 7a 27 c2 99   [GW..a2...c.z'..
   7a 22 48 d9 c8 d1 5c 6d b1 37 84 66 4b 9e a2 ce   z"H...\m.7.fK...
   31 6c 1c 06 7a 5f c5 7b b8 ff 58 89 f6 0b 40 6f   1l..z_.{..X...@o
   7c 0d 02 03 01 00 01 a3 42 30 40 30 1d 06 03 55   |.......B0@0...U
   1d 0e 04 16 04 14 97 b1 6d b2 b6 02 16 54 0c 97   ........m....T..
   d7 e3 32 6d cb 9c df ee de 80 30 1f 06 03 55 1d   ..2m......0...U.
   23 04 18 30 16 80 14 97 b1 6d b2 b6 02 16 54 0c   #..0.....m....T.
   97 d7 e3 32 6d cb 9c df ee de 80 30 0d 06 09 2a   ...2m......0...*
   86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 9b 52   .H.............R
   fe 93 fa 40 4d a9 8d 72 f9 f6 f6 c9 32 40 dc 20   ...@M..r....2@. 
   fe be a5 a2 db e6 2c df d1 5f a0 66 45 d1 6e 5f   ......,.._.fE.n_
   0a 91 e9 0b c1 7c 8a c0 64 a0 d4 24 56 85 b5 a0   .....|..d..$V...
   aa 1e c8 8c 15 40 ac fc 5a 2f 94 18 44 b9 73 23   .....@..Z/..D.s#
   c1 49 a0 24 ff b0 47 9c d8 28 1f b3 70 a7 62 b3   .I.$..G..(..p.b.
   5b 8e 4d 82 bd 4d 85 eb 0d 5a 87 c0 41 c9 a6 c2   [.M..M...Z..A...
   69 9c ee 81 49 2a fb 01 55 6f b1 df 21 a7 b0 70   i...I*..Uo..!..p
   e4 5d 34 3b 90 29 f9 14 c3 2e 07 79 13 c7         .]4;.).....y..
handle certificate handshake
-- SSL3: Certificate Validated.

After hashing the Client's certificate handshake message, the handshake hashes are:

MD5 state: 87508b0c 13815c09 c8c3d6e1 c21acdea
MD5_TraceState: buffered input [Len: 21]
   6f b1 df 21 a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3   o..!..p.]4;.)...
   2e 07 79 13 c7                                    ..y..
SHA1 state: 5cfaa109 407fc96a c3ca1712 0fdb9889 9772153a
SHA1_TraceState: buffered input [Len: 21]
   6f b1 df 21 a7 b0 70 e4 5d 34 3b 90 29 f9 14 c3   o..!..p.]4;.)...
   2e 07 79 13 c7                                    ..y..

Client_Key_Exchange Handshake

The server processes the client_key_exchange handshake message. The entire client_key_exchange handshake message is included the handshake hashes. The hash input is:

handle handshake message: client_key_exchange (16)

MD5 & SHA handshake hash input: [Len: 4]
   10 00 00 40                                       ...@
MD5 & SHA handshake hash input: [Len: 64]
   4c 3a 77 60 63 e3 0e 03 39 52 2b 13 25 77 8b 23   L:w`c...9R+.%w.#
   c1 89 0d e8 28 dc 02 5e d9 aa 33 a1 ee 67 a1 91   ....(..^..3..g..
   fc d4 a8 c3 1a d6 32 88 a4 60 56 61 57 c9 4f 5e   ......2..`VaW.O^
   3a 1f f2 86 12 16 38 36 1c 3d c6 b8 0a 3f bd 88   :.....86.=...?..

After hashing the client_key_exchange handshake message, the handshake hashes are:

MD5 state: 250fb55d 512afd7f 48544680 80c702a9
MD5_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..
SHA1 state: cf323bf6 a3ca8feb 6b10e4f5 10110427 6472968d
SHA1_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..

The client_key_exchange handshake contains the pre-master secret, which has been wrapped (public-key encrypted) with the server's public key.
Here are the steps in the unwrapping (decryption) of the pre-master secret. Note the use of "block type 02" in this operation.

handle client_key_exchange handshake
RSA_DecryptBlock: ciphertext [Len: 64]
   4c 3a 77 60 63 e3 0e 03 39 52 2b 13 25 77 8b 23   L:w`c...9R+.%w.#
   c1 89 0d e8 28 dc 02 5e d9 aa 33 a1 ee 67 a1 91   ....(..^..3..g..
   fc d4 a8 c3 1a d6 32 88 a4 60 56 61 57 c9 4f 5e   ......2..`VaW.O^
   3a 1f f2 86 12 16 38 36 1c 3d c6 b8 0a 3f bd 88   :.....86.=...?..
RSA_DecryptBlock: modulus [Len: 65]
   00 e3 f3 ba 48 dd 2e bd a8 e9 87 8e 5f 8a 9e cb   ....H......._...
   c9 6d c1 8b 79 31 ad b0 26 39 ba dc 28 d1 f0 20   .m..y1..&9..(.. 
   75 a4 24 d2 e8 16 e7 b3 b6 aa 39 e5 e2 4c bf 8e   u.$.......9..L..
   5f 96 4b cd 09 75 71 b1 69 1f 67 df b7 ac 58 29   _.K..uq.i.g...X)
   a1                                                .
RSA_DecryptBlock: privateExponent [Len: 64]
   61 90 65 c0 dd fa 2d 6e e8 54 fe 98 e1 e9 c9 6b   a.e...-n.T.....k
   33 30 cd 93 57 b1 f1 5c cb 04 b1 4a 3f 60 b9 63   30..W..\...J?`.c
   11 b6 56 d2 8b 48 73 f4 db 44 45 fc d2 b9 04 cd   ..V..Hs..DE.....
   5b e3 71 c5 a6 ee 6e 8f e5 ba d2 25 1e 3c 2d 61   [.q...n....%.<-a
RSA_DecryptBlock: formatted plaintext [Len: 64]
   00 02 e9 e9 d9 22 16 c1 1c 4f 1d 69 e8 04 ae 00   ....."...O.i....
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
RSA_DecryptBlock: unpadded plaintext [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
decrypted premaster secret: [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...

The pre-master secret is now hashed with the server-random and client-random numbers and the "mixers" to produce the master secret, as described in section 8.1 of the SSL 3.0 spec. Here are the steps involved. The intermediate SHA hash results are shown in these steps, as inputs to the successive MD5 hashes.

master SHA hash: mixers [Len: 1]
   41                                                A
master SHA hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..
master SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
master MD5 hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master MD5 hash: SHA hash output [Len: 20]
   5c 41 e3 98 e7 18 de 79 c2 af 82 ef fd 05 99 4f   \A.....y.......O
   69 fe 41 de                                       i.A.

Result of first MD5 Hash:
master MD5 hash: MD5 hash output [Len: 16]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4

Begin second MD5 hash
master SHA hash: mixers [Len: 2]
   42 42                                             BB
master SHA hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..
master SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
master MD5 hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master MD5 hash: SHA hash output [Len: 20]
   70 dc 51 53 cb 1e de c3 36 f3 3d 20 03 06 ef 02   p.QS....6.= ....
   12 67 ce e7                                       .g..

Result of second MD5 hash:
master MD5 hash: MD5 hash output [Len: 16]
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F

Begin third MD5 hash
master SHA hash: mixers [Len: 3]
   43 43 43                                          CCC
master SHA hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..
master SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....

master MD5 hash: pre-master secret [Len: 48]
   03 00 fc 4e 76 86 6b 74 7f 24 d8 12 07 78 bd 29   ...Nv.kt.$...x.)
   f6 b4 fa 34 7e d4 6a 8a 26 d7 2e 94 6c aa 1f 80   ...4~.j.&...l...
   b9 75 b1 70 0f 7a 07 ce 8a db f7 98 56 f8 8b e6   .u.p.z......V...
master MD5 hash: SHA hash output [Len: 20]
   a4 0c e4 1e 93 41 b2 08 60 05 69 f1 38 ed 2c 53   .....A..`.i.8.,S
   97 be f2 05                                       ....

Result of third MD5 hash.
master MD5 hash: MD5 hash output [Len: 16]
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o

The three MD5 hash results are concatenated to form the master secret.

master secret: [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o

The server immediately begins to compute the "key block", from which the mac secrets, write-keys and write-IVs will be derived. This is as described in section 8.2.2 of the SSL 3.0 spec.

Begin first keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 1]
   41                                                A
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   e1 d7 0b 1c 86 9c 35 85 f8 a3 c3 a0 3e c2 66 69   ......5.....>.fi
   98 d0 1f ef                                       ....

First MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......

Begin second keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 2]
   42 42                                             BB
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   ce 44 a5 01 e0 78 61 c9 1a 9c f9 15 6e 42 84 6c   .D...xa.....nB.l
   00 e8 55 ca                                       ..U.

Second MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.

Begin third keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 3]
   43 43 43                                          CCC
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   ba a6 54 d7 0f f4 36 73 ab 0e 96 f1 f5 df 18 d9   ..T...6s........
   1f c5 ae 73                                       ...s

Third MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   a2 1b 90 d1 ef 19 c5 1d b1 5d 4d 6c a7 9e b2 f7   .........]Ml....

Begin fourth keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 4]
   44 44 44 44                                       DDDD
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   4e 91 c4 00 14 0f 78 31 65 28 89 a1 21 d7 ab a1   N.....x1e(..!...
   e4 50 69 ba                                       .Pi.

Fourth MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   66 26 35 c6 39 23 d9 b6 ed 93 1a fa aa af 0b fd   f&5.9#..........

Begin fifth keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 5]
   45 45 45 45 45                                    EEEEE
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   ad 49 55 77 56 3b 64 09 41 31 af 08 1c fd 20 d5   .IUwV;d.A1.... .
   3b 89 52 d1                                       ;.R.

Fifth MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   e9 45 2a 2e 26 a4 47 ef 73 b2 21 fc 2c 8e 4a 6b   .E*.&.G.s.!.,.Jk

Begin sixth keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 6]
   46 46 46 46 46 46                                 FFFFFF
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   3c aa b9 5c 09 3e c8 66 2d ff ea dd 6c 59 55 14   <..\.>.f-...lYU.
   5f ba 62 92                                       _.b.

Sixth MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   51 cd 6a d3 60 b2 29 1d 52 99 d7 b3 98 95 ed 71   Q.j.`.).R......q

Begin seventh keyblock SHA/MD5 hash:
keygen SHA hash: mixers [Len: 7]
   47 47 47 47 47 47 47                              GGGGGGG
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 4b a8 3a ce e0 92 9c ff 03 be d3 c5 25   4.aK.:.........%
   a2 ec 61 85 b1 ea 93 bf a0 5e a9 79 1c 8a ed 16   ..a......^.y....
keygen SHA hash: client random [Len: 32]
   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
   d8 90 d7 86 4e 5c 92 9f 90 07 da 83 1c 25 89 01   ....N\.......%..

keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   0a 51 c2 2a fb 6a ab ca aa 16 c0 ed 94 df cb c1   .Q.*.j..........
   6d af 72 a5                                       m.r.

Seventh MD5 result:
keygen MD5 hash: MD5 hash output [Len: 16]
   a7 2f de f5 3d c1 15 29 1e 4c 4b ac 57 07 2d 50   ./..=..).LK.W.-P

Concatenate the above seven MD5 hash results to produce the "key block":

key block: [Len: 112]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
   a2 1b 90 d1 ef 19 c5 1d b1 5d 4d 6c a7 9e b2 f7   .........]Ml....
   66 26 35 c6 39 23 d9 b6 ed 93 1a fa aa af 0b fd   f&5.9#..........
   e9 45 2a 2e 26 a4 47 ef 73 b2 21 fc 2c 8e 4a 6b   .E*.&.G.s.!.,.Jk
   51 cd 6a d3 60 b2 29 1d 52 99 d7 b3 98 95 ed 71   Q.j.`.).R......q
   a7 2f de f5 3d c1 15 29 1e 4c 4b ac 57 07 2d 50   ./..=..).LK.W.-P

Now, divide up the key block, producing the mac secrets, write keys, and (for block-mode ciphers) the write IVs. Since this is NOT an "export" client, Write keys and IVs are taken directly from the "key block", without any additional hash computation. Since this example is using a stream cipher, which requires no IVs, the IV values in the key block are ignored.

client write mac secret: [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
server write mac secret: [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
client write key: [Len: 16]
   a2 1b 90 d1 ef 19 c5 1d b1 5d 4d 6c a7 9e b2 f7   .........]Ml....
server write key: [Len: 16]
   66 26 35 c6 39 23 d9 b6 ed 93 1a fa aa af 0b fd   f&5.9#..........
client write iv: [Len: 0]
server write iv: [Len: 0]

Certificate Verify

Having received the client's certificate and client_key_exchange, the server now computes the "md5_hash" and "sha_hash" needed for the upcoming certificate_verify handshake message. This is as described in section 7.6.8 of the SSL 3.0 spec.

Compute inner MD5_hash:
MD5 state: 250fb55d 512afd7f 48544680 80c702a9
MD5_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..
MD5 inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 inner: MAC Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666

Inner MD5_hash result:
MD5 inner: result [Len: 16]
   9d ce 45 47 f3 a5 3d 7f c0 bb 09 7d 3e a0 48 f3   ..EG..=....}>.H.

Compute inner SHA_hash:
SHA1 state: cf323bf6 a3ca8feb 6b10e4f5 10110427 6472968d
SHA1_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..
SHA inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA inner: MAC Pad 1 [Len: 40]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36                           66666666

Inner SHA_hash result:
SHA inner: result [Len: 20]
   b8 e3 7b 28 2d 2a 3d 3a 62 17 ef 28 c6 7a 35 28   ..{(-*=:b..(.z5(
   46 ab 46 6f                                       F.Fo

Compute outer MD5_hash:
MD5 outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 outer: MAC Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
MD5 outer: MD5 inner [Len: 16]
   9d ce 45 47 f3 a5 3d 7f c0 bb 09 7d 3e a0 48 f3   ..EG..=....}>.H.

Outer (final) MD5_hash result:
MD5 outer: result [Len: 16]
   40 e7 da 04 3e 64 d4 97 bf f5 4f e1 ea 7e 75 23   @...>d....O..~u#

Compute outer SHA_hash:
SHA outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA outer: MAC Pad 2 [Len: 40]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c                           \\\\\\\\
SHA outer: SHA inner [Len: 20]
   b8 e3 7b 28 2d 2a 3d 3a 62 17 ef 28 c6 7a 35 28   ..{(-*=:b..(.z5(
   46 ab 46 6f                                       F.Fo

Outer (final) SHA_hash result:
SHA outer: result [Len: 20]
   d1 b1 a3 6e b7 98 a6 94 79 61 cc 12 a1 75 f7 fb   ...n....ya...u..
   d2 2b 04 94                                       .+..

Recall that the values of the handshake hashes, after hashing the previous client_key_exchange message, are:

MD5 state: 250fb55d 512afd7f 48544680 80c702a9
MD5_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..
SHA1 state: cf323bf6 a3ca8feb 6b10e4f5 10110427 6472968d
SHA1_TraceState: buffered input [Len: 25]
   88 a4 60 56 61 57 c9 4f 5e 3a 1f f2 86 12 16 38   ..`VaW.O^:.....8
   36 1c 3d c6 b8 0a 3f bd 88                        6.=...?..

handle handshake message: certificate_verify  (15)

Include the entire certificate_verify message in the handshake hashes. This must be done after the computation of the md5_hash and sha_hash values for the certificate_verify handshake. The server can do this now, since it has already computed the md5_hash and sha_hash values above.

MD5 & SHA handshake hash input: [Len: 4]
   0f 00 00 42                                       ...B
MD5 & SHA handshake hash input: [Len: 66]
   00 40 40 86 2f b5 b7 d4 18 74 e8 89 07 a0 38 eb   .@@./....t....8.
   2f ec 99 cc 10 5d 29 29 c2 08 61 21 aa 7d f7 64   /....]))..a!.}.d
   c6 6a 62 77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f   .jbw(...at...1.?
   4f 58 78 11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d   OXx..rN.p....7..
   32 7b                                             2{

After hashing the client hello handshake, the handshake hashes are:

MD5 state: 0cde7c7c 27e97711 42037f53 633d4736
MD5_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{
SHA1 state: f6b217ec 76f0d9dd da324813 462ca026 fe925ba3
SHA1_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{

Taking apart the certificate_verify handshake we find:

Length:
   00 40                                             .@
signed hashes [Len: 64]
   40 86 2f b5 b7 d4 18 74 e8 89 07 a0 38 eb 2f ec   @./....t....8./.
   99 cc 10 5d 29 29 c2 08 61 21 aa 7d f7 64 c6 6a   ...]))..a!.}.d.j
   62 77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58   bw(...at...1.?OX
   78 11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b   x..rN.p....7..2{

The hashes we computed locally for verification are:

hash(es) to be verified [Len: 36]
   40 e7 da 04 3e 64 d4 97 bf f5 4f e1 ea 7e 75 23   @...>d....O..~u#
   d1 b1 a3 6e b7 98 a6 94 79 61 cc 12 a1 75 f7 fb   ...n....ya...u..
   d2 2b 04 94                                       .+..

Verify signature by decrypting with client's public key.
Note the use of "block type 01" in this operation.

RSA_CheckSign: signature [Len: 64]
   40 86 2f b5 b7 d4 18 74 e8 89 07 a0 38 eb 2f ec   @./....t....8./.
   99 cc 10 5d 29 29 c2 08 61 21 aa 7d f7 64 c6 6a   ...]))..a!.}.d.j
   62 77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58   bw(...at...1.?OX
   78 11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b   x..rN.p....7..2{
RSA_CheckSign: modulus [Len: 65]
   00 e6 7a 1c b7 47 81 63 39 a9 0f 07 28 8a 7e e9   ..z..G.c9...(.~.
   01 b1 bc c5 2a f0 ef ee bf 79 3f 11 9c 40 07 0a   ....*....y?..@..
   09 69 fa a9 a9 c2 9f bc 05 aa 20 39 eb b5 23 38   .i........ 9..#8
   07 e9 2a 67 0d 11 b8 9d 28 16 1d 62 b0 e2 4a 51   ..*g....(..b..JQ
   c1                                                .
RSA_CheckSign: publicExponent [Len: 3]
   01 00 01                                          ...
RSA_CheckSign: formatted (decrypted) plaintext [Len: 64]
   00 01 ff ff ff ff ff ff ff ff ff ff ff ff ff ff   ................
   ff ff ff ff ff ff ff ff ff ff ff 00 40 e7 da 04   ............@...
   3e 64 d4 97 bf f5 4f e1 ea 7e 75 23 d1 b1 a3 6e   >d....O..~u#...n
   b7 98 a6 94 79 61 cc 12 a1 75 f7 fb d2 2b 04 94   ....ya...u...+..
RSA_CheckSign: recovered hash [Len: 36]
   40 e7 da 04 3e 64 d4 97 bf f5 4f e1 ea 7e 75 23   @...>d....O..~u#
   d1 b1 a3 6e b7 98 a6 94 79 61 cc 12 a1 75 f7 fb   ...n....ya...u..
   d2 2b 04 94                                       .+..

The recovered hashes match the hashes we computed. The signature is verified.

Client's Change_Cipher_Spec Record

The server will process the next record from the client, the change_cipher_spec record. This record is not a handshake record, and is not included in the handshake hashes.

Now receive the next (second) record, the change_cipher_spec.

raw gather data: [Len: 5]
+  14 03 00 00 01                                    .....
plaintext: [Len: 1]
+  01                                                .

handle change_cipher_spec record

Set Current Read Cipher Suite to Pending

Client's Finished Handshake

Receive and process the third record, the "finished" handshake. This record will be fully encrypted and MAC'ed according to the cipher suite, MAC secrets, keys, and IVs.

raw gather data: [Len: 5]
+  16 03 00 00 38                                    ....8
ciphertext: [Len: 56]
+  04 62 86 2f 4b a7 67 57 9e dc 9f ea c2 69 67 c7   .b./K.gW.....ig.
+  2f 52 ec 3b 3b 79 c5 ca c4 61 99 7c 68 bf 0c f5   /R.;;y...a.|h...
+  79 a1 21 7b f0 5f 54 f4 fa 55 60 47 68 e1 80 09   y.!{._T..U`Gh...
+  63 cc 93 63 98 0c 95 b7                           c..c....

Decrypt the ciphertext using the keys/IVs above.

plaintext: [Len: 56]
   14 00 00 24 2e 9f 84 6b 29 af 67 9c b3 16 dd 19   ...$...k).g.....
   2e 42 ac b9 75 e4 48 7f e3 d2 9a 52 c5 40 59 b6   .B..u.H....R.@Y.
   c3 ba c1 0f d4 a3 0f 67 ef a6 e5 22 3d e4 b7 44   .......g..."=..D
   e0 ac 43 79 2f 1c a9 ed                           ..Cy/...

The last 16 bytes of plaintext above are (ostensibly) the sender's MAC. Compute the MAC on all but the last 16 bytes above, for verification. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 00 16 00 28                  ..........(
frag hash1: input [Len: 40]
   14 00 00 24 2e 9f 84 6b 29 af 67 9c b3 16 dd 19   ...$...k).g.....
   2e 42 ac b9 75 e4 48 7f e3 d2 9a 52 c5 40 59 b6   .B..u.H....R.@Y.
   c3 ba c1 0f d4 a3 0f 67                           .......g
frag hash2: MAC secret [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   1c f9 c1 30 1f 59 6c c3 f5 f2 a0 02 d7 72 14 56   ...0.Yl......r.V
frag hash2: result [Len: 16]
   ef a6 e5 22 3d e4 b7 44 e0 ac 43 79 2f 1c a9 ed   ..."=..D..Cy/...

Note that the computed MAC result above matches the last 16 bytes of the plaintext above. The MAC is verified.

Compute the "md5_hash" and "sha_hash" as defined for the "finish" message in section 7.6.9 of the SSL 3.0 spec. In this example, we first compute the "inner" portion of each hash, then compute the "outer" portions.

Compute inner MD5 hash.  First, review the current hash state.
MD5 state: 0cde7c7c 27e97711 42037f53 633d4736
MD5_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{
MD5 inner: sender [Len: 4]
   43 4c 4e 54                                       CLNT
MD5 inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 inner: MAC Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
MD5 inner: result [Len: 16]
   6a d7 d1 56 82 e3 9a ca 80 1c ef 06 a7 38 e4 0f   j..V.........8..

SHA1 state: f6b217ec 76f0d9dd da324813 462ca026 fe925ba3
SHA1_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{
SHA inner: sender [Len: 4]
   43 4c 4e 54                                       CLNT
SHA inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA inner: MAC Pad 1 [Len: 40]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36                           66666666
SHA inner: result [Len: 20]
   a1 af e6 a4 6a fb 8a eb 59 b6 48 fe 75 9e e4 97   ....j...Y.H.u...
   36 0d 2f db                                       6./.

MD5 outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 outer: MAC Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
MD5 outer: MD5 inner [Len: 16]
   6a d7 d1 56 82 e3 9a ca 80 1c ef 06 a7 38 e4 0f   j..V.........8..
MD5 outer: result [Len: 16]
   2e 9f 84 6b 29 af 67 9c b3 16 dd 19 2e 42 ac b9   ...k).g......B..

SHA outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA outer: MAC Pad 2 [Len: 40]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c                           \\\\\\\\
SHA outer: SHA inner [Len: 20]
   a1 af e6 a4 6a fb 8a eb 59 b6 48 fe 75 9e e4 97   ....j...Y.H.u...
   36 0d 2f db                                       6./.
SHA outer: result [Len: 20]
   75 e4 48 7f e3 d2 9a 52 c5 40 59 b6 c3 ba c1 0f   u.H....R.@Y.....
   d4 a3 0f 67                                       ...g

Note that these computed outer hashes match the values found in the plaintext finished message (shown above). We have verified that the "md5_hash" and "sha_hash" in the "finished" message are correct.

Now that we've completed the hash computations for the "finished" message, include the body of the handshake message in the "handshake hashes". First, we review the previous values of the "handshake hashes".

handle handshake message: finished     (20)
MD5 state: 0cde7c7c 27e97711 42037f53 633d4736
MD5_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{
SHA1 state: f6b217ec 76f0d9dd da324813 462ca026 fe925ba3
SHA1_TraceState: buffered input [Len: 31]
   77 28 96 8e b5 61 74 f2 84 1c 31 a2 3f 4f 58 78   w(...at...1.?OXx
   11 88 72 4e ed 70 e8 ac e9 82 37 ec 8d 32 7b      ..rN.p....7..2{

Now include the "finished" handshake in the hashes.

MD5 & SHA handshake hash input: [Len: 4]
   14 00 00 24                                       ...$
MD5 & SHA handshake hash input: [Len: 36]
   2e 9f 84 6b 29 af 67 9c b3 16 dd 19 2e 42 ac b9   ...k).g......B..
   75 e4 48 7f e3 d2 9a 52 c5 40 59 b6 c3 ba c1 0f   u.H....R.@Y.....
   d4 a3 0f 67                                       ...g

After hashing the client's finished handshake, the handshake hashes are:

MD5 state: f6b0a72e 2150598c aa3fb2fe 89f69207
MD5_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g
SHA1 state: 56341040 456e5414 53cd4624 6e6ddff8 789c7ee0
SHA1_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g

Server's Change_Cipher_Spec record

Now the server sends its final two records before the application data can be sent. The final two records are:

a Change_cipher_spec record
a "Finished" handshake record

send change_cipher_spec record
SendPlainText record type: change_cipher_spec (20) bytes=1
send (unencrypted) record data: [Len: 6]
+  14 03 00 00 01 01                                 ......

Set Current Write Cipher Suite to Pending

Server's Finished Handshake

Now, send the fully MAC'ed and encrypted finished handshake.
First, compute the "md5_hash" and "sha_hash" as defined for the server's "finish" message in section 7.6.9 of the SSL 3.0 spec. In this example, we first compute the "inner" portion of each hash, then compute the "outer" portions.

send finished handshake

MD5 state: f6b0a72e 2150598c aa3fb2fe 89f69207
MD5_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g

Compute inner MD5_hash:
MD5 inner: sender [Len: 4]
   53 52 56 52                                       SRVR
MD5 inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 inner: MAC Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666

Inner MD5_hash result:
MD5 inner: result [Len: 16]
   c8 db d5 d1 bb 8d 38 bb e2 64 85 3d b2 5b 84 9f   ......8..d.=.[..

SHA1 state: 56341040 456e5414 53cd4624 6e6ddff8 789c7ee0
SHA1_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g

Compute inner SHA_hash:
SHA inner: sender [Len: 4]
   53 52 56 52                                       SRVR
SHA inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA inner: MAC Pad 1 [Len: 40]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36                           66666666

Inner SHA_hash result:
SHA inner: result [Len: 20]
   20 95 47 2a 3f 7f 7a 77 9b b4 a4 d1 e5 57 72 e0    .G*?.zw.....Wr.
   cc 01 cf d8                                       ....

Compute outer MD5_hash:
MD5 outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 outer: MAC Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
MD5 outer: MD5 inner [Len: 16]
   c8 db d5 d1 bb 8d 38 bb e2 64 85 3d b2 5b 84 9f   ......8..d.=.[..

Outer (final) MD5_hash result:
MD5 outer: result [Len: 16]
   e3 e9 67 c0 fd 98 b0 11 60 e6 5d 41 97 90 97 e4   ..g.....`.]A....

Compute outer SHA_hash:
SHA outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA outer: MAC Pad 2 [Len: 40]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c                           \\\\\\\\
SHA outer: SHA inner [Len: 20]
   20 95 47 2a 3f 7f 7a 77 9b b4 a4 d1 e5 57 72 e0    .G*?.zw.....Wr.
   cc 01 cf d8                                       ....

Outer (final) SHA_hash result:
SHA outer: result [Len: 20]
   f6 eb 57 fc 7a 41 d7 c0 08 9b f5 b5 93 56 11 8b   ..W.zA.......V..
   2d 02 72 68                                       -.rh

Now, construct the "finished" handshake message, and include it in the "handshake hashes". Note that it is composed of the two outer hashes computed above. First, review the current values of the handshake hashes:

MD5 state: f6b0a72e 2150598c aa3fb2fe 89f69207
MD5_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g
SHA1 state: 56341040 456e5414 53cd4624 6e6ddff8 789c7ee0
SHA1_TraceState: buffered input [Len: 7]
   ba c1 0f d4 a3 0f 67                              ......g

append handshake header: type finished     (20)
MD5 & SHA handshake hash input: [Len: 1]
   14                                                .
MD5 & SHA handshake hash input: [Len: 3]
   00 00 24                                          ..$
MD5 & SHA handshake hash input: [Len: 36]
   e3 e9 67 c0 fd 98 b0 11 60 e6 5d 41 97 90 97 e4   ..g.....`.]A....
   f6 eb 57 fc 7a 41 d7 c0 08 9b f5 b5 93 56 11 8b   ..W.zA.......V..
   2d 02 72 68                                       -.rh

The handshake hash results of the second "finished" handshake are not used.

SendPlainText record type: handshake  (22) bytes=40
Send PlainText record [Len: 40]
   14 00 00 24 e3 e9 67 c0 fd 98 b0 11 60 e6 5d 41   ...$..g.....`.]A
   97 90 97 e4 f6 eb 57 fc 7a 41 d7 c0 08 9b f5 b5   ......W.zA......
   93 56 11 8b 2d 02 72 68                           .V..-.rh

Compute the MAC on the plaintext "finished" handshake message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 00 16 00 28                  ..........(
frag hash1: input [Len: 40]
   14 00 00 24 e3 e9 67 c0 fd 98 b0 11 60 e6 5d 41   ...$..g.....`.]A
   97 90 97 e4 f6 eb 57 fc 7a 41 d7 c0 08 9b f5 b5   ......W.zA......
   93 56 11 8b 2d 02 72 68                           .V..-.rh
frag hash2: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   d3 9d c4 8a 78 1b 40 3b 84 28 b4 14 78 a7 e8 70   ....x.@;.(..x..p
frag hash2: result [Len: 16]
   75 7f 49 71 e6 7c 3a cb 7a 5d 83 e8 cf 6d dd 2c   u.Iq.|:.z]...m.,

Append the result above to the plaintext handshake message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 61]
+  16 03 00 00 38 cb 71 4d 6a dc 24 7a aa a4 23 21   ....8.qMj.$z..#!
+  b4 98 e6 60 62 eb a8 d9 f2 ee c2 c6 f8 53 22 6c   ...`b........S"l
+  26 e0 65 10 8b c4 a4 1b 70 66 c1 63 11 ac c4 2b   &.e.....pf.c...+
+  44 32 69 00 c6 ae 32 98 69 e3 95 75 3a            D2i...2.i..u:

The SSL handshakes are now completed. Application data will follow.

Client's Application Data Record

Receive the client's first application_data record.

raw gather data: [Len: 5]
+  17 03 00 01 09                                    .....
ciphertext: [Len: 265]
+  c4 76 04 8a 19 9e 74 af 29 c5 8c 1d 98 fe 2a 58   .v....t.).....*X
+  43 51 a5 57 b8 f1 8e 98 1b 47 fb a4 b7 50 bb 0a   CQ.W.....G...P..
+  15 d2 04 ec 6c 3a f6 2e b0 de f6 46 dc a3 ec b9   ....l:.....F....
+  56 99 35 be c0 20 eb 99 8f f1 a6 dc a3 da 2b f1   V.5.. ........+.
+  cd 03 b7 48 20 7c 91 64 f1 93 7e 0f 78 f3 72 66   ...H |.d..~.x.rf
+  4e 7a ea 55 ff d7 48 6a 7e 26 8c e3 26 b9 f1 56   Nz.U..Hj~&..&..V
+  0d a0 30 44 43 6c 21 90 4f 95 14 59 3d 0a 5d 14   ..0DCl!.O..Y=.].
+  4b cb a2 11 06 56 1e bd cd ad db a3 c4 29 88 91   K....V.......)..
+  f5 46 2f ca cc 5d a4 27 a5 05 57 a4 bb cd 2c ae   .F/..].'..W...,.
+  38 45 bb 35 94 fa 23 ee 19 bc 78 49 1f 20 19 d1   8E.5..#...xI. ..
+  2a c9 2c e5 dc 73 9c 87 a6 2a 76 4f 52 5a 7b 39   *.,..s...*vORZ{9
+  ef b0 a7 38 61 68 83 08 ee 6c 3a e7 f9 de a9 b5   ...8ah...l:.....
+  7a cc a4 7d 3e f5 92 df f9 dd f4 c4 2c 20 aa 5e   z..}>......., .^
+  81 97 7e 9e c7 29 29 fc b2 24 e1 17 95 da d9 28   ..~..))..$.....(
+  1b 3f d4 fb cd 96 fa a9 74 54 eb 37 50 33 7b 2e   .?......tT.7P3{.
+  93 27 66 43 b2 f1 23 b7 78 27 87 0d 58 b4 19 22   .'fC..#.x'..X.."
+  33 89 d1 c8 e5 6a cd b6 72                        3....j..r

Decrypt the ciphertext using the keys/IVs above.

plaintext: [Len: 265]
   47 45 54 20 2f 62 61 72 20 48 54 54 50 2f 31 2e   GET /bar HTTP/1.
   30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b   0..Connection: K
   65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d   eep-Alive..User-
   41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f 34   Agent: Mozilla/4
   2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54 3b   .02 [en] (WinNT;
   20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f 75    U)..Host: bijou
   2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d 0a   .mcom.com:1999..
   41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67 69   Accept: image/gi
   66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74 6d   f, image/x-xbitm
   61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c 20   ap, image/jpeg, 
   69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f 2a   image/pjpeg, */*
   0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61 67   ..Accept-Languag
   65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c 65   e: en-US,en-GB,e
   6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73 65   n..Accept-Charse
   74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a 2c   t: iso-8859-1,*,
   75 74 66 2d 38 0d 0a 0d 0a 10 02 08 07 ab a7 1e   utf-8...........
   b6 82 89 bd d1 c6 8b c9 99                        .........

frag hash1: MAC secret [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 01 17 00 f9                  ...........
frag hash1: input [Len: 249]
   47 45 54 20 2f 62 61 72 20 48 54 54 50 2f 31 2e   GET /bar HTTP/1.
   30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b   0..Connection: K
   65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d   eep-Alive..User-
   41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f 34   Agent: Mozilla/4
   2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54 3b   .02 [en] (WinNT;
   20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f 75    U)..Host: bijou
   2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d 0a   .mcom.com:1999..
   41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67 69   Accept: image/gi
   66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74 6d   f, image/x-xbitm
   61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c 20   ap, image/jpeg, 
   69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f 2a   image/pjpeg, */*
   0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61 67   ..Accept-Languag
   65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c 65   e: en-US,en-GB,e
   6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73 65   n..Accept-Charse
   74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a 2c   t: iso-8859-1,*,
   75 74 66 2d 38 0d 0a 0d 0a                        utf-8....
frag hash2: MAC secret [Len: 16]
   7d d8 c8 49 57 e0 9c 20 27 de b7 e3 cb 17 cf 02   }..IW.. '.......
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   73 02 e1 a1 dd a6 ec 61 b0 46 af 08 bf c1 51 a3   s......a.F....Q.
frag hash2: result [Len: 16]
   10 02 08 07 ab a7 1e b6 82 89 bd d1 c6 8b c9 99   ................

Note that the computed MAC matches the last 16 bytes of the plaintext above. The Client's MAC is verified. The request is passed up to the http server above.

Server Application Data Record

In this example, the server's response is sent in three sequential Application Data records. Here is the first one.

SecureSend: sending 116 bytes
SendPlainText record type: application_data (23) bytes=116
Send PlainText record [Len: 116]
   48 54 54 50 2f 31 2e 30 20 32 30 30 20 4f 4b 0d   HTTP/1.0 200 OK.
   0a 53 65 72 76 65 72 3a 20 4e 65 74 73 63 61 70   .Server: Netscap
   65 2d 45 6e 74 65 72 70 72 69 73 65 2f 32 2e 30   e-Enterprise/2.0
   61 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 32 36   a..Date: Tue, 26
   20 41 75 67 20 31 39 39 37 20 32 32 3a 31 30 3a    Aug 1997 22:10:
   30 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d   05 GMT..Content-
   74 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e   type: text/plain
   0d 0a 0d 0a                                       ....

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 01 17 00 74                  ..........t
frag hash1: input [Len: 116]
   48 54 54 50 2f 31 2e 30 20 32 30 30 20 4f 4b 0d   HTTP/1.0 200 OK.
   0a 53 65 72 76 65 72 3a 20 4e 65 74 73 63 61 70   .Server: Netscap
   65 2d 45 6e 74 65 72 70 72 69 73 65 2f 32 2e 30   e-Enterprise/2.0
   61 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 32 36   a..Date: Tue, 26
   20 41 75 67 20 31 39 39 37 20 32 32 3a 31 30 3a    Aug 1997 22:10:
   30 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d   05 GMT..Content-
   74 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e   type: text/plain
   0d 0a 0d 0a                                       ....
frag hash2: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   9a 90 1b f7 8d ee 0d 42 8d 85 38 78 e2 6b 58 4a   .......B..8x.kXJ
frag hash2: result [Len: 16]
   57 5a 74 6e 38 c0 20 2e 7e ff ca 3c 60 a5 2b 5e   WZtn8. .~..<`.+^

Append the result above to the plaintext application data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 137]
+  17 03 00 00 84 dc 70 e3 78 28 86 fd a2 9c 74 d9   ......p.x(....t.
+  e9 98 26 ec e2 5c 6f 03 60 56 37 8c d7 c0 e2 da   ..&..\o.`V7.....
+  3b b9 9b 9f ef dc 8e 2e 53 36 9b 82 d9 0f 7e e7   ;.......S6....~.
+  ed b9 bb 2f a2 ba dc cf 22 99 a7 cd ec e9 51 ec   .../....".....Q.
+  58 c7 98 2e 80 d2 c2 c5 f5 5c dd b9 3c 18 76 23   X........\..<.v#
+  7d 57 37 c7 41 b3 11 0b 50 d9 1c ff 0e 6a 3b 2b   }W7.A...P....j;+
+  fb 95 43 df 83 5d 73 c5 28 c3 18 1d 06 7b 03 69   ..C..]s.(....{.i
+  f0 f8 79 19 dc 34 93 d5 6d a3 5f 32 da 55 ca d0   ..y..4..m._2.U..
+  d8 0f 91 8d dc 42 26 f5 f8                        .....B&..

Here is the second of the Server's three application data responses.

SecureSend: sending 249 bytes
SendPlainText record type: application_data (23) bytes=249
Send PlainText record [Len: 249]
   47 45 54 20 2f 62 61 72 20 48 54 54 50 2f 31 2e   GET /bar HTTP/1.
   30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b   0..Connection: K
   65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d   eep-Alive..User-
   41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f 34   Agent: Mozilla/4
   2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54 3b   .02 [en] (WinNT;
   20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f 75    U)..Host: bijou
   2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d 0a   .mcom.com:1999..
   41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67 69   Accept: image/gi
   66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74 6d   f, image/x-xbitm
   61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c 20   ap, image/jpeg, 
   69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f 2a   image/pjpeg, */*
   0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61 67   ..Accept-Languag
   65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c 65   e: en-US,en-GB,e
   6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73 65   n..Accept-Charse
   74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a 2c   t: iso-8859-1,*,
   75 74 66 2d 38 0d 0a 0d 0a                        utf-8....

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 02 17 00 f9                  ...........
frag hash1: input [Len: 249]
   47 45 54 20 2f 62 61 72 20 48 54 54 50 2f 31 2e   GET /bar HTTP/1.
   30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b   0..Connection: K
   65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d   eep-Alive..User-
   41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f 34   Agent: Mozilla/4
   2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54 3b   .02 [en] (WinNT;
   20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f 75    U)..Host: bijou
   2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d 0a   .mcom.com:1999..
   41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67 69   Accept: image/gi
   66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74 6d   f, image/x-xbitm
   61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c 20   ap, image/jpeg, 
   69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f 2a   image/pjpeg, */*
   0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61 67   ..Accept-Languag
   65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c 65   e: en-US,en-GB,e
   6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73 65   n..Accept-Charse
   74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a 2c   t: iso-8859-1,*,
   75 74 66 2d 38 0d 0a 0d 0a                        utf-8....
frag hash2: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   4b 0c cb c4 49 33 fa b9 f2 9d ba 76 fc 9e 3d c4   K...I3.....v..=.
frag hash2: result [Len: 16]
   f9 be 24 8a ea 60 d4 d7 f2 7c 08 48 7c e0 7b a2   ..$..`...|.H|.{.

Append the result above to the plaintext application data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 270]
+  17 03 00 01 09 0b 3d ed 7a 32 51 45 37 96 c0 01   ......=.z2QE7...
+  0c 2b 8d ad 55 a3 f3 5c 46 17 36 de 2e 08 62 11   .+..U..\F.6...b.
+  2f c3 4d 34 2e 04 9e 7a 06 06 d6 23 f9 dc 9c c8   /.M4...z...#....
+  b4 9c 61 f4 2a cd be ea f4 46 b1 95 bf 13 40 87   ..a.*....F....@.
+  b0 89 f1 02 70 ff 80 ea 70 8d cf 99 4f 00 21 28   ....p...p...O.!(
+  9b cc b4 d5 11 4c 25 cc 57 a4 d3 7a 58 59 c3 11   .....L%.W..zXY..
+  26 ce 01 55 7b d0 8a a0 f8 cc e1 a7 c5 c3 16 14   &..U{...........
+  04 a7 b5 88 58 d3 1d ad f6 ef a4 23 f8 38 af 9f   ....X......#.8..
+  45 0c 38 14 0d dc 10 af b3 b2 f3 41 a4 e4 f0 f1   E.8........A....
+  07 b1 61 92 20 f5 b0 78 64 7e 42 74 62 5f 34 a4   ..a. ..xd~Btb_4.
+  cf 4c b8 54 69 d3 55 84 bb 10 c4 47 90 d6 29 af   .L.Ti.U....G..).
+  aa f5 9c fb b8 40 78 7e 55 d7 b1 a2 19 32 eb 2a   .....@x~U....2.*
+  dd 46 9d 54 22 bc 40 ac 30 50 12 ee c3 97 ea 60   .F.T".@.0P.....`
+  90 c6 d0 ac e5 0d 17 86 d0 ad dd 4a 71 07 e8 89   ...........Jq...
+  38 f2 1c c8 06 78 3e e7 a4 d5 7f bb a1 e7 71 90   8....x>.......q.
+  4e de 92 14 9d 69 6a bb 7e ce 69 39 05 28 3a aa   N....ij.~.i9.(:.
+  5d cf c2 99 d7 3d a4 d6 88 46 e2 08 93 ef         ]....=...F....

Here is the third of the Server's three application data responses.

SecureSend: sending 5 bytes
SendPlainText record type: application_data (23) bytes=5
Send PlainText record [Len: 5]
   45 4f 46 0d 0a                                    EOF..

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 03 17 00 05                  ...........
frag hash1: input [Len: 5]
   45 4f 46 0d 0a                                    EOF..
frag hash2: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   04 d8 27 33 a0 9d 46 cc c4 80 8d ef 03 37 0c 33   ..'3..F......7.3
frag hash2: result [Len: 16]
   8a a9 26 31 b0 33 e9 2f 61 26 d7 83 37 73 d6 8c   ..&1.3./a&..7s..

Append the result above to the plaintext application data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 26]
+  17 03 00 00 15 3d e9 62 0c d7 bc 81 77 a0 30 d0   .....=.b....w.0.
+  45 cb fc 33 ee 69 16 de 01 85                     E..3.i....

Server Close_Notify Alert Record

Finally, The server sends a "close notify" alert record to tell the client it is done. This is not a handshake, and is not included in handshake hashes.

send alert record, level=1 desc=0
SendPlainText record type: alert      (21) bytes=2
Send PlainText record [Len: 2]
   01 00                                             ..

Compute the MAC on the alert. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 04 15 00 02                  ...........
frag hash1: input [Len: 2]
   01 00                                             ..
frag hash2: MAC secret [Len: 16]
   6f 17 44 17 18 5a 6c c3 80 a1 fa b1 3f e6 49 ef   o.D..Zl.....?.I.
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   61 53 a2 5c 8d 3f e7 aa 2c cb 62 66 0d bb f9 a9   aS.\.?..,.bf....
frag hash2: result [Len: 16]
   ad 03 db ab a3 d2 22 08 ed cd e3 7f 5b 09 45 23   ......".....[.E#

Append the result above to the plaintext alert message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 23]
+  15 03 00 00 12 47 5a 85 6b 9d 95 81 31 4c b5 be   .....GZ.k...1L..
+  a5 1a 37 4e 57 8a 6c                              ..7NW.l

closing, rv=0 errno=10035

The server closes the connection, and thus does not recieve the close notify alert from the client.

Second connection, "resuming" the first one.

SSL V3 client_hello Handshake

Unlike the first connection above, the second connection begins with a SSL V3 client_hello handshake message.

raw gather data: [Len: 5]
+  16 03 00 00 55                                    ....U
plaintext: [Len: 85]
+  01 00 00 51 03 00 34 03 61 67 b0 2b 37 0b 11 06   ...Q..4.ag.+7...
+  49 07 f0 13 93 7d 57 ca e1 2d 10 99 67 a2 7c b9   I....}W..-..g.|.
+  61 e8 1d 4e 70 85 20 00 00 4f 47 95 8f 49 f8 7b   a..Np. ..OG..I.{
+  d8 41 71 5f 36 f9 6f 7d a2 31 fa 25 07 8e 45 3c   .Aq_6.o}.1.%..E<
+  0e d9 e7 d4 d2 86 5c 00 0a 00 04 00 0a 00 09 00   ......\.........
+  03 00 06 01 00                                    .....

handle handshake message: client_hello  (1)

Since this is a new connection, the handshake hashes start from scratch.

reset handshake hashes
MD5 state: 67452301 efcdab89 98badcfe 10325476
MD5_TraceState: buffered input [Len: 0]
SHA1 state: 67452301 efcdab89 98badcfe 10325476 c3d2e1f0
SHA1_TraceState: buffered input [Len: 0]

Include the client hello in the new handshake hashes.

MD5 & SHA handshake hash input: [Len: 4]
   01 00 00 51                                       ...Q
MD5 & SHA handshake hash input: [Len: 81]
   03 00 34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13   ..4.ag.+7...I...
   93 7d 57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e   .}W..-..g.|.a..N
   70 85 20 00 00 4f 47 95 8f 49 f8 7b d8 41 71 5f   p. ..OG..I.{.Aq_
   36 f9 6f 7d a2 31 fa 25 07 8e 45 3c 0e d9 e7 d4   6.o}.1.%..E<....
   d2 86 5c 00 0a 00 04 00 0a 00 09 00 03 00 06 01   ..\.............
   00                                                .

After hashing the client hello handshake, the handshake hashes are:

MD5 state: 2badc495 946672c9 16e88abe a4b94974
MD5_TraceState: buffered input [Len: 21]
   0e d9 e7 d4 d2 86 5c 00 0a 00 04 00 0a 00 09 00   ......\.........
   03 00 06 01 00                                    .....
SHA1 state: 5a4163b5 e6b905a0 e0396a8e f116b66c e144dda4
SHA1_TraceState: buffered input [Len: 21]
   0e d9 e7 d4 d2 86 5c 00 0a 00 04 00 0a 00 09 00   ......\.........
   03 00 06 01 00                                    .....

The client_hello handshake is parsed as:

handle client_hello handshake
   03 00                                             ..
client random (new):
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
session ID length:
   20                                                 
session ID (same as in previous server_hello):
   00 00 4f 47 95 8f 49 f8 7b d8 41 71 5f 36 f9 6f   ..OG..I.{.Aq_6.o
   7d a2 31 fa 25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c   }.1.%..E<......\
cipher suite length:
   00 0a                                             ..
cipher suites:
   00 04 00 0a 00 09 00 03 00 06                     ..........
compression len:
   01                                                .
compression:
   00                                                .

The server recognizes the session ID in this client_hello handshake as being the same as in the previous connection, so after sending the server_hello, it will proceed directly to the change_cipher_spec handshake.

Server_Hello Handshake

Construct the server_hello.
The entire server_hello handshake is included in the "handshake hashes"..

send server_hello handshake
append handshake header: type server_hello  (2)
   02                                                .
   00 00 46                                          ..F
   03 00                                             ..
server random (new):
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
session ID len:
   20                                                 
session ID (same as before):
   00 00 4f 47 95 8f 49 f8 7b d8 41 71 5f 36 f9 6f   ..OG..I.{.Aq_6.o
   7d a2 31 fa 25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c   }.1.%..E<......\
   00 04                                             ..
   00                                                .

After hashing the server_hello handshake, the handshake hashes are:

MD5 state: bfc4f833 2d0e5fe7 daa0ae68 abbc91fe
MD5_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...
SHA1 state: f09eb308 10e1d22c dfe27d00 a526a933 a84f7444
SHA1_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...

Set Pending Cipher Suite to 0x0004 -- SSL_RSA_WITH_RC4_128_MD5

We re-use the master secret from the previous session, the one being "restarted". There are new client_random and server_random values, so we must compute a new "key block" from which the mac secrets, write-keys and write-IVs will be derived. This is as described in section 8.2.2 of the SSL 3.0 spec.

keygen SHA hash: mixers [Len: 1]
   41                                                A
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   d7 55 b2 e4 18 a3 f6 80 2b c8 7f bc ab c3 a3 05   .U......+.......
   23 a0 fb c7                                       #...
keygen MD5 hash: MD5 hash output [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....

keygen SHA hash: mixers [Len: 2]
   42 42                                             BB
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   a7 e4 39 71 2e 12 93 11 29 17 92 e5 63 e1 66 07   ..9q....)...c.f.
   7c ce a8 a7                                       |...
keygen MD5 hash: MD5 hash output [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..

keygen SHA hash: mixers [Len: 3]
   43 43 43                                          CCC
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   1f 17 99 2d 0b e7 05 f7 87 c3 cd 49 41 d5 8d ae   ...-.......IA...
   ce cd 18 c7                                       ....
keygen MD5 hash: MD5 hash output [Len: 16]
   45 92 f5 ce e7 03 d0 88 d7 c4 7e c0 88 33 18 4c   E.........~..3.L

keygen SHA hash: mixers [Len: 4]
   44 44 44 44                                       DDDD
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   f5 f3 5d 6c f1 3b fd 13 2b 67 9b f1 bd f6 93 60   ..]l.;..+g.....`
   62 fe 07 81                                       b...
keygen MD5 hash: MD5 hash output [Len: 16]
   86 04 66 f4 39 2a 49 64 22 08 77 92 bd 5c be f5   ..f.9*Id".w..\..

keygen SHA hash: mixers [Len: 5]
   45 45 45 45 45                                    EEEEE
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   a9 95 98 65 0a 5e a6 57 12 55 00 e6 f5 0d bc a2   ...e.^.W.U......
   96 cc b4 6b                                       ...k
keygen MD5 hash: MD5 hash output [Len: 16]
   9f 18 95 fd c9 17 d5 f0 fd 13 76 98 73 84 9e fc   ..........v.s...

keygen SHA hash: mixers [Len: 6]
   46 46 46 46 46 46                                 FFFFFF
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   0c 3b 93 15 d5 e4 c6 1e 7b d7 cc 41 59 3c 73 6d   .;......{..AY<sm
   eb 4c f3 53                                       .L.S
keygen MD5 hash: MD5 hash output [Len: 16]
   80 4c 1b b2 6e 95 e1 9f 56 b6 d4 93 62 2a ae a8   .L..n...V...b*..

keygen SHA hash: mixers [Len: 7]
   47 47 47 47 47 47 47                              GGGGGGG
keygen SHA hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen SHA hash: server random [Len: 32]
   34 03 61 67 c6 79 d1 3e 7f 61 0d 7a 32 fb b2 67   4.ag.y.>.a.z2..g
   3d a8 d7 32 7e 53 3f fc 29 4b 2c e5 29 1f 31 e8   =..2~S?.)K,.).1.
keygen SHA hash: client random [Len: 32]
   34 03 61 67 b0 2b 37 0b 11 06 49 07 f0 13 93 7d   4.ag.+7...I....}
   57 ca e1 2d 10 99 67 a2 7c b9 61 e8 1d 4e 70 85   W..-..g.|.a..Np.
keygen MD5 hash: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
keygen MD5 hash: SHA hash output [Len: 20]
   04 b4 50 53 ab 10 9f ae 74 54 66 2f ad e2 26 46   ..PS....tTf/..&F
   ab c9 bc db                                       ....
keygen MD5 hash: MD5 hash output [Len: 16]
   af ce c6 e5 1f 2d 09 a2 0a 90 f9 c4 e3 a5 5d cc   .....-........].

Concatenate the above seven MD5 hash results to produce the "key block":

key block: [Len: 112]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
   45 92 f5 ce e7 03 d0 88 d7 c4 7e c0 88 33 18 4c   E.........~..3.L
   86 04 66 f4 39 2a 49 64 22 08 77 92 bd 5c be f5   ..f.9*Id".w..\..
   9f 18 95 fd c9 17 d5 f0 fd 13 76 98 73 84 9e fc   ..........v.s...
   80 4c 1b b2 6e 95 e1 9f 56 b6 d4 93 62 2a ae a8   .L..n...V...b*..
   af ce c6 e5 1f 2d 09 a2 0a 90 f9 c4 e3 a5 5d cc   .....-........].

Now, divide up the key block, producing the mac secrets, write keys, and (for block-mode ciphers) the write IVs.

client write mac secret: [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
server write mac secret: [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
client write key: [Len: 16]
   45 92 f5 ce e7 03 d0 88 d7 c4 7e c0 88 33 18 4c   E.........~..3.L
server write key: [Len: 16]
   86 04 66 f4 39 2a 49 64 22 08 77 92 bd 5c be f5   ..f.9*Id".w..\..
client write iv: [Len: 0]
server write iv: [Len: 0]

Flush the server_hello handshake record out to the wire, because the change_cipher_spec record, which follows, is not a handshake record.

SendPlainText record type: handshake  (22) bytes=74
send (unencrypted) record data: [Len: 79]
+  16 03 00 00 4a 02 00 00 46 03 00 34 03 61 67 c6   ....J...F..4.ag.
+  79 d1 3e 7f 61 0d 7a 32 fb b2 67 3d a8 d7 32 7e   y.>.a.z2..g=..2~
+  53 3f fc 29 4b 2c e5 29 1f 31 e8 20 00 00 4f 47   S?.)K,.).1. ..OG
+  95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
+  25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...

Server's Change_Cipher_Spec Record

This is not a handshake record, and is not included in the handshake hashes..

SendPlainText record type: change_cipher_spec (20) bytes=1
send (unencrypted) record data: [Len: 6]
+  14 03 00 00 01 01                                 ......
Set Current Write Cipher Suite to Pending

Server's Finished Handshake

Send the fully MAC'ed and encrypted finished message.
First, compute the "md5_hash" and "sha_hash" as defined for the "finish" message in section 7.6.9 of the SSL 3.0 spec. In this example, we first compute the "inner" portion of each hash, then compute the "outer" portions.

send finished handshake
Compute inner MD5_hash:
MD5 state: bfc4f833 2d0e5fe7 daa0ae68 abbc91fe
MD5_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...
MD5 inner: sender [Len: 4]
   53 52 56 52                                       SRVR
MD5 inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 inner: MAC Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
MD5 inner: result [Len: 16]
   7c b6 40 4f 42 c5 ea 97 2e e3 c7 8a ad 07 3b 14   |.@OB.........;.

Compute inner SHA1 hash:
SHA1 state: f09eb308 10e1d22c dfe27d00 a526a933 a84f7444
SHA1_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...
SHA inner: sender [Len: 4]
   53 52 56 52                                       SRVR
SHA inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA inner: MAC Pad 1 [Len: 40]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36                           66666666
SHA inner: result [Len: 20]
   25 86 dd d4 79 2c b2 82 33 bd 28 29 fc 3a ed 1b   %...y,..3.().:..
   63 e2 e7 5f                                       c.._

Compute outer MD5 hash:
MD5 outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 outer: MAC Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
MD5 outer: MD5 inner [Len: 16]
   7c b6 40 4f 42 c5 ea 97 2e e3 c7 8a ad 07 3b 14   |.@OB.........;.
MD5 outer: result [Len: 16]
   b0 4e c6 b5 57 5d ea bb 42 e5 19 5f 4e d7 0e cf   .N..W]..B.._N...

Compute outer SHA1 hash:
SHA outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA outer: MAC Pad 2 [Len: 40]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c                           \\\\\\\\
SHA outer: SHA inner [Len: 20]
   25 86 dd d4 79 2c b2 82 33 bd 28 29 fc 3a ed 1b   %...y,..3.().:..
   63 e2 e7 5f                                       c.._
SHA outer: result [Len: 20]
   9d f9 f9 9a d5 86 79 ed 27 66 df da bc 98 de 9b   ......y.'f......
   92 bd 40 3c                                       ..@<

MD5 state: bfc4f833 2d0e5fe7 daa0ae68 abbc91fe
MD5_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...
SHA1 state: f09eb308 10e1d22c dfe27d00 a526a933 a84f7444
SHA1_TraceState: buffered input [Len: 31]
   95 8f 49 f8 7b d8 41 71 5f 36 f9 6f 7d a2 31 fa   ..I.{.Aq_6.o}.1.
   25 07 8e 45 3c 0e d9 e7 d4 d2 86 5c 00 04 00      %..E<......\...

Include the "finished" message in the handshake hashes.

append handshake header: type finished     (20)
   14                                                .
   00 00 24                                          ..$
   b0 4e c6 b5 57 5d ea bb 42 e5 19 5f 4e d7 0e cf   .N..W]..B.._N...
   9d f9 f9 9a d5 86 79 ed 27 66 df da bc 98 de 9b   ......y.'f......
   92 bd 40 3c                                       ..@<

After hashing in the server's finished handshake, the handshake hashes are:

MD5 state: 5bdcf868 49679674 1c96660b 2a3d78b5
MD5_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<
SHA1 state: f6f05f53 a3e28eb2 dfb614f7 57b30778 2b88dd55
SHA1_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<

SendPlainText record type: handshake  (22) bytes=40
Send PlainText record [Len: 40]
   14 00 00 24 b0 4e c6 b5 57 5d ea bb 42 e5 19 5f   ...$.N..W]..B.._
   4e d7 0e cf 9d f9 f9 9a d5 86 79 ed 27 66 df da   N.........y.'f..
   bc 98 de 9b 92 bd 40 3c                           ......@<

Compute the MAC on the plaintext "finished" handshake message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 00 16 00 28                  ..........(
frag hash1: input [Len: 40]
   14 00 00 24 b0 4e c6 b5 57 5d ea bb 42 e5 19 5f   ...$.N..W]..B.._
   4e d7 0e cf 9d f9 f9 9a d5 86 79 ed 27 66 df da   N.........y.'f..
   bc 98 de 9b 92 bd 40 3c                           ......@<
frag hash2: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   18 e8 b1 74 7f 88 a2 9f be e8 51 1c 71 77 9f ac   ...t......Q.qw..
frag hash2: result [Len: 16]
   78 55 3b 38 52 b8 7f bf d3 78 c3 2a 9a 40 c5 75   xU;8R....x.*.@.u

Append the MAC result above to the plaintext handshake message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 61]
+  16 03 00 00 38 53 97 71 48 96 d9 1b f9 e7 86 f7   ....8S.qH.......
+  66 f2 c4 b0 d3 09 cb 59 0c 6b 39 a7 8e 2a 31 d1   f......Y.k9..*1.
+  23 b3 ec 60 85 31 32 eb 0e bf 4e ba 63 db a7 55   #..`.12...N.c..U
+  02 47 a4 dd 12 59 ec c2 a4 65 a9 35 1a            .G...Y...e.5.

Client's Change_Cipher_Spec Record

The client will now send the server two records:

a change_cipher_spec record
a "finished" handshake record.

Here is the change_cipher_spec record, which is not encrypted. It is not included in the handshake hashes, because it is not a handshake record.

raw gather data: [Len: 5]
+  14 03 00 00 01                                    .....
plaintext: [Len: 1]
+  01                                                .
handle change_cipher_spec record
Set Current Read Cipher Suite to Pending

Client's Finished Handshake

Now receive the client's "finished" handshake record.

raw gather data: [Len: 5]
+  16 03 00 00 38                                    ....8
ciphertext: [Len: 56]
+  a7 f5 c3 b9 9a c3 d0 83 37 38 bb 75 c4 0c 05 47   ........78.u...G
+  53 0b ed 31 f6 a1 b8 72 9e c4 43 ed f4 9b 3a df   S..1...r..C...:.
+  36 48 89 d1 2d 49 eb af ff f5 7f 35 4a 8d 3a 06   6H..-I.....5J.:.
+  f5 7d 8a cf 74 cc 25 0f                           .}..t.%.

Decrypt the ciphertext using the keys/IVs above.

plaintext: [Len: 56]
   14 00 00 24 c1 f0 64 4e 4b 70 cc c0 7a 00 9c d4   ...$..dNKp..z...
   28 38 24 70 a2 f9 82 e5 b1 01 c3 47 5a 03 4c 06   (8$p.......GZ.L.
   84 f1 53 51 2b 20 b6 2f 8c f9 5e 99 cf 47 50 f7   ..SQ+ ./..^..GP.
   be a8 33 50 d9 ae b3 6a                           ..3P...j

frag hash1: MAC secret [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 00 16 00 28                  ..........(
frag hash1: input [Len: 40]
   14 00 00 24 c1 f0 64 4e 4b 70 cc c0 7a 00 9c d4   ...$..dNKp..z...
   28 38 24 70 a2 f9 82 e5 b1 01 c3 47 5a 03 4c 06   (8$p.......GZ.L.
   84 f1 53 51 2b 20 b6 2f                           ..SQ+ ./
frag hash2: MAC secret [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   d9 6e a9 bf 4c 7f 23 27 23 b8 70 19 87 3d eb 9c   .n..L.#'#.p..=..
frag hash2: result [Len: 16]
   8c f9 5e 99 cf 47 50 f7 be a8 33 50 d9 ae b3 6a   ..^..GP...3P...j

Note that the computed MAC matches the last 16 bytes of the plaintext above. The MAC is verified.

Compute inner MD5 hash.  First, review the current handshake hash state.
MD5 state: 5bdcf868 49679674 1c96660b 2a3d78b5
MD5_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<
MD5 inner: sender [Len: 4]
   43 4c 4e 54                                       CLNT
MD5 inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 inner: MAC Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
MD5 inner: result [Len: 16]
   2d a3 27 1b e8 05 c8 f2 3d 47 00 04 ca ab e4 e8   -.'.....=G......

Compute inner SHA hash.  First, review the current handshake hash state.
SHA1 state: f6f05f53 a3e28eb2 dfb614f7 57b30778 2b88dd55
SHA1_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<

SHA inner: sender [Len: 4]
   43 4c 4e 54                                       CLNT
SHA inner: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA inner: MAC Pad 1 [Len: 40]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36                           66666666
SHA inner: result [Len: 20]
   bf 7b 86 d1 ac c4 c4 80 9a 57 1c 10 1f 87 77 92   .{.......W....w.
   d6 8f 9c a9                                       ....

Compute the outer MD5 hash:
MD5 outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
MD5 outer: MAC Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
MD5 outer: MD5 inner [Len: 16]
   2d a3 27 1b e8 05 c8 f2 3d 47 00 04 ca ab e4 e8   -.'.....=G......
MD5 outer: result [Len: 16]
   c1 f0 64 4e 4b 70 cc c0 7a 00 9c d4 28 38 24 70   ..dNKp..z...(8$p

Compute the outer SHA hash:
SHA outer: master secret [Len: 48]
   14 49 96 2b 10 69 b9 d0 66 83 fc 06 64 a2 3f 34   .I.+.i..f...d.?4
   6d 1f 21 70 7f 29 f7 0b 0e e8 a9 63 11 d8 fc 46   m.!p.).....c...F
   8d 38 38 11 c1 a4 82 18 9f 8b 4b 16 d6 eb fa 6f   .88.......K....o
SHA outer: MAC Pad 2 [Len: 40]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c                           \\\\\\\\
SHA outer: SHA inner [Len: 20]
   bf 7b 86 d1 ac c4 c4 80 9a 57 1c 10 1f 87 77 92   .{.......W....w.
   d6 8f 9c a9                                       ....
SHA outer: result [Len: 20]
   a2 f9 82 e5 b1 01 c3 47 5a 03 4c 06 84 f1 53 51   .......GZ.L...SQ
   2b 20 b6 2f                                       + ./

The two outer hashes just computed match those in the plaintext finished message, shown above. So the handshake hashes are verified. Now, include the received "finished" handshake in the handshake hashes. First, review the state of the handshake hashes.

MD5 state: 5bdcf868 49679674 1c96660b 2a3d78b5
MD5_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<
SHA1 state: f6f05f53 a3e28eb2 dfb614f7 57b30778 2b88dd55
SHA1_TraceState: buffered input [Len: 7]
   98 de 9b 92 bd 40 3c                              .....@<

handle handshake message: finished     (20)
MD5 & SHA handshake hash input: [Len: 4]
   14 00 00 24                                       ...$
MD5 & SHA handshake hash input: [Len: 36]
   c1 f0 64 4e 4b 70 cc c0 7a 00 9c d4 28 38 24 70   ..dNKp..z...(8$p
   a2 f9 82 e5 b1 01 c3 47 5a 03 4c 06 84 f1 53 51   .......GZ.L...SQ
   2b 20 b6 2f                                       + ./

handshake is finished

Note that the handshake hashes are not used further in this connection.

Client's Application Data Record

Receive the client's first application_data record.

raw gather data: [Len: 5]
+  17 03 00 01 0a                                    .....
ciphertext: [Len: 266]
+  25 6c 43 a5 18 b1 6c 5b a5 06 59 27 7a 0e 26 f6   %lC...l[..Y'z.&.
+  32 aa f6 c4 f3 de bf 2c 35 66 9b dd a2 77 71 75   2......,5f...wqu
+  37 08 38 08 75 3e 8c 00 86 46 1a b4 bb fb 2e 85   7.8.u>...F......
+  d0 ce ae ac 23 9f 95 95 cd ba 98 14 3f ba b3 16   ....#.......?...
+  80 ad 21 d2 1c 8e 18 b9 26 e3 01 15 e8 0a a6 f2   ..!.....&.......
+  5d 16 ca 9d 64 8c f6 bf e1 86 6d 90 d3 d1 a6 be   ]...d.....m.....
+  4a 4e 77 56 1c c7 46 eb 05 79 ff 81 87 4f 3f 36   JNwV..F..y...O?6
+  09 82 f2 70 22 2b c8 08 4c 02 b0 d7 09 8e 66 43   ...p"+..L.....fC
+  a2 a2 d8 8a 56 90 f4 21 9d c7 8b 7d 7a 38 2b 93   ....V..!...}z8+.
+  dd dd 04 f7 f2 f8 36 51 ad 57 1e c3 30 ba aa 9a   ......6Q.W..0...
+  fa af 1d de ae 56 4a 71 a1 74 94 37 ea a6 27 e9   .....VJq.t.7..'.
+  d8 62 c9 61 6b ab f6 1d 4d 6f 00 d4 54 77 3b 0f   .b.ak...Mo..Tw;.
+  b8 d8 e2 40 5f 9c 10 8d 65 5c 25 e5 ea 6f 84 12   ...@_...e\%..o..
+  cb b0 a3 c2 aa ce 1e 5e f2 d7 9f 95 da 3e d3 26   .......^.....>.&
+  3c 24 5f 75 47 b3 65 29 ee ff 89 e5 56 01 c0 ab   <$_uG.e)....V...
+  5a fe a4 d0 cc f6 e4 5a 91 e5 9d 78 93 54 72 5b   Z......Z...x.Tr[
+  45 95 de 0b c8 34 c3 e2 8f 65                     E....4...e

Decrypt the ciphertext using the keys/IVs above.

plaintext: [Len: 266]
   47 45 54 20 2f 62 61 72 32 20 48 54 54 50 2f 31   GET /bar2 HTTP/1
   2e 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20   .0..Connection: 
   4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72   Keep-Alive..User
   2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f   -Agent: Mozilla/
   34 2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54   4.02 [en] (WinNT
   3b 20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f   ; U)..Host: bijo
   75 2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d   u.mcom.com:1999.
   0a 41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67   .Accept: image/g
   69 66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74   if, image/x-xbit
   6d 61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c   map, image/jpeg,
   20 69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f    image/pjpeg, */
   2a 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61   *..Accept-Langua
   67 65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c   ge: en-US,en-GB,
   65 6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73   en..Accept-Chars
   65 74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a   et: iso-8859-1,*
   2c 75 74 66 2d 38 0d 0a 0d 0a 48 c1 ce 0c 32 00   ,utf-8....H...2.
   b2 a6 b3 f5 36 98 63 ba 55 04                     ....6.c.U.

frag hash1: MAC secret [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 01 17 00 fa                  ...........
frag hash1: input [Len: 250]
   47 45 54 20 2f 62 61 72 32 20 48 54 54 50 2f 31   GET /bar2 HTTP/1
   2e 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20   .0..Connection: 
   4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72   Keep-Alive..User
   2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f   -Agent: Mozilla/
   34 2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54   4.02 [en] (WinNT
   3b 20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f   ; U)..Host: bijo
   75 2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d   u.mcom.com:1999.
   0a 41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67   .Accept: image/g
   69 66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74   if, image/x-xbit
   6d 61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c   map, image/jpeg,
   20 69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f    image/pjpeg, */
   2a 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61   *..Accept-Langua
   67 65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c   ge: en-US,en-GB,
   65 6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73   en..Accept-Chars
   65 74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a   et: iso-8859-1,*
   2c 75 74 66 2d 38 0d 0a 0d 0a                     ,utf-8....
frag hash2: MAC secret [Len: 16]
   5d bf a3 70 d7 f0 8e 2a d2 78 bc 57 82 a6 06 ff   ]..p...*.x.W....
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   a0 aa 59 b3 91 cb 74 05 df 28 44 9f 5b 50 eb 0a   ..Y...t..(D.[P..
frag hash2: result [Len: 16]
   48 c1 ce 0c 32 00 b2 a6 b3 f5 36 98 63 ba 55 04   H...2.....6.c.U.

Note that the computed MAC matches the last 16 bytes of the plaintext above. The MAC is verified. The GET request is sent to the HTTP layer above.

Server Application Data Record

In this example, the server's response is sent in three sequential Application Data records. Here is the first one.

SecureSend: sending 116 bytes
SendPlainText record type: application_data (23) bytes=116
Send PlainText record [Len: 116]
   48 54 54 50 2f 31 2e 30 20 32 30 30 20 4f 4b 0d   HTTP/1.0 200 OK.
   0a 53 65 72 76 65 72 3a 20 4e 65 74 73 63 61 70   .Server: Netscap
   65 2d 45 6e 74 65 72 70 72 69 73 65 2f 32 2e 30   e-Enterprise/2.0
   61 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 32 36   a..Date: Tue, 26
   20 41 75 67 20 31 39 39 37 20 32 32 3a 31 30 3a    Aug 1997 22:10:
   30 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d   05 GMT..Content-
   74 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e   type: text/plain
   0d 0a 0d 0a                                       ....

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 01 17 00 74                  ..........t
frag hash1: input [Len: 116]
   48 54 54 50 2f 31 2e 30 20 32 30 30 20 4f 4b 0d   HTTP/1.0 200 OK.
   0a 53 65 72 76 65 72 3a 20 4e 65 74 73 63 61 70   .Server: Netscap
   65 2d 45 6e 74 65 72 70 72 69 73 65 2f 32 2e 30   e-Enterprise/2.0
   61 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 32 36   a..Date: Tue, 26
   20 41 75 67 20 31 39 39 37 20 32 32 3a 31 30 3a    Aug 1997 22:10:
   30 35 20 47 4d 54 0d 0a 43 6f 6e 74 65 6e 74 2d   05 GMT..Content-
   74 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e   type: text/plain
   0d 0a 0d 0a                                       ....
frag hash2: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   33 14 e3 68 ff c6 fc 35 c4 bd cc 25 57 92 f3 19   3..h...5...%W...
frag hash2: result [Len: 16]
   ae 54 8b 86 55 99 9d e2 44 b9 97 d6 9a b3 ff 58   .T..U...D......X

Append the result above to the plaintext application_data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 137]
+  17 03 00 00 84 92 d5 e9 e1 99 0b 91 94 f3 03 93   ................
+  10 69 aa 6b 5f 6e a4 4d 77 b5 e4 ac 7e 3f f8 16   .i.k_n.Mw...~?..
+  67 68 a7 f5 a8 86 7b 5d 4e ed c5 93 e1 ef 8f 2b   gh....{]N......+
+  77 4d e9 99 9e 6b f6 ac a1 47 24 4c da 64 13 54   wM...k...G$L.d.T
+  88 be 7d ef 00 70 9a 87 f4 7d 7c fb 13 f3 41 de   ..}..p...}|...A.
+  e6 46 05 c3 c8 b7 1b 44 20 c5 0f e2 40 7a 8b 4d   .F.....D ...@z.M
+  c2 de 5a 87 55 b5 66 e4 8c 74 6c 37 d0 10 97 e3   ..Z.U.f..tl7....
+  87 2e 27 ac 54 ef 93 b5 32 bb c8 a9 7a 4e ab d6   ..'.T...2...zN..
+  3d e8 3e b7 06 74 66 0d 66                        =.>..tf.f

Here is the second of the Server's three application data responses, echoing the client's request in this example.

SecureSend: sending 250 bytes
SendPlainText record type: application_data (23) bytes=250
Send PlainText record [Len: 250]
   47 45 54 20 2f 62 61 72 32 20 48 54 54 50 2f 31   GET /bar2 HTTP/1
   2e 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20   .0..Connection: 
   4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72   Keep-Alive..User
   2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f   -Agent: Mozilla/
   34 2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54   4.02 [en] (WinNT
   3b 20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f   ; U)..Host: bijo
   75 2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d   u.mcom.com:1999.
   0a 41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67   .Accept: image/g
   69 66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74   if, image/x-xbit
   6d 61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c   map, image/jpeg,
   20 69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f    image/pjpeg, */
   2a 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61   *..Accept-Langua
   67 65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c   ge: en-US,en-GB,
   65 6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73   en..Accept-Chars
   65 74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a   et: iso-8859-1,*
   2c 75 74 66 2d 38 0d 0a 0d 0a                     ,utf-8....

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 02 17 00 fa                  ...........
frag hash1: input [Len: 250]
   47 45 54 20 2f 62 61 72 32 20 48 54 54 50 2f 31   GET /bar2 HTTP/1
   2e 30 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20   .0..Connection: 
   4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72   Keep-Alive..User
   2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c 6c 61 2f   -Agent: Mozilla/
   34 2e 30 32 20 5b 65 6e 5d 20 28 57 69 6e 4e 54   4.02 [en] (WinNT
   3b 20 55 29 0d 0a 48 6f 73 74 3a 20 62 69 6a 6f   ; U)..Host: bijo
   75 2e 6d 63 6f 6d 2e 63 6f 6d 3a 31 39 39 39 0d   u.mcom.com:1999.
   0a 41 63 63 65 70 74 3a 20 69 6d 61 67 65 2f 67   .Accept: image/g
   69 66 2c 20 69 6d 61 67 65 2f 78 2d 78 62 69 74   if, image/x-xbit
   6d 61 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c   map, image/jpeg,
   20 69 6d 61 67 65 2f 70 6a 70 65 67 2c 20 2a 2f    image/pjpeg, */
   2a 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 75 61   *..Accept-Langua
   67 65 3a 20 65 6e 2d 55 53 2c 65 6e 2d 47 42 2c   ge: en-US,en-GB,
   65 6e 0d 0a 41 63 63 65 70 74 2d 43 68 61 72 73   en..Accept-Chars
   65 74 3a 20 69 73 6f 2d 38 38 35 39 2d 31 2c 2a   et: iso-8859-1,*
   2c 75 74 66 2d 38 0d 0a 0d 0a                     ,utf-8....
frag hash2: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   ab 97 67 a7 a4 74 eb c4 d4 27 e3 5c 7b 25 9d 10   ..g..t...'.\{%..
frag hash2: result [Len: 16]
   b0 28 a3 1d aa 0a 9e 88 83 68 fb 9a 90 15 20 be   .(.......h.... .

Append the result above to the plaintext application_data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 271]
+  17 03 00 01 0a 69 b3 9d 24 1d 52 98 31 2e 74 f1   .....i..$.R.1.t.
+  53 ce 17 48 51 21 b8 6a 33 57 d7 23 a1 03 d2 10   S..HQ!.j3W.#....
+  74 b7 de 82 fa fa 05 bf 2a 63 8e 24 cf 69 74 0b   t.......*c.$.it.
+  ab 91 c6 1b 53 bf cd e6 86 3a 2c 5b b0 10 b4 45   ....S....:,[...E
+  02 51 88 62 0d 90 e6 46 1e 0b 76 db 7f af 94 cb   .Q.b...F..v.....
+  91 b0 06 90 1a ec a6 43 39 05 90 55 93 0f 57 69   .......C9..U..Wi
+  91 c3 b6 ef 3d 40 49 73 52 f5 a0 d2 15 87 a4 55   ....=@IsR......U
+  b1 a2 b1 33 00 b7 91 b6 3f 29 19 ed b7 b2 4f 9a   ...3....?)....O.
+  2a e1 f2 c4 9f 9d c8 a3 1a 30 55 9a c4 59 08 d1   *........0U..Y..
+  d6 8f 8e 2f 08 49 88 35 27 b0 06 d9 cb 5f 27 a9   .../.I.5'...._'.
+  1e ac ee 89 15 19 22 0d 0d a2 f7 24 b8 30 2e 44   ......"....$.0.D
+  32 8f 8c a9 7e c6 f0 a9 2d df 3d ee 5b b1 c6 80   2...~...-.=.[...
+  40 3a b9 eb 37 91 37 26 db 4c cb a0 84 6f 4e e4   @:..7.7&.L...oN.
+  42 a0 18 8f e0 7e 61 da 74 b6 8e 33 31 ff 38 61   B....~a.t..31.8a
+  07 53 0a 82 66 d8 3b 13 26 87 21 ff c8 7d 41 49   .S..f.;.&.!..}AI
+  3f fd 68 d5 c1 e8 72 ba 5a 90 5c 61 f7 48 b7 6e   ?.h...r.Z.\a.H.n
+  34 74 7f dc 51 0b 86 35 c7 12 e7 e7 60 e1 1b      4t..Q..5....`..

Note that the computed MAC matches the last 16 bytes of the plaintext above. The MAC is verified. The GET request is sent to the HTTP layer above.

Here is the third of the Server's three application data responses.

SecureSend: sending 5 bytes
SendPlainText record type: application_data (23) bytes=5
Send PlainText record [Len: 5]
   45 4f 46 0d 0a                                    EOF..

Compute the MAC on the plaintext application_data message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 03 17 00 05                  ...........
frag hash1: input [Len: 5]
   45 4f 46 0d 0a                                    EOF..
frag hash2: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   ee 61 64 cc be d5 d8 c8 5b 55 c5 7b b6 40 ca 4d   .ad.....[U.{.@.M
frag hash2: result [Len: 16]
   da a3 07 b4 fb 32 34 33 8b 30 2d 1a 60 47 60 13   .....243.0-.`G`.

Append the result above to the plaintext application_data message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 26]
+  17 03 00 00 15 cf 1c fb aa ac af e0 a2 fc e1 f4   ................
+  55 dd d9 47 0c 48 fd 2a 7a 1e                     U..G.H.*z.

Server's Close_Notify Alert Record

This is the end of the server's response. The server sends an close_notify alert, to tell the client it is done.

send alert record, level=1 desc=0
SendPlainText record type: alert      (21) bytes=2
Send PlainText record [Len: 2]
   01 00                                             ..

Compute the MAC on the plaintext close_notify alert message. This is done according to section 7.2.3.1 of the SSL 3.0 spec.

frag hash1: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash1: Pad 1 [Len: 48]
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
   36 36 36 36 36 36 36 36 36 36 36 36 36 36 36 36   6666666666666666
frag hash1: temp [Len: 11]
   00 00 00 00 00 00 00 04 15 00 02                  ...........
frag hash1: input [Len: 2]
   01 00                                             ..
frag hash2: MAC secret [Len: 16]
   69 0c ac 62 85 31 61 10 b1 89 a9 63 81 75 f6 e8   i..b.1a....c.u..
frag hash2: Pad 2 [Len: 48]
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
   5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c   \\\\\\\\\\\\\\\\
frag hash2: hash1 [Len: 16]
   99 fc fe 9e e7 67 42 85 5a dc b8 93 20 86 6d de   .....gB.Z... .m.
frag hash2: result [Len: 16]
   7b 63 62 73 45 14 fc af 15 7c 90 03 01 58 ea 97   {cbsE....|...X..

Append the MAC result above to the plaintext alert message (above), compress (null), and encrypt, and add the record header, producing the following record:

send (encrypted) record data: [Len: 23]
+  15 03 00 00 12 e5 ab 5a 3b 36 78 f7 86 a2 1f 72   .......Z;6x....r
+  ff 94 41 32 e4 73 e9                              ..A2.s.

The server may now close the socket.

closing, rv=0 errno=10035

The server closes the connection, and thus does not recieve the close notify alert from the client.

Please direct all questions, suggestions, and comments concerning these traces to Nelson Bolyard.

All general questions about SSL (that do not directly relate to these trace files) should be discussed on to the newsgroup mozilla.dev.tech.crypto

$Id: trc-srv-us.html,v 1.2 2008/02/25 20:14:03 nelson%bolyard.com Exp $