TLSv1.2抓包解密分析过程之RSA_WITH_AES_128_CBC_SHA

已于 2023-08-22 21:57:34 修改
阅读量3.1k 收藏 6
点赞数 2
分类专栏: 密码学 网络安全 文章标签: 网络安全 TLS
于 2023-08-22 20:24:27 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/ayang1986/article/details/132429318
版权

RSA_WITH_AES_128_CBC_SHA是TLSv1.2中最简单的加密协议了,非常适合用于学习TLSv1.2的握手过程。

RSA_WITH_AES_128_CBC_SHA表示

  • 使用RSA非对称加密进行密钥协商
  • 使用AES128 CBC模式加密
  • Hash算法使用SHA-1

参考文档:rfc5246   rfc5077    rfc7627

1. tomcat配置https环境

参考:https://blog.csdn.net/chenshun123/article/details/53453402

1.1. 服务端证书私钥(server.pem)

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEArEiwSBhoemQlW8kk7J15YPbdmqsxXjxB3hnSNxMCg8jZ8wrG
5ZA//lEpq/v6ow0Mt4q1p4hUNQqwbGozAPGW7kipBuCC9guhfCmoiXed0N7YyM1Y
su/JQ3feF9IL6O+homuyjW9L708ij+nofDndFJIsxzF8KXd9svgN9IhAYTQRBRF9
vsBqir9mYwnNGAgykaDMk/QULMNL+3JzqRvxQpvDpiKvtNg/Y9AcOY27o3BnR+zP
U992ciS+DRHuDx9UUlNbzNgyi96QDs7jnk9mJjOFKY7KYfSJvXrU1MFV/A5f35fY
UNSGDQyGXAESo/qvqJDcdH4e7TutOyB+LAf52QIDAQABAoIBABFqc6+GECG3N/OU
XNAyhw+fRP2aqq3tB3eNQqvglxN9XVLtVvfj4iQyTjUdjtOmwQ9YzU43QNPv1a/P
+IHy6iACZlvUnEiFGnjzuR7UYba4oE+EOqA0DzNrzZ641A1jFALYQj977cAuTr8f
lSnhq5ClyjMEtJl4g9NwsfBzSZbJwxcodWPfjUhoIBNWyuFyI1/1bpt8rJrjaqBz
N0/ygvwuok7sr2wYZYBzlbqblIk6v6u3hgjTaY6y87sps2HsoRPCbjnKZcH202K4
+Jq4xJaT3zJA0LBIK0bZr6EqJCo+rjqVF+dPBqq7Va0f/bqtVoYS2BxamuSANd9q
QdsLiwECgYEA376m//zoxMty6AO8xYQftzJzHZq2RcE4QdwkQ/H8lAZ12S9HpjIO
vAKAglmVSBOEc60OugQIKW5t5q1LagkjJjhCEPiI37cdkEGEwzIDMuxnJyoYK2uJ
cORrKgWMcD+2Ld1BkbotCgw1UoWIN4SDBm5fz7MJvypm9AM0j5iv+6ECgYEAxR7d
UAgOZXzvgOeYN61fRdl8fYP+AXGb5+4BQqSyg4B7I90tt3HegthSzSUMsaqcqb43
jEaMvx5bcADuuG+NoG1SBHRgpwRWc3kxHOsksk3pqoq6F12ipFfOiaknUk2uYuFm
6VS8Cuiwi5Mr40Ad7X2vIUREXy1mdwBZn+2sEzkCgYAyT/vbmnJ5Nkqbc6OyQpij
KFwMbyrHmsBcxvT8tmCWpLFBaklRTPZVPrbJGP3hnEnvfR3PpHJ1ZpieA5/usylN
Qd9RU6HrtJCYTLNe9VMU02YKv4N52A+q7CJQ67h90UXVIGjLLTNNjBs9eDt+SHTy
MEWpPdhWPWGzQzlBhRMloQKBgCwjnCT2mNqq3ip8MX6OKN5IM/MbIj6KhQGrLscQ
gBSoKWq/dSQ1sECWVfwvxqbl8EymFmQnzA5jqs/qtYnBGPKKaCotMRNVClKzGYdD
NCVlAuS4SbE/u1KXgt0abn6kfF8R3+xxl+XNcvLeEp7BVbI/SX7mfXTegqo0/tyr
6LMpAoGBAKdX/djhWnKtCA6OATjP9iEIYBkMKaCaBiP6VdtrdsTNPzTbvLHOIkxs
ObYs3KM5QZ6fAlMzul9Xr7VdOhREzKsBG+uJEf8x6PTlvsyKoJ+ahwN57gMIr92M
Y2b+7Nh2WaHxDaKPRvoIA7SBmuK0upO1uv1xa0CssOjkCT0Lnc3F
-----END RSA PRIVATE KEY-----

1.2. 客户端证书私钥(client.pem)

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA68ETjrJUHyKHKd5g1jORu/DnNQ1F4Qahb2+4o3nE//xrDnKs
8wc3auF9Hsdi6dQD+3AxCUqajBp3S3Hj82BqcdfO3R2Q409xRzme+0PqBCLTSQOZ
/I8V1+EZJ8vf+q08pLFLoS1JULs+Gq9bZjn3/zrbUsWGQDHjOc5aLiyp4ZJyOhM5
2GwtS4yLgnT5v066SWI4VfyWErgWP/sRYRN0Xod2WA9m0rqpRVJGEZzAYMDD+tQy
VGtAoMo+W2SSvvf09wA35ORi8zDjiUv7oE6HFnjM2cBkqFEJo21wzpAKtb85TGKG
GBMTG1mY8pyofTAKQJVKYVN0+Dpy+f4s5VrAuQIDAQABAoIBAHtu3peCxMp8YHpK
ZTchTvcwvU0oguK7fwCCZRCqa7t/ZGnvHqArshcysjjQOfilOeSGrBXqSpp6LOWC
XtAJNhIe5L8egMKS0INzJsr1luvNdAQxb4ktPUmHII2Wj9GGrE6qSSe9NzqenniI
QXl3dmHaZgSjSJQJyqd0ZADy/4sLCaSu5mvAu0G4V9sSDJBgEm2EVKEsH+RQmNeZ
M10jzx/44N16AGMOkKW6/yYas32VZay3wu57zllWtErwF9fDaqCt4yZ5lr0NARgy
mxnK1Z78J/8bTnVcae5DUdc3X1/wamL5KWpF/OEXEv0tmuUkmSOVJqSGuzgUvjeT
BgHzZRECgYEA9lB0u6f/u2QkIcSWx8WpUAW5ZFBNSsuT9PpORjgmTecep9f7PsVI
dvSDNC6A3vLsjE+OIIXH1xRf4wid6kPXYfQm102visY7Mafi+ykTW64Btv9Wcnzt
RqtmOB+LclQW5rxnYFdM5CrVdZSyKSAR4y1qft88vsxrWnyV5TzcUAUCgYEA9QZR
BRqm7fUjeqUEWDsKyv7nOKBa3jLhsOWvVoYUagKTCRvxG2I+vfpyNQLx6NfFrLCR
THgUtlF9fwpfzHcS+ldtdYmlD0aarEDsthgfSw7NxY8Q0N4F29KtjNYxUWICfY5C
z/V3XfirzH4D3QrjsDG7SuzGPBAR/ICXXiFNcCUCgYAzxKkkH6UB74QgjL7b8dEp
/mn+iVoVVEAehtUYsQhr6x1oTV6CzNf0GGPS/cscEJZizv2iHDvqGmAkyVTXPbbw
4W2gZrV0R0F9qDlubC2jYSj/Gx9CJLuB1NhBB3A5cS73A7X+a5q/gbknYz8moZTg
2FS/oY+U0kXl2LVwXqA3OQKBgDotosUse+BaaW8wiWSNuFVUywAGCy1hNXd0Qfqw
YV5+d/0ctlYDMNSZB88QgPIBcb08O3PFu11C4iJtCywYRdhNM/9JjHihEg6+Z7Yg
6iU/QZqcCqkdXpTAZFbhcNpbBC5dvf100j/s0JYAgdhVQpTOaiMzLyqJwkuLGOXP
0HxFAoGAeYlJHLvvxo2Cl9uwUcJZImLRxZQezbzhw5nqcudtXiKOsCPI84LdNWPo
12/v73XhMHxyefb5GBRkrCIPmWOVNdgxev0h4Qq1BCPq11zISrx3PObqGJ+C5qjf
xO6oDoU3lvJ6f1/yepfMWgwoC0UwxJisy6QH+w4Umi8B0RLw570=
-----END RSA PRIVATE KEY-----

1.3. tomcat配置

tomcat版本为 v8.5.63,server.xml如下配置,启用了双向认证

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true"
               scheme="https"
               secure="true"
               clientAuth="true"
               sslProtocol="TLS"
               sslEnabledProtocols="TLSv1.2"
               useServerCipherSuitesOrder="true"     
               ciphers="TLS_RSA_WITH_AES_128_CBC_SHA"
               keystoreFile="D:/Tomcat/jks/server.keystore"
               keystorePass="123456"
               truststoreFile="D:/Tomcat/jks/server.keystore"
               truststorePass="123456">
    </Connector>

把 port 以及 store file路径和密码 修改为实际配置

2. 握手流程

使用chrome浏览器访问:

https://192.168.0.252:8443/webks/webks/ClientSrv

抓包如下:

握手流程如下:

2.1. ClientHello

client ----> server

Handshake数据:

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

客户端生成的随机数为:

3defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b386

注意:client_hello 数据中包含了extended_master_secret 扩展,这会影响后续master_secret数据的计算

2.2. ServerHello

server ----> client

Handshake数据:

02000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff010001000023000000170000

服务端生成的随机数为:

10300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d

2.3. Certificate (server)

server ----> client

Handshake数据:

0b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da242

2.4. CertificateRequest

server ----> client 

Handshake数据:

0d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d

2.5. ServerHelloDone

server ----> client

Handshake数据:

0e000000

2.6. Certificate (client)

client ----> server

Handshake数据:

0b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a1954

2.7. ClientKeyExchange

client ----> server

Handshake数据:

1000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

解析获取Encrypted Premaster数据:

9497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

使用服务端证书私钥解密:

0002b3e432450f55c8c4b6fe23099f6966f17783b54f5f2fcdc25df8ba24e76f5319eb6559f9995aaadc9ce9962b9c9e3c215db3906d6a374819ed2da13b9deb2ba1a1a5f6a363b704b2cf9a7e28e6b4c178651393569d4b229d27e67b7bce7b0afa9e040b8ead36edffbcc81bd0853a528e27fbc5c1d2b778bda6687c9b3512b4ec724fac2a3fc2ed51ba101fb98935c846c9ace5af1a073310306b37fa66d671874b939cd9760dcd0d6eab629c909183284de31285cadfab7e78e5af2b90b07020ac5e449d48581532d0126c659100030306de06b93c702efe62e8b7374c7012b2e98eeae027a8f56af5e7dff0047863277b4b87f73adb8f98f8e3a3ce1641

pre_master_secret 数据:

struct {
          ProtocolVersion client_version;
          opaque random[46];
} PreMasterSecret;

030306de06b93c702efe62e8b7374c7012b2e98eeae027a8f56af5e7dff0047863277b4b87f73adb8f98f8e3a3ce1641

2.7.1 计算 Master Secret

rfc5246 第8.1节 定义的计算规则为:

master_secret = PRF(pre_master_secret, "master secret",ClientHello.random + ServerHello.random)

但是此处握手因为 client_hello 消息带有 extended_master_secret 扩展,根据rfc7627 第4节 定义的计算规则为:

master_secret = PRF(pre_master_secret, "extended master secret", session_hash)

其中,session_hash的计算规则在rfc7627 第3节 定义:

session_hash = Hash(handshake_messages)

handshake_message为 2.1 至 2.7 的Handshake数据拼接数据:

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

Hash使用SHA-256,对上述handshake_message数据运算可得 session_hash 数据:

82d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

使用 PRF 计算可得 master_secret 数据:

7bb571f36c38efba3eb95f5871391830116985671f8cb10de01c71c74319c49f9d2baaf1071490a19999ea56bf1e03dc

2.7.2 计算密钥

密钥包括 :

两端的HMAC_SHA1的key

client_write_MAC_key[20]
server_write_MAC_key[20]

两端的AES加密密钥
client_write_key[16]
server_write_key[16]

长度共计为 72 字节。

根据 rfc5246 第6.3节 定义,密钥数据计算公式为:

key_block = PRF(SecurityParameters.master_secret, "key expansion",
                      SecurityParameters.server_random + SecurityParameters.client_random);

master_secret 数据:

7bb571f36c38efba3eb95f5871391830116985671f8cb10de01c71c74319c49f9d2baaf1071490a19999ea56bf1e03dc

server_random 数据:

10300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d

client_random 数据:

3defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b386

使用 PRF 计算可得 key_blob 数据:

0d19a4197332db8266200724604c063d8cf116ff958513064070ba5137176bb621b27b80cc4c26e060381c0e233f4e1896bf61147da34652b824d8d1b789ddc05a94a4debb81d40f

client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff

server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0

client_write_key[16]:60381c0e233f4e1896bf61147da34652

server_write_key[16]:b824d8d1b789ddc05a94a4debb81d40f

至此两端均可计算出密钥数据了

2.8. CertificateVerify

client ----> server

Handshake数据:

0f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f 

提取签名数据:

15e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f

使用客户端证书私钥解密:

0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003031300d06096086480165030402010500042082d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

提取 hash 数据:

82d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

与 2.7.1 节计算的 session_hash 数据一致,验签通过(参考 rfc5246 第7.4.8节)

2.9. ChangeCipherSpec (client)

client ----> server

 2.10. Finished (client)

client ----> server

这是一个TLSCiphertext结构(参考 rfc2546 附录A.1节),

提取 Encrypted Handshake Message 数据:

977c701d3c6f0ae4d284751816a7ab73b40e90b26d209e2d9128031874b8311fdf8f50edfef9db071c12ab4fbc41e931268ce046c53f4ab4670988e481fbc335

前16个字节为AES-CBC解密模式的IV数据:

977c701d3c6f0ae4d284751816a7ab73

之后为密文数据:

b40e90b26d209e2d9128031874b8311fdf8f50edfef9db071c12ab4fbc41e931268ce046c53f4ab4670988e481fbc335

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为AES-CBC解密模式密钥进行解密获取原始数据:

1400000c83c23dd8f9220c593a2673492ec78d22bfea15e8f20cdade865c49d7424828e30b0b0b0b0b0b0b0b0b0b0b0b

去填充后获取Handshake及MAC数据:

1400000c83c23dd8f9220c593a2673492ec78d22bfea15e8f20cdade865c49d7424828e3

这是一个 GenericStreamCipher 结构(参考 rfc2546 附录A.1节),content 为Handshake结构(参考 rfc2546 第7.4节),解析如下:

偏移长度数据说明
0x00114HandshakeType.finished
0x01300000clength
0x041283c23dd8f9220c593a267349Finished.verify_data
0x10202ec78d22bfea15e8f20cdade865c49d7424828e3MAC

2.10.1 计算 verify_data

根据 rfc5246 第7.4.9节 定义,verify_data 的计算规则为:

verify_data = PRF(master_secret, finished_label, Hash(handshake_messages))

handshake_message为 2.1 至 2.8 的Handshake数据拼接数据(不包括ChangeCipherSpec):

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb38910f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f

使用SHA-256对 handshake_message 运算:

397d4f853bf33a533370ab3f60b13b1bfb0cd20761bde164658a402280e5dc1a

finished_label为:“client finished”;master_secret 为2.7.1节计算结果;

使用 PRF 计算可得 verify_data 数据:

83c23dd8f9220c593a267349

与表格中所列 Finished.verify_data 数据一致,校验通过。

2.10.2 计算 MAC

根据 rfc5246 第6.2.3.1节 定义,MAC的计算规则为:

MAC(MAC_write_key, seq_num +
                            TLSCompressed.type +
                            TLSCompressed.version +
                            TLSCompressed.length +
                            TLSCompressed.fragment);

seq_num 初始值为0000000000000000,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Handshake = 0x16,1个字节;

version = 0x0303,2个字节;

length = 0x0010,2个字节,表示Finished消息体的长度;

fragment = 1400000c83c23dd8f9220c593a267349,16个字节

则进行MAC运算的原始数据为:

000000000000000016030300101400000c83c23dd8f9220c593a267349

使用2.7.2节计算的 client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

2ec78d22bfea15e8f20cdade865c49d7424828e3

与表格中所列 MAC 数据一致,校验通过。

 2.11. NewSessionTicket

server ----> client

参考 rfc5077 第3.3节 定义

Handshake数据:

04000426000151800420c0e58b07b19ba9b6bda00376f24d0a6f8cfdb9de8cb2f307938fc9c36f4b5eb683fe89d57786887a8474ce03f5e30c3d7854a1be76cec2474a5b6bb8ec683fb07b60f6b13e35a510a5cb3e392644a33026b3b06b96cccbc8dbf020458c776e743a5c4f78328fbdf64e0141c5a0ca85938b28993ebbffff9826cf824e0ef2cc04be6f9df409ad0618bcb902ac4395a5b05b4a731093b4a05994b4eba5643fed5b40077edf333bb61cbc6ae2a2e7bfff6a2c85813c7078c8703c11c33896c7dad6fdb11858057896fb8b8536204a5b8e9414335758ac545476827f53e10c681463b5d972de7a63fd0d2a76980daa390f1bfddfa931b7fc8301bb8321047ea3c027a2cadd50e6c960126e340538e72de3814f794c305f3215ba29ca62a12f7ce15d8b823873d055e147937f6b80051b9c6fe16088c0c0f901939fc0fb1f544d7b8bac6f6e5f9971f0b3402249e11663bd44fa57121ba3823b496983c5228ce382cc147d031c65ccb596c80644d113506be5bc55dfce23d3a5852b354dd1ca35a586e0e4d1c0a940352366b72952334cbee1334488cc9dbfede451ac292cb8314ddcec35ca3905bf687a9cc3ec813693387dd5abdc3052cd0982231011bb510c007bcb4de0883ea944655cbb698bf8c440d3c149b2d08c96073ec481f0d3995a0ecca0e5281b0de5bec3d0774641512aa228882ee872f3de74309bbb007d50a14d0a27249af675c9e9435e6252f737ecec7a63f3538b40105a64601f7f4a56f39b031debc992b741e12c05718717e0accc555c60b97f31880d6700ee489fd89c54321130caff9c3bd51c3432f11286cbadddf84efd3124ec4115ea70623fa918a608056e424b37901f5c44307dc9e0c9f17558dfc5aa2b15c0f26e372d3c8a8fdd6c0d28d37ab1396bf4c246588c66cef9bbfe01f2ac36f8de7509b13181f1205d75c6a20d6e6e84d7694cd407fcc38db1da873291613dd357ea4e8bfcabc6239812bd1952a0dccf67c68ec9efcb22a60a2af69b7932c70dc7e5b1e89e7f48a4da03e9adb360c7a78e13bcf0002023f0355f5a3dd05c4902a7fdd6fcb42197a1a118968befbc4925137bb3aa5f97a234a95afa0b066d681af36ca023a4b97892117e3002fe3a64610b63fa15ac2045c1438ae784f82b5e708fa23f41d2c5224bbdd4a0cbd2b588bc2473efca06ce5cc174612b4a14b8f309adfaceba3b6467f63a1b8d3fc35c8b085ed189d3ff7f79c66102ecd1e34dcd35ecd4fbb4b5b1b45e1bb24b6bf4e97189ce7019462851c55d8bae1679b0d1532d983d58f3cc3311e56816cbef7141b87febd792e10bb6c4ae649ceb0f87194be1e62a648b483abe89252c32bb46594f3acce08c6fee727ac0e62e7a1f2d970a78452c08776d203adfdb0eecefbfa096d9bdad8df8e0912a2768ce37a24a98231e64668c25de5785d7263cc913423bdbd1fbdf00ec3933ab4ad8b2298ff5bb5e1524e38a5710b88b157a68

2.12. ChangeCipherSpec (server)

server ----> client

2.13. Finished (server)

server ----> client

参考2.10节数据处理方法,

提取 Encrypted Handshake Message 数据:

19815312fc7c55bd42d5990938a4b36d556535c3e3bd2e79a48cb6d16a02869c10dcc6b86072aed08222b959a35e76e3796a94c7e35d2ccad6f73077bb10d9bc

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为AES-CBC解密模式密钥进行解密获取Handshake及MAC数据:

1400000cf3bd666f0519f59dd62935224643eccf7fb0d847e83af62d58693b7f6e4e8b4c

偏移长度  数据说明
0x00114HandshakeType.finished
0x01300000clength
0x0412f3bd666f0519f59dd6293522Finished.verify_data
0x1020  4643eccf7fb0d847e83af62d58693b7f6e4e8b4cMAC

2.13.1 计算 verify_data

handshake_message为 2.1 至 2.11 的Handshake数据拼接数据(不包括ChangeCipherSpec):

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb38910f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f1400000c83c23dd8f9220c593a26734904000426000151800420c0e58b07b19ba9b6bda00376f24d0a6f8cfdb9de8cb2f307938fc9c36f4b5eb683fe89d57786887a8474ce03f5e30c3d7854a1be76cec2474a5b6bb8ec683fb07b60f6b13e35a510a5cb3e392644a33026b3b06b96cccbc8dbf020458c776e743a5c4f78328fbdf64e0141c5a0ca85938b28993ebbffff9826cf824e0ef2cc04be6f9df409ad0618bcb902ac4395a5b05b4a731093b4a05994b4eba5643fed5b40077edf333bb61cbc6ae2a2e7bfff6a2c85813c7078c8703c11c33896c7dad6fdb11858057896fb8b8536204a5b8e9414335758ac545476827f53e10c681463b5d972de7a63fd0d2a76980daa390f1bfddfa931b7fc8301bb8321047ea3c027a2cadd50e6c960126e340538e72de3814f794c305f3215ba29ca62a12f7ce15d8b823873d055e147937f6b80051b9c6fe16088c0c0f901939fc0fb1f544d7b8bac6f6e5f9971f0b3402249e11663bd44fa57121ba3823b496983c5228ce382cc147d031c65ccb596c80644d113506be5bc55dfce23d3a5852b354dd1ca35a586e0e4d1c0a940352366b72952334cbee1334488cc9dbfede451ac292cb8314ddcec35ca3905bf687a9cc3ec813693387dd5abdc3052cd0982231011bb510c007bcb4de0883ea944655cbb698bf8c440d3c149b2d08c96073ec481f0d3995a0ecca0e5281b0de5bec3d0774641512aa228882ee872f3de74309bbb007d50a14d0a27249af675c9e9435e6252f737ecec7a63f3538b40105a64601f7f4a56f39b031debc992b741e12c05718717e0accc555c60b97f31880d6700ee489fd89c54321130caff9c3bd51c3432f11286cbadddf84efd3124ec4115ea70623fa918a608056e424b37901f5c44307dc9e0c9f17558dfc5aa2b15c0f26e372d3c8a8fdd6c0d28d37ab1396bf4c246588c66cef9bbfe01f2ac36f8de7509b13181f1205d75c6a20d6e6e84d7694cd407fcc38db1da873291613dd357ea4e8bfcabc6239812bd1952a0dccf67c68ec9efcb22a60a2af69b7932c70dc7e5b1e89e7f48a4da03e9adb360c7a78e13bcf0002023f0355f5a3dd05c4902a7fdd6fcb42197a1a118968befbc4925137bb3aa5f97a234a95afa0b066d681af36ca023a4b97892117e3002fe3a64610b63fa15ac2045c1438ae784f82b5e708fa23f41d2c5224bbdd4a0cbd2b588bc2473efca06ce5cc174612b4a14b8f309adfaceba3b6467f63a1b8d3fc35c8b085ed189d3ff7f79c66102ecd1e34dcd35ecd4fbb4b5b1b45e1bb24b6bf4e97189ce7019462851c55d8bae1679b0d1532d983d58f3cc3311e56816cbef7141b87febd792e10bb6c4ae649ceb0f87194be1e62a648b483abe89252c32bb46594f3acce08c6fee727ac0e62e7a1f2d970a78452c08776d203adfdb0eecefbfa096d9bdad8df8e0912a2768ce37a24a98231e64668c25de5785d7263cc913423bdbd1fbdf00ec3933ab4ad8b2298ff5bb5e1524e38a5710b88b157a68

(2.10节的Handshake数据为明文数据:1400000c83c23dd8f9220c593a267349)

使用SHA-256对 handshake_message 运算:

3ae4a1aae4ec42dd84b9e6edf2812bb5c7fa0667a48b10bccd6af0423e138260

finished_label为:“server finished”;master_secret 为2.7.1节计算结果;

使用 PRF 计算可得 verify_data 数据:

f3bd666f0519f59dd6293522

与表格中所列 Finished.verify_data 数据一致,校验通过。

2.13.2 计算 MAC

seq_num 初始值为0000000000000000,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Handshake = 0x16,1个字节;

version = 0x0303,2个字节;

length = 0x0010,2个字节,表示Finished消息体的长度;

fragment = 1400000cf3bd666f0519f59dd6293522,16个字节

则进行MAC运算的原始数据为:

000000000000000016030300101400000cf3bd666f0519f59dd6293522

使用2.7.2节计算的 server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

4643eccf7fb0d847e83af62d58693b7f6e4e8b4c

与表格中所列 MAC 数据一致,校验通过。

3. 数据保护

从ChangeCipherSpec之后的网络交互数据都已经是加密的数据了(2.10节和2.13节的Finished数据即为加密数据),使用的是TLSCiphertext结构(参考 rfc5246 第6.2.3节)

3.1 客户端请求数据

 提取密文数据:

38baa62e9854384bcf779481425ad34d2967c1da990234072125bda8b07de9e28205a6d7236c7b5a79ad0284e89383933f2612d2a26eee388e0fb1c53f9fbbc22ae35a523a84a707dcc549b442d51b57ff7505176a1ed4bf556db86a74c7f4534a8511d23e9d358affba368c22b4ab84e7a4fd16738115607a44a04284d7edbedccaf07c384437655d5790cfbe0197cac44012379c05e941a65bcb976834a89005f76b8bb6447894b373421722171e763edfeec38e75cacc26de687888970f3f794983420a0fef1765eef1ac8daea977032a9d34dae1ccb2edd3c5fa091c82be684afd5fe8b3908c3e9dd7a6a0afa80a924dc9b59837853c20e51ca8c974dc330a472525a429b7a6a35d17a82064a7310c35cbe76c9b8864007547bf3a7d85f976c7d716630ebb1a1b82e80483a21a509b0644c2d7490f54104aa5063b59438f94bfd18abd8b803086f06fecaa022b76f580679dd459b3574acb92a5c14d846233ade08bab4cf3b77086d7c050674d119519a0b0acde2cafc299b086029f90bc8fdab79499abfe228b9406d470473847a7328530a49c24af7f8d67d7af710e38d63e06902d0a5d543ab4ac8010328941a71f218964c93708bc6573bd5b6db9e3371af47eccf00b516d8d3f95ffb21ff8f16d3bddebc9e16f868b83fe002bdbaebf2f3f9e373878f69648b52a93faa9433ae15ad842c34196fdd24a4bd0e8ff8aed355cdb450dc7bdcad09cdc8c8bfeea7368c68cb985ae720414264c21a03eeba50456d57bd95cb902224bfc5210921ebc0d4d0b5d328c7011aa8156dae7e49309de0366cf2d87b16aa3efa63df9f71b9d99537f4c6f29ef8853a0884b4bc467a3ffa173d4a7ee4a0bcc827f0cf8593e

提取前16个字节作为IV:

38baa62e9854384bcf779481425ad34d

之后为密文数据:

2967c1da990234072125bda8b07de9e28205a6d7236c7b5a79ad0284e89383933f2612d2a26eee388e0fb1c53f9fbbc22ae35a523a84a707dcc549b442d51b57ff7505176a1ed4bf556db86a74c7f4534a8511d23e9d358affba368c22b4ab84e7a4fd16738115607a44a04284d7edbedccaf07c384437655d5790cfbe0197cac44012379c05e941a65bcb976834a89005f76b8bb6447894b373421722171e763edfeec38e75cacc26de687888970f3f794983420a0fef1765eef1ac8daea977032a9d34dae1ccb2edd3c5fa091c82be684afd5fe8b3908c3e9dd7a6a0afa80a924dc9b59837853c20e51ca8c974dc330a472525a429b7a6a35d17a82064a7310c35cbe76c9b8864007547bf3a7d85f976c7d716630ebb1a1b82e80483a21a509b0644c2d7490f54104aa5063b59438f94bfd18abd8b803086f06fecaa022b76f580679dd459b3574acb92a5c14d846233ade08bab4cf3b77086d7c050674d119519a0b0acde2cafc299b086029f90bc8fdab79499abfe228b9406d470473847a7328530a49c24af7f8d67d7af710e38d63e06902d0a5d543ab4ac8010328941a71f218964c93708bc6573bd5b6db9e3371af47eccf00b516d8d3f95ffb21ff8f16d3bddebc9e16f868b83fe002bdbaebf2f3f9e373878f69648b52a93faa9433ae15ad842c34196fdd24a4bd0e8ff8aed355cdb450dc7bdcad09cdc8c8bfeea7368c68cb985ae720414264c21a03eeba50456d57bd95cb902224bfc5210921ebc0d4d0b5d328c7011aa8156dae7e49309de0366cf2d87b16aa3efa63df9f71b9d99537f4c6f29ef8853a0884b4bc467a3ffa173d4a7ee4a0bcc827f0cf8593e

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为密钥进行解密获取明文数据(去填充):

474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0ae44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

其中最后20个字节为MAC:

e44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

其余为客户端请求数据,转为UTF-8编码:

GET /webks/webks/ClientSrv HTTP/1.1
Host: 192.168.0.252:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9

3.1.1 计算MAC

seq_num 为0000000000000001,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Application Data = 0x17,1个字节;

version = 0x0303,2个字节;

length = 0x0246,2个字节,表示客户端请求数据的长度;

fragment = 474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0a,582个字节

则进行MAC运算的原始数据为:

00000000000000011703030246474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0a

使用2.7.2节计算的 client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

e44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

3.2 服务端返回数据

 提取密文数据:

8926bcd7a79659d2d6822ece0b66ee590cfd96f0863f5b74f6456cdbd2cce4db878c73785f1edb412e0ecb97d54fce74300c6a673af621b3c849ede3013de046e80c99c7594b34b5033dee5a077fdac3d9c0bf602f284e09cce080527e75379360efef954bbe94c62440c5cf80158d49c340cec0fcfb5d016c7bdeed2ee3161e537f5935770ac787dba20a41620d400e2e0291decd09d28d31d145760aaf25d07aef1ceeab764534eb703ddf0242decfec59536fe86cb19b0d67c3938587900842608dbff5bb5d9d471cc4e85fa0d2a5

提取前16个字节作为IV:

8926bcd7a79659d2d6822ece0b66ee59

之后为密文数据:

0cfd96f0863f5b74f6456cdbd2cce4db878c73785f1edb412e0ecb97d54fce74300c6a673af621b3c849ede3013de046e80c99c7594b34b5033dee5a077fdac3d9c0bf602f284e09cce080527e75379360efef954bbe94c62440c5cf80158d49c340cec0fcfb5d016c7bdeed2ee3161e537f5935770ac787dba20a41620d400e2e0291decd09d28d31d145760aaf25d07aef1ceeab764534eb703ddf0242decfec59536fe86cb19b0d67c3938587900842608dbff5bb5d9d471cc4e85fa0d2a5

使用2.7.2节计算的 server_write_key[16]:b824d8d1b789ddc05a94a4debb81d40f作为密钥进行解密获取明文数据(去填充):

485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464dcb3c3f98a2c7645b3be4ece10648040f70d42dc

其中最后20个字节为MAC:

dcb3c3f98a2c7645b3be4ece10648040f70d42dc

其余为客户端请求数据,转为UTF-8编码:

HTTP/1.1 200 
Content-Type: text/html;charset=UTF-8
Content-Length: 6
Date: Mon, 21 Aug 2023 11:26:10 GMT
Keep-Alive: timeout=60
Connection: keep-alive

dddddd

3.2.1 计算MAC

seq_num 为0000000000000001,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Application Data = 0x17,1个字节;

version = 0x0303,2个字节;

length = 0x00A6,2个字节,表示客户端请求数据的长度;

fragment = 485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464,166个字节

则进行MAC运算的原始数据为:

000000000000000117030300A6485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464

使用2.7.2节计算的 server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

dcb3c3f98a2c7645b3be4ece10648040f70d42dc

4. 使用wireshark解密数据

wireshark解密TLS加密数据有两种方法,用RSA私钥解密和使用密钥日志文件。针对本文内容,可以通过设置RSA私钥进行解密。

编辑 -> 首选项 -> Protocols -> TLS

 点击【Edit...】按钮

如上图所示添加 RSA私钥文件,点击【OK】按钮回主界面后效果如下:

参考文档

Tomcat 配置Https 详解_小柴的生活观的博客-CSDN博客

TLSv1.2抓包解密分析过程之RSA_WITH_AES_128_CBC_SHA256_tls_rsa_with_aes_wzj_whut的博客-CSDN博客

HTTPS流量抓包分析解密(TLS1.2)_https流量解析_Mmmidsummer的博客-CSDN博客

Oo璀璨星海oO
关注
  • 2
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 2
    评论
专栏目录
HTTPS的SSL证书在服务端TLS协议中启用TLS1.2的小工具,推荐配置:TLSv1 TLSv1.1 TLSv1.2
01-15
在Windows系统中配置HTTPS的SSL证书在服务端TLS协议中启用TLS1.2,推荐配置:TLSv1 TLSv1.1 TLSv1.2,用于微信小程序报错。
Wireshark解密TLS
02-08
Wireshark解密TLS
TLS1.2抓包解析
最新发布
weixin_43894455的博客
02-26 1016
RSA 密钥协商算法「不支持」前向保密,ECDHE 密钥协商算法「支持」前向保密;使用了 RSA 密钥协商算法,TLS 完成四次握手后,才能进行应用数据传输,而对于 ECDHE 算法,客户端可以不用等服务端的最后一次 TLS 握手,就可以提前发出加密的 HTTP 数据(其实是之前发送的数据的摘要),节省了一个消息的往返时间;使用 ECDHE, 在 TLS 第 2 次握手中,会出现服务器端发出的「Server Key Exchange」消息,而 RSA 握手过程没有该消息。
vc6_tls1.2Demo with openssl
09-06
vc6下编写的tls1.2Demo(也包含ssl的参考),支持vc6及以上版本.... 依赖库:openssl1.0.2e 可自行参考或跟进需求修改. 标签:tls tls1.2 tlsdemo vc6tls ssl
apache2.2.25_OpenSSL1.0.1u.zip(win32版本)
08-10
我在win10下对Apache 2.2.25 源码增加了OpenSSL1.0.1.u的模块并重新编译,从而解决了原始的Apache 2.2.25 不支持 TLSv1.2 的问题。该版本在Windows Server 2008 R2 下可以正常运行。
SSLHandshakeException异常依赖jar包[local_policy][US_export_policy].zip
07-09
网上查了下,大部分说法有几种: 1、JDK版本问题,升级到1.8就好了。 2、在网络请求前加:System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,SSLv3"); 3、修改JVM参数:-Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1.0,SSLv3,SSLv2Hello 4、旧版本jdk中,jce安全机制的bug,要去oracle官网下载对应的jce包替换jdk中的jce包, 安装路径:%JAVA_HOME%\jre\lib\security。 JDK7:http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html JDK8:http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html 注意:下载需要注册Oracle帐号,网站打开慢不说,注册至少要填写20个左右的必填字段,我特么当时就心态崩了啊卧槽,不过我还是下载下来了,分享给大家。
Wireshark分析TLSv1.2)
qq_32076957的博客
03-19 8767
WiresharkTLS
wirshark解密TLS数据包
qq_41167620的博客
01-24 1143
【原因】不支持下列加密套件解密,为对称加密,仅支持RSA的非对称加密数据,进行解密。4、单击TLS1.2协议报文,右键选择协议首选项,添加服务器私钥。3、通过wireshark抓包,抓到完整报文。5、可以看到解密之后的,HTTP报文。导入服务器私钥,解密TLS报文失败。2、客户端浏览器访问服务器地址。
解密TLS协议全记录之利用wireshark解密
热门推荐
walleva96的博客
07-17 3万+
引言 为什么会突然有使用wireshark学习TLS的想法,主要是为了在nike官网抢限量球鞋,但是发现路子好像走歪了,唯一的价值好像就是多了这么一篇博客,查阅了很多有根据,没根据的博客内容,总结出这篇自以为还算全面,结实的文章。如有问题,欢迎讨论交流。 学习网络协议之前,必须先找对最基本的协议学习网站, rfc协议官网 https://www.rfc-editor.org ietf协议官网 https://www.ietf.org/ 这个网站我经常搜索不出比较理想的文件,标题不直观,杂七杂八的会议记录
HTTPS流量抓包分析解密(TLS1.2)
Mmmidsummer的博客
06-07 3549
抓取https流量包,分析解密数据
TLSv1.2抓包解密分析过程RSA_WITH_AES_128_CBC_SHA256
wzj_whut的专栏
01-24 1万+
RSA_WITH_AES_128_CBC_SHA256最tls 1.2中最简单的加密协议. 大公司都不再使用了. 但是这个协议非常好分析, 非常适合用于学习tls 1.2的加密. 数据采集过程 生成自签名证书 https://blog.csdn.net/wzj_whut/article/details/85715347 导出私钥和公钥的RSA参数 https://blog.csdn.net...
SharpTLSScan:扫描服务器以获取受支持的SSL和TLS版本以及密码套件。 同时检查服务器的证书。 支持SSLv2-TLSv1.2
04-29
夏普TLS扫描 该应用程序扫描服务器以查看其支持的SSL和TLS版本以及哪些密码套件。 它与名为sslscan( )和sslscan-win( )的程序非常相似。已在5年内进行了更新,因此不支持TLS 1.1或1.2,这就是我编写此工具的原因。 您可以在此处下载源代码,也可以从我的博客获取可执行文件 更新到v1.3。 由于Poodle,将所有SSLv3更改为YELLOW。 删除了“正在使用...”文本,因为该文本与stdout混淆,并且如果您要以自动化方式使用此程序,则其他程序将更难以解析该程序的输出。 添加了NoSchannel参数,该参数绕过证书和SChannel内容,直接进入密码扫描。
https wireshark抓包——要解密出原始数据光有ssl 证书还不行,还要有浏览器内的pre-master-secret(内存里)...
djph26741的博客
09-03 787
基于wireshark抓包分析 首先使用wireshark并且打开浏览器,打开百度(百度使用的是HTTPS加密),随意输入关键词浏览。 我这里将抓到的包进行过滤。过滤规则如下 ip.addr == 115.239.210.27 && ssl 1 下面用图来描述一下上面抓包所看到的流程。 1. Client Hello 打开抓包的详细,如下...
网络安全系列-二十三: HTTPS的加密过程及如何使用wireshark解密TLS报文
penriver的博客
05-01 5638
https: 全称是Hyper Text Transfer Protocol over SecureSocket Layer,是以安全为目标的 HTTP 通道,在HTTP的基础上通过传输加密和身份认证保证了传输过程的安全性。 本文针对https的交互过程进行详解,并讲解如何使用wireshark实时解密TLS报文
wireshark 无法解密tls_wireshark配置解密TLS 1.2
weixin_29496633的博客
01-05 6180
1.第一步,判断TLS版本<=1.2(不大可能是新标准1.3,如果是那不能解密)2.选中Info列描述有Server Hello字样的包,检查Cipher Suite3.描述字符串一般而言开头有TLS_RSA_、TLS_ECDH_、TLS_DHE_以及TLS_ECDHE_。最常见的是TLS_ECDHE_(不能解密)。理论上说其中TLS_RSA_、TLS_ECDH_都可以解密,但Wiresha...
网络|使用 Wireshark 分析 TLS/SSL 协议
thlzjfefe的博客
09-19 3283
第一个阶段是客户端发给服务端请求连接 Client Hello第二个阶段就是服务端回复客户端对应的证书、公钥信息、加密压缩算法第三个阶段是客户端告诉服务端自己的证书和公钥信息第四个阶段确认好对应的对称密钥后,让其生效测试下好不好使。握手的目的是协商对称加密密钥,由于加密前数据包都是明文,所以如果一开始就亮出密钥就不安全,所以握手期间是通过非对称加密的方式进行协商密钥。单向认证握手流程双向认证握手流程如下图所示:单向认证比双向认证少了 服务端对客户端进行认证的阶段。作者:高冷的白帽子。
带你了解数仓安全测试的TLS协议
华为云官方博客
09-29 1765
摘要:SSL/TLS协议是业界常用的加密通信协议,通过该协议可以完成通信双方身份认证,会话密钥协商,通信内容加密和完整性保护。
Wireshark对HTTPS数据的解密
qq_42801460的博客
03-27 5256
除此之外,上面还有很多TLSv1.2的东东,比如:client_key_exchange、Session Ticket,这是最初提到过的TLS握手过程的第四步和第五步,并不是请求数据包的内容,因此看到其中像是没有解密的内容也不要奇怪哦。以windows系统+Chrome浏览器为例,首先要导出浏览器存储的密钥,通过计算机属性——高级系统设置——环境变量,新建一个变量名“SSLKEYLOGFILE”的变量,变量值是导出的密钥具体文件地址。如下图显示,这里不展开,有兴趣的童鞋可以继续自行深入了解。
修改上面的代码,基于TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256算法套件
05-05
context.set_ciphers('ECDHE-ECDSA-AES128-GCM-SHA256') HOST = 'www.example.com' PORT = 443 # create TCP/IP socket sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # wrap the socket with SSL ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值