TLSv1.2抓包解密分析过程之RSA_WITH_AES_128_CBC_SHA

news2024/12/26 1:48:51

RSA_WITH_AES_128_CBC_SHA是TLSv1.2中最简单的加密协议了,非常适合用于学习TLSv1.2的握手过程。

RSA_WITH_AES_128_CBC_SHA表示

  • 使用RSA非对称加密进行密钥协商
  • 使用AES128 CBC模式加密
  • Hash算法使用SHA-1

参考文档:rfc5246   rfc5077    rfc7627

1. tomcat配置https环境

参考:https://blog.csdn.net/chenshun123/article/details/53453402

1.1. 服务端证书私钥(server.pem)

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEArEiwSBhoemQlW8kk7J15YPbdmqsxXjxB3hnSNxMCg8jZ8wrG
5ZA//lEpq/v6ow0Mt4q1p4hUNQqwbGozAPGW7kipBuCC9guhfCmoiXed0N7YyM1Y
su/JQ3feF9IL6O+homuyjW9L708ij+nofDndFJIsxzF8KXd9svgN9IhAYTQRBRF9
vsBqir9mYwnNGAgykaDMk/QULMNL+3JzqRvxQpvDpiKvtNg/Y9AcOY27o3BnR+zP
U992ciS+DRHuDx9UUlNbzNgyi96QDs7jnk9mJjOFKY7KYfSJvXrU1MFV/A5f35fY
UNSGDQyGXAESo/qvqJDcdH4e7TutOyB+LAf52QIDAQABAoIBABFqc6+GECG3N/OU
XNAyhw+fRP2aqq3tB3eNQqvglxN9XVLtVvfj4iQyTjUdjtOmwQ9YzU43QNPv1a/P
+IHy6iACZlvUnEiFGnjzuR7UYba4oE+EOqA0DzNrzZ641A1jFALYQj977cAuTr8f
lSnhq5ClyjMEtJl4g9NwsfBzSZbJwxcodWPfjUhoIBNWyuFyI1/1bpt8rJrjaqBz
N0/ygvwuok7sr2wYZYBzlbqblIk6v6u3hgjTaY6y87sps2HsoRPCbjnKZcH202K4
+Jq4xJaT3zJA0LBIK0bZr6EqJCo+rjqVF+dPBqq7Va0f/bqtVoYS2BxamuSANd9q
QdsLiwECgYEA376m//zoxMty6AO8xYQftzJzHZq2RcE4QdwkQ/H8lAZ12S9HpjIO
vAKAglmVSBOEc60OugQIKW5t5q1LagkjJjhCEPiI37cdkEGEwzIDMuxnJyoYK2uJ
cORrKgWMcD+2Ld1BkbotCgw1UoWIN4SDBm5fz7MJvypm9AM0j5iv+6ECgYEAxR7d
UAgOZXzvgOeYN61fRdl8fYP+AXGb5+4BQqSyg4B7I90tt3HegthSzSUMsaqcqb43
jEaMvx5bcADuuG+NoG1SBHRgpwRWc3kxHOsksk3pqoq6F12ipFfOiaknUk2uYuFm
6VS8Cuiwi5Mr40Ad7X2vIUREXy1mdwBZn+2sEzkCgYAyT/vbmnJ5Nkqbc6OyQpij
KFwMbyrHmsBcxvT8tmCWpLFBaklRTPZVPrbJGP3hnEnvfR3PpHJ1ZpieA5/usylN
Qd9RU6HrtJCYTLNe9VMU02YKv4N52A+q7CJQ67h90UXVIGjLLTNNjBs9eDt+SHTy
MEWpPdhWPWGzQzlBhRMloQKBgCwjnCT2mNqq3ip8MX6OKN5IM/MbIj6KhQGrLscQ
gBSoKWq/dSQ1sECWVfwvxqbl8EymFmQnzA5jqs/qtYnBGPKKaCotMRNVClKzGYdD
NCVlAuS4SbE/u1KXgt0abn6kfF8R3+xxl+XNcvLeEp7BVbI/SX7mfXTegqo0/tyr
6LMpAoGBAKdX/djhWnKtCA6OATjP9iEIYBkMKaCaBiP6VdtrdsTNPzTbvLHOIkxs
ObYs3KM5QZ6fAlMzul9Xr7VdOhREzKsBG+uJEf8x6PTlvsyKoJ+ahwN57gMIr92M
Y2b+7Nh2WaHxDaKPRvoIA7SBmuK0upO1uv1xa0CssOjkCT0Lnc3F
-----END RSA PRIVATE KEY-----

1.2. 客户端证书私钥(client.pem)

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA68ETjrJUHyKHKd5g1jORu/DnNQ1F4Qahb2+4o3nE//xrDnKs
8wc3auF9Hsdi6dQD+3AxCUqajBp3S3Hj82BqcdfO3R2Q409xRzme+0PqBCLTSQOZ
/I8V1+EZJ8vf+q08pLFLoS1JULs+Gq9bZjn3/zrbUsWGQDHjOc5aLiyp4ZJyOhM5
2GwtS4yLgnT5v066SWI4VfyWErgWP/sRYRN0Xod2WA9m0rqpRVJGEZzAYMDD+tQy
VGtAoMo+W2SSvvf09wA35ORi8zDjiUv7oE6HFnjM2cBkqFEJo21wzpAKtb85TGKG
GBMTG1mY8pyofTAKQJVKYVN0+Dpy+f4s5VrAuQIDAQABAoIBAHtu3peCxMp8YHpK
ZTchTvcwvU0oguK7fwCCZRCqa7t/ZGnvHqArshcysjjQOfilOeSGrBXqSpp6LOWC
XtAJNhIe5L8egMKS0INzJsr1luvNdAQxb4ktPUmHII2Wj9GGrE6qSSe9NzqenniI
QXl3dmHaZgSjSJQJyqd0ZADy/4sLCaSu5mvAu0G4V9sSDJBgEm2EVKEsH+RQmNeZ
M10jzx/44N16AGMOkKW6/yYas32VZay3wu57zllWtErwF9fDaqCt4yZ5lr0NARgy
mxnK1Z78J/8bTnVcae5DUdc3X1/wamL5KWpF/OEXEv0tmuUkmSOVJqSGuzgUvjeT
BgHzZRECgYEA9lB0u6f/u2QkIcSWx8WpUAW5ZFBNSsuT9PpORjgmTecep9f7PsVI
dvSDNC6A3vLsjE+OIIXH1xRf4wid6kPXYfQm102visY7Mafi+ykTW64Btv9Wcnzt
RqtmOB+LclQW5rxnYFdM5CrVdZSyKSAR4y1qft88vsxrWnyV5TzcUAUCgYEA9QZR
BRqm7fUjeqUEWDsKyv7nOKBa3jLhsOWvVoYUagKTCRvxG2I+vfpyNQLx6NfFrLCR
THgUtlF9fwpfzHcS+ldtdYmlD0aarEDsthgfSw7NxY8Q0N4F29KtjNYxUWICfY5C
z/V3XfirzH4D3QrjsDG7SuzGPBAR/ICXXiFNcCUCgYAzxKkkH6UB74QgjL7b8dEp
/mn+iVoVVEAehtUYsQhr6x1oTV6CzNf0GGPS/cscEJZizv2iHDvqGmAkyVTXPbbw
4W2gZrV0R0F9qDlubC2jYSj/Gx9CJLuB1NhBB3A5cS73A7X+a5q/gbknYz8moZTg
2FS/oY+U0kXl2LVwXqA3OQKBgDotosUse+BaaW8wiWSNuFVUywAGCy1hNXd0Qfqw
YV5+d/0ctlYDMNSZB88QgPIBcb08O3PFu11C4iJtCywYRdhNM/9JjHihEg6+Z7Yg
6iU/QZqcCqkdXpTAZFbhcNpbBC5dvf100j/s0JYAgdhVQpTOaiMzLyqJwkuLGOXP
0HxFAoGAeYlJHLvvxo2Cl9uwUcJZImLRxZQezbzhw5nqcudtXiKOsCPI84LdNWPo
12/v73XhMHxyefb5GBRkrCIPmWOVNdgxev0h4Qq1BCPq11zISrx3PObqGJ+C5qjf
xO6oDoU3lvJ6f1/yepfMWgwoC0UwxJisy6QH+w4Umi8B0RLw570=
-----END RSA PRIVATE KEY-----

1.3. tomcat配置

tomcat版本为 v8.5.63,server.xml如下配置,启用了双向认证

    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true"
               scheme="https"
               secure="true"
               clientAuth="true"
               sslProtocol="TLS"
               sslEnabledProtocols="TLSv1.2"
               useServerCipherSuitesOrder="true"     
               ciphers="TLS_RSA_WITH_AES_128_CBC_SHA"
               keystoreFile="D:/Tomcat/jks/server.keystore"
               keystorePass="123456"
               truststoreFile="D:/Tomcat/jks/server.keystore"
               truststorePass="123456">
    </Connector>

把 port 以及 store file路径和密码 修改为实际配置

2. 握手流程

使用chrome浏览器访问:

https://192.168.0.252:8443/webks/webks/ClientSrv

抓包如下:

握手流程如下:

2.1. ClientHello

client ----> server

Handshake数据:

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

客户端生成的随机数为:

3defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b386

注意:client_hello 数据中包含了extended_master_secret 扩展,这会影响后续master_secret数据的计算

2.2. ServerHello

server ----> client

Handshake数据:

02000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff010001000023000000170000

服务端生成的随机数为:

10300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d

2.3. Certificate (server)

server ----> client

Handshake数据:

0b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da242

2.4. CertificateRequest

server ----> client 

Handshake数据:

0d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d

2.5. ServerHelloDone

server ----> client

Handshake数据:

0e000000

2.6. Certificate (client)

client ----> server

Handshake数据:

0b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a1954

2.7. ClientKeyExchange

client ----> server

Handshake数据:

1000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

解析获取Encrypted Premaster数据:

9497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

使用服务端证书私钥解密:

0002b3e432450f55c8c4b6fe23099f6966f17783b54f5f2fcdc25df8ba24e76f5319eb6559f9995aaadc9ce9962b9c9e3c215db3906d6a374819ed2da13b9deb2ba1a1a5f6a363b704b2cf9a7e28e6b4c178651393569d4b229d27e67b7bce7b0afa9e040b8ead36edffbcc81bd0853a528e27fbc5c1d2b778bda6687c9b3512b4ec724fac2a3fc2ed51ba101fb98935c846c9ace5af1a073310306b37fa66d671874b939cd9760dcd0d6eab629c909183284de31285cadfab7e78e5af2b90b07020ac5e449d48581532d0126c659100030306de06b93c702efe62e8b7374c7012b2e98eeae027a8f56af5e7dff0047863277b4b87f73adb8f98f8e3a3ce1641

pre_master_secret 数据:

struct {
          ProtocolVersion client_version;
          opaque random[46];
} PreMasterSecret;

030306de06b93c702efe62e8b7374c7012b2e98eeae027a8f56af5e7dff0047863277b4b87f73adb8f98f8e3a3ce1641

2.7.1 计算 Master Secret

rfc5246 第8.1节 定义的计算规则为:

master_secret = PRF(pre_master_secret, "master secret",ClientHello.random + ServerHello.random)

但是此处握手因为 client_hello 消息带有 extended_master_secret 扩展,根据rfc7627 第4节 定义的计算规则为:

master_secret = PRF(pre_master_secret, "extended master secret", session_hash)

其中,session_hash的计算规则在rfc7627 第3节 定义:

session_hash = Hash(handshake_messages)

handshake_message为 2.1 至 2.7 的Handshake数据拼接数据:

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb3891

Hash使用SHA-256,对上述handshake_message数据运算可得 session_hash 数据:

82d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

使用 PRF 计算可得 master_secret 数据:

7bb571f36c38efba3eb95f5871391830116985671f8cb10de01c71c74319c49f9d2baaf1071490a19999ea56bf1e03dc

2.7.2 计算密钥

密钥包括 :

两端的HMAC_SHA1的key

client_write_MAC_key[20]
server_write_MAC_key[20]

两端的AES加密密钥
client_write_key[16]
server_write_key[16]

长度共计为 72 字节。

根据 rfc5246 第6.3节 定义,密钥数据计算公式为:

key_block = PRF(SecurityParameters.master_secret, "key expansion",
                      SecurityParameters.server_random + SecurityParameters.client_random);

master_secret 数据:

7bb571f36c38efba3eb95f5871391830116985671f8cb10de01c71c74319c49f9d2baaf1071490a19999ea56bf1e03dc

server_random 数据:

10300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d

client_random 数据:

3defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b386

使用 PRF 计算可得 key_blob 数据:

0d19a4197332db8266200724604c063d8cf116ff958513064070ba5137176bb621b27b80cc4c26e060381c0e233f4e1896bf61147da34652b824d8d1b789ddc05a94a4debb81d40f

client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff

server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0

client_write_key[16]:60381c0e233f4e1896bf61147da34652

server_write_key[16]:b824d8d1b789ddc05a94a4debb81d40f

至此两端均可计算出密钥数据了

2.8. CertificateVerify

client ----> server

Handshake数据:

0f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f 

提取签名数据:

15e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f

使用客户端证书私钥解密:

0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003031300d06096086480165030402010500042082d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

提取 hash 数据:

82d6bc8d19874cca5fc04db6f9ea9cdda99a15db212243d25bddb77aa49822be

与 2.7.1 节计算的 session_hash 数据一致,验签通过(参考 rfc5246 第7.4.8节)

2.9. ChangeCipherSpec (client)

client ----> server

 2.10. Finished (client)

client ----> server

这是一个TLSCiphertext结构(参考 rfc2546 附录A.1节),

提取 Encrypted Handshake Message 数据:

977c701d3c6f0ae4d284751816a7ab73b40e90b26d209e2d9128031874b8311fdf8f50edfef9db071c12ab4fbc41e931268ce046c53f4ab4670988e481fbc335

前16个字节为AES-CBC解密模式的IV数据:

977c701d3c6f0ae4d284751816a7ab73

之后为密文数据:

b40e90b26d209e2d9128031874b8311fdf8f50edfef9db071c12ab4fbc41e931268ce046c53f4ab4670988e481fbc335

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为AES-CBC解密模式密钥进行解密获取原始数据:

1400000c83c23dd8f9220c593a2673492ec78d22bfea15e8f20cdade865c49d7424828e30b0b0b0b0b0b0b0b0b0b0b0b

去填充后获取Handshake及MAC数据:

1400000c83c23dd8f9220c593a2673492ec78d22bfea15e8f20cdade865c49d7424828e3

这是一个 GenericStreamCipher 结构(参考 rfc2546 附录A.1节),content 为Handshake结构(参考 rfc2546 第7.4节),解析如下:

偏移长度数据说明
0x00114HandshakeType.finished
0x01300000clength
0x041283c23dd8f9220c593a267349Finished.verify_data
0x10202ec78d22bfea15e8f20cdade865c49d7424828e3MAC

2.10.1 计算 verify_data

根据 rfc5246 第7.4.9节 定义,verify_data 的计算规则为:

verify_data = PRF(master_secret, finished_label, Hash(handshake_messages))

handshake_message为 2.1 至 2.8 的Handshake数据拼接数据(不包括ChangeCipherSpec):

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb38910f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f

使用SHA-256对 handshake_message 运算:

397d4f853bf33a533370ab3f60b13b1bfb0cd20761bde164658a402280e5dc1a

finished_label为:“client finished”;master_secret 为2.7.1节计算结果;

使用 PRF 计算可得 verify_data 数据:

83c23dd8f9220c593a267349

与表格中所列 Finished.verify_data 数据一致,校验通过。

2.10.2 计算 MAC

根据 rfc5246 第6.2.3.1节 定义,MAC的计算规则为:

MAC(MAC_write_key, seq_num +
                            TLSCompressed.type +
                            TLSCompressed.version +
                            TLSCompressed.length +
                            TLSCompressed.fragment);

seq_num 初始值为0000000000000000,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Handshake = 0x16,1个字节;

version = 0x0303,2个字节;

length = 0x0010,2个字节,表示Finished消息体的长度;

fragment = 1400000c83c23dd8f9220c593a267349,16个字节

则进行MAC运算的原始数据为:

000000000000000016030300101400000c83c23dd8f9220c593a267349

使用2.7.2节计算的 client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

2ec78d22bfea15e8f20cdade865c49d7424828e3

与表格中所列 MAC 数据一致,校验通过。

 2.11. NewSessionTicket

server ----> client

参考 rfc5077 第3.3节 定义

Handshake数据:

04000426000151800420c0e58b07b19ba9b6bda00376f24d0a6f8cfdb9de8cb2f307938fc9c36f4b5eb683fe89d57786887a8474ce03f5e30c3d7854a1be76cec2474a5b6bb8ec683fb07b60f6b13e35a510a5cb3e392644a33026b3b06b96cccbc8dbf020458c776e743a5c4f78328fbdf64e0141c5a0ca85938b28993ebbffff9826cf824e0ef2cc04be6f9df409ad0618bcb902ac4395a5b05b4a731093b4a05994b4eba5643fed5b40077edf333bb61cbc6ae2a2e7bfff6a2c85813c7078c8703c11c33896c7dad6fdb11858057896fb8b8536204a5b8e9414335758ac545476827f53e10c681463b5d972de7a63fd0d2a76980daa390f1bfddfa931b7fc8301bb8321047ea3c027a2cadd50e6c960126e340538e72de3814f794c305f3215ba29ca62a12f7ce15d8b823873d055e147937f6b80051b9c6fe16088c0c0f901939fc0fb1f544d7b8bac6f6e5f9971f0b3402249e11663bd44fa57121ba3823b496983c5228ce382cc147d031c65ccb596c80644d113506be5bc55dfce23d3a5852b354dd1ca35a586e0e4d1c0a940352366b72952334cbee1334488cc9dbfede451ac292cb8314ddcec35ca3905bf687a9cc3ec813693387dd5abdc3052cd0982231011bb510c007bcb4de0883ea944655cbb698bf8c440d3c149b2d08c96073ec481f0d3995a0ecca0e5281b0de5bec3d0774641512aa228882ee872f3de74309bbb007d50a14d0a27249af675c9e9435e6252f737ecec7a63f3538b40105a64601f7f4a56f39b031debc992b741e12c05718717e0accc555c60b97f31880d6700ee489fd89c54321130caff9c3bd51c3432f11286cbadddf84efd3124ec4115ea70623fa918a608056e424b37901f5c44307dc9e0c9f17558dfc5aa2b15c0f26e372d3c8a8fdd6c0d28d37ab1396bf4c246588c66cef9bbfe01f2ac36f8de7509b13181f1205d75c6a20d6e6e84d7694cd407fcc38db1da873291613dd357ea4e8bfcabc6239812bd1952a0dccf67c68ec9efcb22a60a2af69b7932c70dc7e5b1e89e7f48a4da03e9adb360c7a78e13bcf0002023f0355f5a3dd05c4902a7fdd6fcb42197a1a118968befbc4925137bb3aa5f97a234a95afa0b066d681af36ca023a4b97892117e3002fe3a64610b63fa15ac2045c1438ae784f82b5e708fa23f41d2c5224bbdd4a0cbd2b588bc2473efca06ce5cc174612b4a14b8f309adfaceba3b6467f63a1b8d3fc35c8b085ed189d3ff7f79c66102ecd1e34dcd35ecd4fbb4b5b1b45e1bb24b6bf4e97189ce7019462851c55d8bae1679b0d1532d983d58f3cc3311e56816cbef7141b87febd792e10bb6c4ae649ceb0f87194be1e62a648b483abe89252c32bb46594f3acce08c6fee727ac0e62e7a1f2d970a78452c08776d203adfdb0eecefbfa096d9bdad8df8e0912a2768ce37a24a98231e64668c25de5785d7263cc913423bdbd1fbdf00ec3933ab4ad8b2298ff5bb5e1524e38a5710b88b157a68

2.12. ChangeCipherSpec (server)

server ----> client

2.13. Finished (server)

server ----> client

参考2.10节数据处理方法,

提取 Encrypted Handshake Message 数据:

19815312fc7c55bd42d5990938a4b36d556535c3e3bd2e79a48cb6d16a02869c10dcc6b86072aed08222b959a35e76e3796a94c7e35d2ccad6f73077bb10d9bc

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为AES-CBC解密模式密钥进行解密获取Handshake及MAC数据:

1400000cf3bd666f0519f59dd62935224643eccf7fb0d847e83af62d58693b7f6e4e8b4c

偏移长度  数据说明
0x00114HandshakeType.finished
0x01300000clength
0x0412f3bd666f0519f59dd6293522Finished.verify_data
0x1020  4643eccf7fb0d847e83af62d58693b7f6e4e8b4cMAC

2.13.1 计算 verify_data

handshake_message为 2.1 至 2.11 的Handshake数据拼接数据(不包括ChangeCipherSpec):

010001fc03033defe4aeefe2823d83125a7ffaf6e8da55663f9c9b489455e3fa02dccbb4b3862038e6cfe069ea51851c6ebab677ece132fcf6893a3d2587e43866023950318e0c00203a3a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f003501000193dada000000170000ff01000100000a000a00083a3a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00293a3a000100001d00208a44875a4f03a8251d8cab703b0fceb247a06ca7f5f951787c464226e0ac7b7a002d00020101002b000b0a8a8a0304030303020301001b00030200024a4a000100001500e50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000035030310300d3fc259adedf24883a2003b839455c9ec65ef8d04a3a32d820b2cdb6f7d00002f00000dff0100010000230000001700000b00037500037200036f3082036b30820253a00302010202040577a6a2300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313730345a170d3333303831383037313730345a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ac48b04818687a64255bc924ec9d7960f6dd9aab315e3c41de19d237130283c8d9f30ac6e5903ffe5129abfbfaa30d0cb78ab5a78854350ab06c6a3300f196ee48a906e082f60ba17c29a889779dd0ded8c8cd58b2efc94377de17d20be8efa1a26bb28d6f4bef4f228fe9e87c39dd14922cc7317c29777db2f80df4884061341105117dbec06a8abf666309cd18083291a0cc93f4142cc34bfb7273a91bf1429bc3a622afb4d83f63d01c398dbba3706747eccf53df767224be0d11ee0f1f5452535bccd8328bde900ecee39e4f66263385298eca61f489bd7ad4d4c155fc0e5fdf97d850d4860d0c865c0112a3faafa890dc747e1eed3bad3b207e2c07f9d90203010001a321301f301d0603551d0e041604140987aef2475083dafc74acab565fea834cd6e86b300d06092a864886f70d01010b05000382010100ab060d4e81a2ccd40676b9575da6b74a9796d0e3f8da62ad5abb0fa64d6dfb30d60e45801d5f73bf666e9db72482fd1385239bedf13a95b1aacefcef5bd33ebf609199e0cc397d9b656281c47bc547c94de7eff0ccd237433a1b82952ea87165741923a61f418bf841d9960fec804679fcdff1397ffe073c7367230697032d5c5fe9c2c8dbad4fd5ccdf7f5225c86bb2b456e4124f9cb515a458e1a2cfb4e5925d53a19a050bf24787b3e77922735d13b1a93408c4e49384073d7a86c0d8ddd6ba5a28629941fd10e9d11f7ec3e8252277069340a8aee378b762b19234c412fa32ad6f376caabcaeec0be7f591861464811afb3fb4201825a9d88dfafe7da2420d0000a003010240002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602006a00683066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d0e0000000b00037500037200036f3082036b30820253a00302010202044f3e3a8e300d06092a864886f70d01010b05003066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d301e170d3233303832313037313831375a170d3233313131393037313831375a3066310b3009060355040613027a68310b3009060355040813026764310b300906035504071302677a3110300e060355040a1307646576656c6f703111300f060355040b13086368656e7368756e311830160603550403130f6368656e7368756e3133312e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100ebc1138eb2541f228729de60d63391bbf0e7350d45e106a16f6fb8a379c4fffc6b0e72acf307376ae17d1ec762e9d403fb7031094a9a8c1a774b71e3f3606a71d7cedd1d90e34f7147399efb43ea0422d3490399fc8f15d7e11927cbdffaad3ca4b14ba12d4950bb3e1aaf5b6639f7ff3adb52c5864031e339ce5a2e2ca9e192723a1339d86c2d4b8c8b8274f9bf4eba49623855fc9612b8163ffb116113745e8776580f66d2baa9455246119cc060c0c3fad432546b40a0ca3e5b6492bef7f4f70037e4e462f330e3894bfba04e871678ccd9c064a85109a36d70ce900ab5bf394c62861813131b5998f29ca87d300a40954a615374f83a72f9fe2ce55ac0b90203010001a321301f301d0603551d0e04160414c92f402c3cd561508d4990b8ba33b6caf72a79c1300d06092a864886f70d01010b0500038201010007714ec8a3f234b78cd974b20315545f93d7a58c246b472b51835cbe22e5e859aa654543dce16886c0f4b621448c8acab14f2673b8aa13a7897a25fd6015b40b4ea8dde8c710936669274edeb5efb83245e50fee15dbe260b1f7f23f55d8a1b49675db6cd7f78a0e32e64f2b014d48c4fdb99955e00a0f4ff07d93707bc3264a2efbda95290245f73fcc47f91324232415166649cb3d55f3c4543b9b8650fc3782e311050bd665941eb0d22ac1b66242438759bb690302f231e71d854f73ffc151f24bfadbfed255e52cce646fe3d0a81973c9cfccbe68b7c20f665377e1b247d1047c774a0f59469059a3ff9c13f2cd3959312095e4078fb55854ed591a19541000010201009497055d91c47657b012a99c3f4aaf6cc2051d5215c955f8c1c0b5b5bd1b702c87a6634feed4ac6ddc963f486316464e338743cb4a8881d499dc7fe068c39f96e260b27696668ff14c966d48bc746872bbce5bc29532a830c2aa94957c5ce0a984d344f39e011acf5a0a82fcd56fa27dde73a83a193af18e64561ae7a0d4eddc7021be89f4244cf6c6ab36241659a3fd679928a73a15fef615fe7a2f1a6e1896ecf1d1c74efda6a763a669f30fc6d109ff7bde4e0f7ed812d9bbf53ad6bcd45c789c15b1e62ad33706ebfc43ebbea4f675072174f3bd4e47cc7d37971b40194b0f5c4c0e1c1e2541a1cded7b03657230c4724b5fcb98f1795bdc5823a8fb38910f0001040401010015e5034ae9c79f4ba369085900170e2caa014c4a736ac61efdd008e87927947dfd4650869c2fd753b159fcabd08826811d3759134ae34b87be9412f97eed89dfe5b1b1bccc252c7df75a6b465d94873a59b49e29332f21a34758d8aee695512db4a763191af13782c0ea7f2a06cee8d439823f4f199096f5f192713df729354641e313cf6ec3cb205035aaed81f74f80baef31cfd944a1ce1175cd6e761ab317a75d2112d2488f8d2cea7c575da77402659a40a5f2b7fdcce749d79dfb0dc402c9ab44838b347020f68061459c1047f21da88f5b4c06df0661af5f06f6475f97504cae945c5c5f172b508011c562606d4e84c3bd930a7fad3e1b25e4648ba91f1400000c83c23dd8f9220c593a26734904000426000151800420c0e58b07b19ba9b6bda00376f24d0a6f8cfdb9de8cb2f307938fc9c36f4b5eb683fe89d57786887a8474ce03f5e30c3d7854a1be76cec2474a5b6bb8ec683fb07b60f6b13e35a510a5cb3e392644a33026b3b06b96cccbc8dbf020458c776e743a5c4f78328fbdf64e0141c5a0ca85938b28993ebbffff9826cf824e0ef2cc04be6f9df409ad0618bcb902ac4395a5b05b4a731093b4a05994b4eba5643fed5b40077edf333bb61cbc6ae2a2e7bfff6a2c85813c7078c8703c11c33896c7dad6fdb11858057896fb8b8536204a5b8e9414335758ac545476827f53e10c681463b5d972de7a63fd0d2a76980daa390f1bfddfa931b7fc8301bb8321047ea3c027a2cadd50e6c960126e340538e72de3814f794c305f3215ba29ca62a12f7ce15d8b823873d055e147937f6b80051b9c6fe16088c0c0f901939fc0fb1f544d7b8bac6f6e5f9971f0b3402249e11663bd44fa57121ba3823b496983c5228ce382cc147d031c65ccb596c80644d113506be5bc55dfce23d3a5852b354dd1ca35a586e0e4d1c0a940352366b72952334cbee1334488cc9dbfede451ac292cb8314ddcec35ca3905bf687a9cc3ec813693387dd5abdc3052cd0982231011bb510c007bcb4de0883ea944655cbb698bf8c440d3c149b2d08c96073ec481f0d3995a0ecca0e5281b0de5bec3d0774641512aa228882ee872f3de74309bbb007d50a14d0a27249af675c9e9435e6252f737ecec7a63f3538b40105a64601f7f4a56f39b031debc992b741e12c05718717e0accc555c60b97f31880d6700ee489fd89c54321130caff9c3bd51c3432f11286cbadddf84efd3124ec4115ea70623fa918a608056e424b37901f5c44307dc9e0c9f17558dfc5aa2b15c0f26e372d3c8a8fdd6c0d28d37ab1396bf4c246588c66cef9bbfe01f2ac36f8de7509b13181f1205d75c6a20d6e6e84d7694cd407fcc38db1da873291613dd357ea4e8bfcabc6239812bd1952a0dccf67c68ec9efcb22a60a2af69b7932c70dc7e5b1e89e7f48a4da03e9adb360c7a78e13bcf0002023f0355f5a3dd05c4902a7fdd6fcb42197a1a118968befbc4925137bb3aa5f97a234a95afa0b066d681af36ca023a4b97892117e3002fe3a64610b63fa15ac2045c1438ae784f82b5e708fa23f41d2c5224bbdd4a0cbd2b588bc2473efca06ce5cc174612b4a14b8f309adfaceba3b6467f63a1b8d3fc35c8b085ed189d3ff7f79c66102ecd1e34dcd35ecd4fbb4b5b1b45e1bb24b6bf4e97189ce7019462851c55d8bae1679b0d1532d983d58f3cc3311e56816cbef7141b87febd792e10bb6c4ae649ceb0f87194be1e62a648b483abe89252c32bb46594f3acce08c6fee727ac0e62e7a1f2d970a78452c08776d203adfdb0eecefbfa096d9bdad8df8e0912a2768ce37a24a98231e64668c25de5785d7263cc913423bdbd1fbdf00ec3933ab4ad8b2298ff5bb5e1524e38a5710b88b157a68

(2.10节的Handshake数据为明文数据:1400000c83c23dd8f9220c593a267349)

使用SHA-256对 handshake_message 运算:

3ae4a1aae4ec42dd84b9e6edf2812bb5c7fa0667a48b10bccd6af0423e138260

finished_label为:“server finished”;master_secret 为2.7.1节计算结果;

使用 PRF 计算可得 verify_data 数据:

f3bd666f0519f59dd6293522

与表格中所列 Finished.verify_data 数据一致,校验通过。

2.13.2 计算 MAC

seq_num 初始值为0000000000000000,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Handshake = 0x16,1个字节;

version = 0x0303,2个字节;

length = 0x0010,2个字节,表示Finished消息体的长度;

fragment = 1400000cf3bd666f0519f59dd6293522,16个字节

则进行MAC运算的原始数据为:

000000000000000016030300101400000cf3bd666f0519f59dd6293522

使用2.7.2节计算的 server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

4643eccf7fb0d847e83af62d58693b7f6e4e8b4c

与表格中所列 MAC 数据一致,校验通过。

3. 数据保护

从ChangeCipherSpec之后的网络交互数据都已经是加密的数据了(2.10节和2.13节的Finished数据即为加密数据),使用的是TLSCiphertext结构(参考 rfc5246 第6.2.3节)

3.1 客户端请求数据

 提取密文数据:

38baa62e9854384bcf779481425ad34d2967c1da990234072125bda8b07de9e28205a6d7236c7b5a79ad0284e89383933f2612d2a26eee388e0fb1c53f9fbbc22ae35a523a84a707dcc549b442d51b57ff7505176a1ed4bf556db86a74c7f4534a8511d23e9d358affba368c22b4ab84e7a4fd16738115607a44a04284d7edbedccaf07c384437655d5790cfbe0197cac44012379c05e941a65bcb976834a89005f76b8bb6447894b373421722171e763edfeec38e75cacc26de687888970f3f794983420a0fef1765eef1ac8daea977032a9d34dae1ccb2edd3c5fa091c82be684afd5fe8b3908c3e9dd7a6a0afa80a924dc9b59837853c20e51ca8c974dc330a472525a429b7a6a35d17a82064a7310c35cbe76c9b8864007547bf3a7d85f976c7d716630ebb1a1b82e80483a21a509b0644c2d7490f54104aa5063b59438f94bfd18abd8b803086f06fecaa022b76f580679dd459b3574acb92a5c14d846233ade08bab4cf3b77086d7c050674d119519a0b0acde2cafc299b086029f90bc8fdab79499abfe228b9406d470473847a7328530a49c24af7f8d67d7af710e38d63e06902d0a5d543ab4ac8010328941a71f218964c93708bc6573bd5b6db9e3371af47eccf00b516d8d3f95ffb21ff8f16d3bddebc9e16f868b83fe002bdbaebf2f3f9e373878f69648b52a93faa9433ae15ad842c34196fdd24a4bd0e8ff8aed355cdb450dc7bdcad09cdc8c8bfeea7368c68cb985ae720414264c21a03eeba50456d57bd95cb902224bfc5210921ebc0d4d0b5d328c7011aa8156dae7e49309de0366cf2d87b16aa3efa63df9f71b9d99537f4c6f29ef8853a0884b4bc467a3ffa173d4a7ee4a0bcc827f0cf8593e

提取前16个字节作为IV:

38baa62e9854384bcf779481425ad34d

之后为密文数据:

2967c1da990234072125bda8b07de9e28205a6d7236c7b5a79ad0284e89383933f2612d2a26eee388e0fb1c53f9fbbc22ae35a523a84a707dcc549b442d51b57ff7505176a1ed4bf556db86a74c7f4534a8511d23e9d358affba368c22b4ab84e7a4fd16738115607a44a04284d7edbedccaf07c384437655d5790cfbe0197cac44012379c05e941a65bcb976834a89005f76b8bb6447894b373421722171e763edfeec38e75cacc26de687888970f3f794983420a0fef1765eef1ac8daea977032a9d34dae1ccb2edd3c5fa091c82be684afd5fe8b3908c3e9dd7a6a0afa80a924dc9b59837853c20e51ca8c974dc330a472525a429b7a6a35d17a82064a7310c35cbe76c9b8864007547bf3a7d85f976c7d716630ebb1a1b82e80483a21a509b0644c2d7490f54104aa5063b59438f94bfd18abd8b803086f06fecaa022b76f580679dd459b3574acb92a5c14d846233ade08bab4cf3b77086d7c050674d119519a0b0acde2cafc299b086029f90bc8fdab79499abfe228b9406d470473847a7328530a49c24af7f8d67d7af710e38d63e06902d0a5d543ab4ac8010328941a71f218964c93708bc6573bd5b6db9e3371af47eccf00b516d8d3f95ffb21ff8f16d3bddebc9e16f868b83fe002bdbaebf2f3f9e373878f69648b52a93faa9433ae15ad842c34196fdd24a4bd0e8ff8aed355cdb450dc7bdcad09cdc8c8bfeea7368c68cb985ae720414264c21a03eeba50456d57bd95cb902224bfc5210921ebc0d4d0b5d328c7011aa8156dae7e49309de0366cf2d87b16aa3efa63df9f71b9d99537f4c6f29ef8853a0884b4bc467a3ffa173d4a7ee4a0bcc827f0cf8593e

使用2.7.2节计算的 client_write_key[16]:60381c0e233f4e1896bf61147da34652 作为密钥进行解密获取明文数据(去填充):

474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0ae44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

其中最后20个字节为MAC:

e44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

其余为客户端请求数据,转为UTF-8编码:

GET /webks/webks/ClientSrv HTTP/1.1
Host: 192.168.0.252:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9

3.1.1 计算MAC

seq_num 为0000000000000001,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Application Data = 0x17,1个字节;

version = 0x0303,2个字节;

length = 0x0246,2个字节,表示客户端请求数据的长度;

fragment = 474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0a,582个字节

则进行MAC运算的原始数据为:

00000000000000011703030246474554202f7765626b732f7765626b732f436c69656e7453727620485454502f312e310d0a486f73743a203139322e3136382e302e3235323a383434330d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a43616368652d436f6e74726f6c3a206d61782d6167653d300d0a557067726164652d496e7365637572652d52657175657374733a20310d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b2057696e36343b2078363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f38372e302e343238302e313431205361666172692f3533372e33360d0a4163636570743a20746578742f68746d6c2c6170706c69636174696f6e2f7868746d6c2b786d6c2c6170706c69636174696f6e2f786d6c3b713d302e392c696d6167652f617669662c696d6167652f776562702c696d6167652f61706e672c2a2f2a3b713d302e382c6170706c69636174696f6e2f7369676e65642d65786368616e67653b763d62333b713d302e390d0a5365632d46657463682d536974653a206e6f6e650d0a5365632d46657463682d4d6f64653a206e617669676174650d0a5365632d46657463682d557365723a203f310d0a5365632d46657463682d446573743a20646f63756d656e740d0a4163636570742d456e636f64696e673a20677a69702c206465666c6174652c2062720d0a4163636570742d4c616e67756167653a207a682d434e2c7a683b713d302e390d0a0d0a

使用2.7.2节计算的 client_write_MAC_key[20]:0d19a4197332db8266200724604c063d8cf116ff作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

e44662cd09a0b7be7bcb744f62a8a35f0bdb2ccd

3.2 服务端返回数据

 提取密文数据:

8926bcd7a79659d2d6822ece0b66ee590cfd96f0863f5b74f6456cdbd2cce4db878c73785f1edb412e0ecb97d54fce74300c6a673af621b3c849ede3013de046e80c99c7594b34b5033dee5a077fdac3d9c0bf602f284e09cce080527e75379360efef954bbe94c62440c5cf80158d49c340cec0fcfb5d016c7bdeed2ee3161e537f5935770ac787dba20a41620d400e2e0291decd09d28d31d145760aaf25d07aef1ceeab764534eb703ddf0242decfec59536fe86cb19b0d67c3938587900842608dbff5bb5d9d471cc4e85fa0d2a5

提取前16个字节作为IV:

8926bcd7a79659d2d6822ece0b66ee59

之后为密文数据:

0cfd96f0863f5b74f6456cdbd2cce4db878c73785f1edb412e0ecb97d54fce74300c6a673af621b3c849ede3013de046e80c99c7594b34b5033dee5a077fdac3d9c0bf602f284e09cce080527e75379360efef954bbe94c62440c5cf80158d49c340cec0fcfb5d016c7bdeed2ee3161e537f5935770ac787dba20a41620d400e2e0291decd09d28d31d145760aaf25d07aef1ceeab764534eb703ddf0242decfec59536fe86cb19b0d67c3938587900842608dbff5bb5d9d471cc4e85fa0d2a5

使用2.7.2节计算的 server_write_key[16]:b824d8d1b789ddc05a94a4debb81d40f作为密钥进行解密获取明文数据(去填充):

485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464dcb3c3f98a2c7645b3be4ece10648040f70d42dc

其中最后20个字节为MAC:

dcb3c3f98a2c7645b3be4ece10648040f70d42dc

其余为客户端请求数据,转为UTF-8编码:

HTTP/1.1 200 
Content-Type: text/html;charset=UTF-8
Content-Length: 6
Date: Mon, 21 Aug 2023 11:26:10 GMT
Keep-Alive: timeout=60
Connection: keep-alive

dddddd

3.2.1 计算MAC

seq_num 为0000000000000001,8个字节;

TLSCompressed结构定义参考 rfc2546 附录A.1节:

type = Application Data = 0x17,1个字节;

version = 0x0303,2个字节;

length = 0x00A6,2个字节,表示客户端请求数据的长度;

fragment = 485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464,166个字节

则进行MAC运算的原始数据为:

000000000000000117030300A6485454502f312e3120323030200d0a436f6e74656e742d547970653a20746578742f68746d6c3b636861727365743d5554462d380d0a436f6e74656e742d4c656e6774683a20360d0a446174653a204d6f6e2c2032312041756720323032332031313a32363a313020474d540d0a4b6565702d416c6976653a2074696d656f75743d36300d0a436f6e6e656374696f6e3a206b6565702d616c6976650d0a0d0a646464646464

使用2.7.2节计算的 server_write_MAC_key[20]:958513064070ba5137176bb621b27b80cc4c26e0作为MAC_write_key,使用 HMAC-SHA1 计算MAC结果为:

dcb3c3f98a2c7645b3be4ece10648040f70d42dc

4. 使用wireshark解密数据

wireshark解密TLS加密数据有两种方法,用RSA私钥解密和使用密钥日志文件。针对本文内容,可以通过设置RSA私钥进行解密。

编辑 -> 首选项 -> Protocols -> TLS

 点击【Edit...】按钮

如上图所示添加 RSA私钥文件,点击【OK】按钮回主界面后效果如下:

参考文档

Tomcat 配置Https 详解_小柴的生活观的博客-CSDN博客

TLSv1.2抓包解密分析过程之RSA_WITH_AES_128_CBC_SHA256_tls_rsa_with_aes_wzj_whut的博客-CSDN博客

HTTPS流量抓包分析解密(TLS1.2)_https流量解析_Mmmidsummer的博客-CSDN博客

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.coloradmin.cn/o/914448.html

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈,一经查实,立即删除!

相关文章

Kyligence Copilot 登陆海外,斩获 Product Hunt 日榜 TOP 2

8月14日&#xff0c;AI 数智助理 Kyligence Copilot 在全球知名科技产品平台 Product Hunt 上线&#xff0c;其以出色的产品创新实力&#xff0c;在激烈的竞争中脱颖而出&#xff0c;仅仅在 24 小时内收获了超过 400 个投票和近 200 条支持评论&#xff0c;荣登当日产品榜排名第…

Microsoft正在将Python引入Excel

Excel和Python这两个世界正在碰撞&#xff0c;这要归功于Microsoft的新集成&#xff0c;以促进数据分析和可视化 Microsoft正在将流行的编程语言Python引入Excel。该功能的公共预览版现已推出&#xff0c;允许Excel用户操作和分析来自Python的数据。 “您可以使用 Python 绘图…

远程端口转发 实践 如何将物理机某一端口的服务转发到vps上,使得外网能访问到

以本机1470端口&#xff08;我的sqli-labs&#xff09;与vps的9023端口为例。 SSH基本的连接命令是&#xff1a; ssh usernamehostname这里牵扯到了两台主机&#xff0c;一是执行命令、运行SSH客户端的主机&#xff0c;我们称为本地主机A【Host A】&#xff1b;二是接收连接请…

记录某一次演讲

大家好&#xff0c;我是繁依&#xff0c;是一名软件工程的学生。很高兴能站在这里&#xff0c;与大家分享一下自己日常数据分析学习的经验。首先&#xff0c;我先来介绍一下自己常用的学习资源和工具&#xff0c;学习平台及资源有哔哩哔哩、掘金小册、和鲸社区、飞桨社区等 常…

ECharts配合Node.js爬虫实现数据可视化

数据可视化简介 可视化技术是将数据和信息以图形化的方式展示出来&#xff0c;以便更好地理解和分析。可视化技术通常使用各种图表、图形、动画和交互式效果来呈现数据。可视化技术有以下几个基本概念&#xff1a; 数据&#xff1a;可视化技术的基础是数据。数据可以是数字、文…

使用Kind搭建本地k8s集群环境

目录 1.前提条件 2.安装Kind 3.使用Kind创建一个K8s集群 3.1.创建一个双节点集群&#xff08;一个Master节点&#xff0c;一个Worker节点&#xff09; 3.2.验证一下新创建的集群信息 3.3.删除刚刚新建的集群 4.安装集群客户端 4.1.安装kubectl 4.1.1.验证kubectl 4.2.安…

工法到底是什么?

关于工法许多人都是感到陌生的&#xff0c;第一次接触会想&#xff0c;工法是建筑工法还是农业工法呢&#xff1f;其实都不是的。百度百科给的解释是&#xff1a;工法一词来自日本&#xff0c;日本《国语大辞典》将工法释为工艺方法和工程方法。在中国&#xff0c;工法是指以工…

ElementUI Table 翻页缓存数据

Element UI Table 翻页保存之前的数据,网上找了一些,大部分都是用**:row-key** 和 reserve-selection,但是我觉得有bug,我明明翻页了…但是全选的的个框还是勾着的(可能是使用方法不对,要是有好使的…请cute我一下…感谢) 所以自己写了一个… 思路: 手动勾选的时候,将数据保存…

JDK 核心jar之 rt.jar

一、JDK目录展示 二、rt.jar 简介 2.1.JAR释义 在软件领域&#xff0c;JAR文件&#xff08;Java归档&#xff0c;英语&#xff1a;Java Archive&#xff09;是一种软件包文件格式&#xff0c;通常用于聚合大量的Java类文件、相关的元数据和资源&#xff08;文本、图片等&…

通过python在unity里调用C#接口

log: 背景 最近在做虚拟人底层驱动sdk测试&#xff0c;因为后端使用的是C#,我个人更倾向于python编程辅助测试工作&#xff0c;测试sdk需要通过开发提供的接口方法文档&#xff0c;通过传测试场景参数调用方法进行单元测试 技术&工具 项目语言 C# 项目工具 unity 测试…

Aspose.Tasks for .NET V23Crack

Aspose.Tasks for .NET V23Crack 改进了大型项目的内存占用。 添加了API&#xff0c;允许您在应用程序无法访问系统字体文件夹时指定用户的字体文件夹。 Aspose.Tasksfor.NET是处理MicrosoftProject文件的可靠的项目管理API。API支持在不依赖Microsoft Project的情况下读取、写…

CAM实现的流程--基于Pytorch实现

CAM实现的流程 CAM类激活映射CAM是什么CAM与CNN CAM类激活映射 CAM是什么 可视化CNN的工具&#xff0c; CAM解释网络特征变化&#xff0c;CAM使得弱监督学习发展成为可能&#xff0c;可以慢慢减少对人工标注的依赖&#xff0c;能降低网络训练的成本。通过可视化&#xff0c;就…

HTML 和 CSS 来实现毛玻璃效果(Glassmorphism)

毛玻璃效果简介 它的主要特征就是半透明的背景&#xff0c;以及阴影和边框。 同时还要为背景加上模糊效果&#xff0c;使得背景之后的元素根据自身内容产生漂亮的“变形”效果&#xff0c;示例&#xff1a; 代码实现 首先&#xff0c;创建一个 HTML 文件&#xff0c;写入如下…

cuda编程day001

一、环境&#xff1a; ①、linux cuda-11.3 opecv4.8.0 不知道头文件和库文件路径&#xff0c;用命令查找&#xff1a; # find /usr/local -name cuda.h 2>/dev/null # 查询cuda头文件路径 /usr/local/cuda-11.3/targets/x86_64-linux/include/cuda.h # find /usr/…

【AUTOSAR应用层详细介绍|应知应会】

AUTOSAR应用层详细介绍 文章目录 AUTOSAR应用层详细介绍前言一、软件组件1.1 软件组件的分类二、数据类型三、端口与端口接口3.1 端口3.2 端口接口四、软件组件的内部行为五、AUTOSAR虚拟功能总线 VFB前言 AUTOSAR 包含一个分层的架构,其中最顶层抽象程度最高的是应用层,应用…

LeetCode42.接雨水

这道题呢可以按列来累加&#xff0c;就是先算第1列的水的高度然后再加上第2列水的高度……一直加到最后就是能加的水的高度&#xff0c;我想到了这里然后就想第i列的水其实就是第i-1列和i1列中最小的高度减去第i列的高度&#xff0c;但是其实并不是&#xff0c;比如示例中的第5…

记录Taro巨坑,找不到sass类型定义文件

问题 taronutuisassts项目里tsconfig.json一直报红报错。 找不到“sass”的类型定义文件。 程序包含该文件是因为: 隐式类型库 “sass” 的入口点 其实正常人想的肯定是装上 types/sass试试。开始我试过了&#xff0c;没用。删了依赖重装也没用。后面在issue中找到答案了 解决…

错题整理——2022小米测开

1. 算法的五个基本特性是:输入、输出、有穷性、确定性和可行性。 2. 网络端口范围与最大tcp连接数和系统允许打开的最大文件数&#xff0c;用户允许打开的最大文件数&#xff0c;TCP网络连接可用的端口范围有关&#xff0c;取上述的最小值&#xff1b; 端口范围是指操作系统支…

设计模式之职责链模式(ChainOfResponsibility)的C++实现

1、职责链模式的提出 在软件开发过程中&#xff0c;发送者经常发送一个数据请求给特定的接收者对象&#xff0c;让其对请求数据进行处理&#xff08;一个数据请求只能有一个对象对其处理&#xff09;。如果发送的每个数据请求指定特定的接收者&#xff0c; 将带来发送者与接收…

2023-08-22 LeetCode每日一题(到最近的人的最大距离)

2023-08-22每日一题 一、题目编号 849. 到最近的人的最大距离二、题目链接 点击跳转到题目位置 三、题目描述 给你一个数组 seats 表示一排座位&#xff0c;其中 seats[i] 1 代表有人坐在第 i 个座位上&#xff0c;seats[i] 0 代表座位 i 上是空的&#xff08;下标从 0 …