Cryptography Reference
In-Depth Information
0x0020: 8018 0100 02af 0000 0101 080a ffff c490 ................
0x0030: ffff c490
1603 0100 4a02 0000 4603 014c
........J...F..L
0x0040:
758c b47e 27e1 3d63 09fa 4c62 83c8 a510
u..~'.=c..Lb....
0x0050:
72a1 9a98 4c4e 186d 000b c059 31c1 4220
r...LN.m...Y1.B.
0x0060:
1823 08ca b7af a651 a39a f8e4 56c2 5934
.#.....Q....V.Y4
0x0070:
2ffd c57b aafe 12f9 bff3 9b0f 85ef 08a9
/..{............
0x0080:
0015 0016 0301 0357 0b00 0353 0003 5000
.......W...S..P.
… (omitted certificate) …
Server Key
Exchange
0x03d0:
bca6 6646 f29d dea1 b1b4 888e cde5 8f16
..fF............
0x03e0:
0301 00cd 0c00 00c9 0040 da58 3c16 d985
.........@.X<...
0x03f0:
2289 d0e4 af75 6f4c ca92 dd4b e533 b804
"....uoL...K.3..
p
g
0x0400:
fb0f ed94 ef9c 8a44 03ed 5746 50d3 6999
.......D..WFP.i.
0x0410:
db29 d776 276b a2d3 d412 e218 f4dd 1e08
.).v'k..........
0x0420:
4cf6 d800 3e7c 4774 e833 0001 0200 4044
L...>|Gt.3....@D
0x0430:
974e bd65 0890 aa9c 0279 ddb0 09e3 60b8
.N.e.....y....`.
Ys
0x0440:
727a c542 d202 c46f 1faa 04f4 839b 926b
rz.B...o.......k
0x0450:
7a88 2d8b 0239 595a 0b83 099a b0dc f492
z.-..9YZ........
0x0460:
da9a 90f1 14c6 f39b 19f2 9c4c 4df6 a500
...........LM...
0x0470:
4031 1a3e 0927 fc9e 6078 657e b1c3 6fd2
@1.>.'..`xe~..o.
0x0480:
24c1 3097 8178 79f0 6907 e5a3 e35c 6ca9
$.0..xy.i....\l.
Signature
0x0490:
986f db37 6f1d 302f 07e3 431c 3185 e7b1
.o.7o.0/..C.1...
Server
Finished
0x04a0:
1b5a 0504 6eed 7af1 6caa fc3a 7527 4df8
.Z..n.z.l..:u'M.
0x04b0:
b516 0301 0004 0e00 0000
..........
The server hello and certifi cate messages occur as before; however, instead
of being followed immediately by server done, they're followed by a server
key exchange message that identifi es the Diffi e-Hellman values
p
,
g
, and
Ys
.
The length declarations of each are highlighted in the preceding code. This
is followed by the RSA signature of the MD5 hash of client random, server
random, and the remainder of the server key exchange, followed by the
SHA-1 hash of the client random, the server random, and the remainder of
the message. The client should use the public key of the certifi cate — which
should have been verifi ed using the public key of a trusted certifi cate — to
verify these key exchange parameters.
21:35:48.449922 IP localhost.59349 > localhost.8443: Flags [P.], ack 1159, win
275, options [nop,nop,TS val 4294952106 ecr 4294952080], length 12
0x0000: 4500 0040 6de0 4000 4006 ced5 7f00 0001 E..@m.@.@.......
Yc
0x0010: 7f00 0001 e7d5 20fb aa9d a97f ab00 79b0 ..............y.
0x0020: 8018 0113 fe34 0000 0101 080a ffff c4aa .....4..........
0x0030: ffff c490
1603 0100 0710 0000 0300 0140
...............@
Search WWH ::
Custom Search