Cryptography Reference
In-Depth Information
The server responds with its own hello, where it informs the client which
ciphers it supports, and provides a public key, wrapped up in an X.509 certifi cate.
15:57:38.847302 IP localhost.localdomain.pcsync-https >
localhost.localdomain.50704: P 1:893(892) ack 37 win 256
<nop,nop,timestamp 24215144 24215144>
0x0000: 4500 03b0 8fa0 4000 4006 a9a5 7f00 0001
0x0010: 7f00 0001 20fb c610 9bb0 f1f9 9b92 7ea3
0x0020: 8018 0100 01a5 0000 0101 080a 0171 7e68
0x0030: 0171 7e68 837a 0400 0100 0203 5600 0900
0x0040: 1030 8203 5230 8202 fca0 0302 0102 0209
0x0050: 00c7 5c9d eade c1a2 5030 0d06 092a 8648
0x0060: 86f7 0d01 0105 0500 3081 a431 0b30 0906
0x0070: 0355 0406 1302 5553 310e 300c 0603 5504
0x0080: 0813 0554 6578 6173 3112 3010 0603 5504
0x0090: 0713 0953 6f75 7468 6c61 6b65 3114 3012
0x00a0: 0603 5504 0a13 0b54 7261 7665 6c6f 6369
0x00b0: 7479 3115 3013 0603 5504 0b13 0c41 7263
….
0x0380: bd17 59e8 3508 bd6a 9554 96ed 9790 66ec
0x0390: c2a8 eca0 8c6a b706 0040 0100 8007 00c0
0x03a0: b73b 8d2a 4c35 192b f6ff e87b 0137 8772
The length of this packet is 0x037A = 890 bytes; because the ServerHello packet
includes the certifi cate, it's going to be fairly long. The type is 0x04, ServerHello .
This is followed by the ServerHello packet:
unsigned char session_id_hit; // 00
unsigned char certificate_type; // 01 = SSL_CT_X509_CERTIFICATE
unsigned char server_version_major; // 00
unsigned char server_version_minor; // 02
unsigned short certificate_length; // 0356
unsigned short cipher_specs_length; // 0009
unsigned short connection_id_length; // 0010
signed_x509_certificate certificate; // (an entire DER-encoded X.509
// certificate)
unsigned char *cipher_specs; // 0600400100800700c0
unsigned char *connection_id; // b73b8d2a4c35192bf6ffe87b01378772
The next packet is the client's master key message. The client selects a cipher
spec from the ones presented by the server, generates a master key, encrypts it
using the public key presented by the server, and sends it back:
15:57:38.915469 IP localhost.localdomain.50704 >
localhost.localdomain.pcsync-https: P 37:121(84) ack 893
win 271 <nop,nop,timestamp 24215212 24215144>
0x0000: 4500 0088 001c 4000 4006 3c52 7f00 0001
0x0010: 7f00 0001 c610 20fb 9b92 7ea3 9bb0 f575
0x0020: 8018 010f fe7c 0000 0101 080a 0171 7eac
Search WWH ::




Custom Search