mbedtls库ssl/tls握手

觅食小鱼

已于 2022-10-11 16:41:07 修改

阅读量3.5k

点赞数 3

分类专栏：通信安全文章标签： ssl 网络服务器

于 2022-10-11 15:53:32 首次发布

原文链接：https://www.cnblogs.com/corc/p/15104504.html

版权

通信安全专栏收录该内容

4 篇文章

订阅专栏

本文转发来自：网络 | HTTPS 完整流程 - Cor - 博客园

一、握手过程

1.1 TLS 完整握手过程

1.2 单项认证数据

TLSv1.2	571	Client Hello
TLSv1.2	150	Server Hello
TLSv1.2	895	Certificate
TLSv1.2	392	Server Key Exchange
TLSv1.2	63	Server Hello Done
TLSv1.2	180	Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
TLSv1.2	60	Change Cipher Spec
TLSv1.2	99	Encrypted Handshake Message
TLSv1.2	406	Application Data
TLSv1.2	328	Application Data

1.3 双向认证数据

TLSv1.2	358	Client Hello
TLSv1.2	996	Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
TLSv1.2	534	Certificate
TLSv1.2	332	Client Key Exchange, Certificate Verify, Change Cipher Spec, Encrypted Handshake Message
TLSv1.2	60	Change Cipher Spec
TLSv1.2	99	Encrypted Handshake Message
TLSv1.2	115	Application Data

二、包详细信息（抓包信息 From：WireShark）

1. Client Hello

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_write_client_hello();

握手协议：

Handshake Protocol: Client Hello
    Handshake Type: Client Hello (1)
    Length: 295
    Version: TLS 1.2 (0x0303)
    Random: 5f2933702428c5b2819c30feb9fc52b3483feedd7faf64c2…
        GMT Unix Time: Aug  4, 2020 18:07:44.000000000 CST
        Random Bytes: 2428c5b2819c30feb9fc52b3483feedd7faf64c22162e198…
    Session ID Length: 0
    Cipher Suites Length: 160
    Cipher Suites (80 suites)
    Compression Methods Length: 1
    Compression Methods (1 method)
    Extensions Length: 94
    Extension: server_name (len=18)
    Extension: signature_algorithms (len=22)
    Extension: supported_groups (len=24)
    Extension: ec_point_formats (len=2)
    Extension: encrypt_then_mac (len=0)
    Extension: extended_master_secret (len=0)
    Extension: session_ticket (len=0)

函数说明：

Version: TLS 版本信息;
Random: 前四位：时间戳，后28位：随机数;
Cipher Suites: 客户端支持的组件;

2. Server Hello

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_parse_server_hello();

握手协议：

Handshake Protocol: Server Hello
    Handshake Type: Server Hello (2)
    Length: 81
    Version: TLS 1.2 (0x0303)
    Random: 5f29336af1104faf18544577413080cb7f8932fd5c4d2249…
        GMT Unix Time: Aug  4, 2020 18:07:38.000000000 CST
        Random Bytes: f1104faf18544577413080cb7f8932fd5c4d2249fb8db872…
    Session ID Length: 32
    Session ID: 5f29336a02f78561926108084594d22cd6804819da2d9bd9…
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
    Compression Method: null (0)
    Extensions Length: 9
    Extension: renegotiation_info (len=1)
        Type: renegotiation_info (65281)
        Length: 1
        Renegotiation Info extension
    Extension: extended_master_secret (len=0)
        Type: extended_master_secret (23)
        Length: 0

函数说明：

Version:      TLS 版本信息;
Random:       随机数序列，前四位：时间戳，后28位：随机数;
Cipher Suite: 服务端与客户端协商之后的密码套件;

3. Certificate

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_parse_certificate();

握手协议：

Handshake Protocol: Certificate
    Handshake Type: Certificate (11)
    Length: 484
    Certificates Length: 481
    Certificates (481 bytes)
        Certificate Length: 478
        Certificate: 308201da30820180021475bda3ed4a9e4fcba43686b12069… (id-at-commonName=svr.example.iwall.com,id-at-organizationalUnitName=SERVER,id-at-organizationName=IWall,id-at-localityName=HaiDian,id-at-stateOrProvinceName=BeiJing,id-at-co
            signedCertificate
            algorithmIdentifier (ecdsa-with-SHA256)
            Padding: 0
            encrypted: 30450221009499d98c1ea5963eaba85216b98de2ff45f5af…

函数说明：

Version:      TLS 版本信息;
Certificates: 证书信息;

4. Server Key Exchange

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_parse_server_key_exchange();

握手协议：

Handshake Protocol: Server Key Exchange
    Handshake Type: Server Key Exchange (12)
    Length: 211
    EC Diffie-Hellman Server Params
        Curve Type: named_curve (0x03)
        Named Curve: secp521r1 (0x0019)
        Pubkey Length: 133
        Pubkey: 04010a9d9275a1702a5eb822432c2f728e18613768c4818a…
        Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
            Signature Hash Algorithm Hash: SHA512 (6)
            Signature Hash Algorithm Signature: ECDSA (3)
        Signature Length: 70
        Signature: 3044022031c64f7e6fe642e6729bdf1822e1345e24858e13…

函数说明：

EC Diffie-Hellman Server Params
Pubkey: 若使用 ECDH，客户端使用证书中的服务器公钥，服务端不发送 Server Key Exchange。
   		  若使用 ECDHE，服务器将通过 Server Key Exchange 消息告之客户端临时 ECDH 公钥，并使用服务器私钥		      对该临时公钥进行签名。
Signature Algorithm: 签名算法
Signature:           服务器私钥签名

5. Certificate Request

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_parse_certificate_request();

握手协议：

Handshake Protocol: Certificate Request
    Handshake Type: Certificate Request (13)
    Length: 141
    Certificate types count: 3
    Certificate types (3 types)
        Certificate type: RSA Sign (1)
        Certificate type: DSS Sign (2)
        Certificate type: ECDSA Sign (64)
    Signature Hash Algorithms Length: 20
    Signature Hash Algorithms (10 algorithms)
        Signature Algorithm: ecdsa_secp521r1_sha512 (0x0603)
        Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
        Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
        Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
        Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
        Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
        Signature Algorithm: SHA256 DSA (0x0402)
        Signature Algorithm: ecdsa_sha1 (0x0203)
        Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
        Signature Algorithm: SHA1 DSA (0x0202)
    Distinguished Names Length: 113
    Distinguished Names (113 bytes)
        Distinguished Name Length: 111
        Distinguished Name: (id-at-commonName=ca.example.iwall.com,id-at-organizationalUnitName=CA,id-at-organizationName=IWall,id-at-localityName=HaiDian,id-at-stateOrProvinceName=BeiJing,id-at-countryName=CN)

6. Server Hello Done

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_parse_server_hello_done();

握手协议：

Transport Layer Security
    TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 4
        Handshake Protocol: Server Hello Done
            Handshake Type: Server Hello Done (14)
            Length: 0

7. Certificate

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_write_certificate();

握手协议：

TLSv1.2 Record Layer: Handshake Protocol: Certificate
    Content Type: Handshake (22)
    Version: TLS 1.2 (0x0303)
    Length: 475
    Handshake Protocol: Certificate
        Handshake Type: Certificate (11)
        Length: 471
        Certificates Length: 468
        Certificates (468 bytes)
            Certificate Length: 465
            Certificate: 308201cd30820172021475bda3ed4a9e4fcba43686b12069… (id-at-commonName=Android,id-at-organizationalUnitName=CLIENT,id-at-organizationName=IWall,id-at-localityName=HaiDian,id-at-stateOrProvinceName=BeiJing,id-at-countryName=CN)
                signedCertificate
                algorithmIdentifier (ecdsa-with-SHA256)
                Padding: 0
                encrypted: 3046022100d2ff654bad8f8c917bce6e61c7c0767c661cbf…

8. Client Key Exchange

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_write_client_key_exchange();

握手协议：

TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.2 (0x0303)
    Length: 70
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 66
        EC Diffie-Hellman Client Params
            Pubkey Length: 65
            Pubkey: 047b18a25c26f22f7cea0307b89dcb483167a9d3bdb21929…

9. Certificate Verify

资源路径：

Source: library/ssl_cli.c;
Func:   ssl_write_certificate_verify();

握手协议：

TLSv1.2 Record Layer: Handshake Protocol: Certificate Verify
    Content Type: Handshake (22)
    Version: TLS 1.2 (0x0303)
    Length: 79
    Handshake Protocol: Certificate Verify
        Handshake Type: Certificate Verify (15)
        Length: 75
        Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
            Signature Hash Algorithm Hash: SHA384 (5)
            Signature Hash Algorithm Signature: ECDSA (3)
        Signature length: 71
        Signature: 3045022100c6a116675a6b42fef04d673fe305a6f961ff1e…

函数说明：

Signature: 签名，使用客户端私钥对协议内容签名。

10. Change Cipher Spec

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_write_change_cipher_spec();

协议报文：

Transport Layer Security
    TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.2 (0x0303)
        Length: 1
        Change Cipher Spec Message

函数说明：

Change Cipher Spec Message: 客户端发送 ChangeCipherSpec 消息，表示客户端期望变更密码套件。
  
TLS1.3 内已经移除。

11. Encrypted Handshake Message （Finished）

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_write_finished();

协议报文：

Transport Layer Security
    TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 40
        Handshake Protocol: Encrypted Handshake Message

函数说明：

客户端发送 Finished 消息，表示握手过程已经完成。

12. Change Cipher Spec

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_parse_change_cipher_spec();

协议报文：

TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
    Content Type: Change Cipher Spec (20)
    Version: TLS 1.2 (0x0303)
    Length: 1
    Change Cipher Spec Message

函数说明：

服务器发送 Change Cipher Spec 消息，表示服务器期望切换密码套件。

13. Encrypted Handshake Message （Finished）

资源路径：

Source: library/ssl_cli.c;
Func:   mbedtls_ssl_parse_finished();

协议报文：

TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
    Content Type: Handshake (22)
    Version: TLS 1.2 (0x0303)
    Length: 40
    Handshake Protocol: Encrypted Handshake Message

函数说明：

服务器发送 Finish 消息，表示握手过程已经完成。

14. 消息报文

Transport Layer Security
    TLSv1.3 Record Layer: Application Data Protocol: http-over-tls
        Opaque Type: Application Data (23)
        Version: TLS 1.2 (0x0303)
        Length: 3172
        Encrypted Application Data: 3358e1ab02e292ef8a2734a7648250ec251dcc04c8a95504…