本文介绍了在ssh密钥交换过程中如何看到wirehark中的加密密钥?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在wirehark中,我可以看到加密的数据来自我的电脑。因为我只看到客户端密钥交换数据包。这意味着浏览器将加密的密钥发送到服务器(使用服务器的公钥加密)。

但是我没有看到该数据包中的加密数据(客户端密钥交换)。如何查看加密密钥?

In wireshark, I am able to see the encrypted data to and fro from my PC. It does not use diffie hellman algorihm for key exchange because I see only the Client Key Exchange packet but there is no Server Key Exchange packet. That means the browser is sending the encrypted key to the server(encrypted using the server's public key).
But I do not see any encrypted data in that packet("Client Key Exchange"). How to view the encrypted key?

推荐答案

直到最近,ClientKeyExchange的解剖是这样的(1.6及以下版本):

Until recently the dissection of the ClientKeyExchange was like this(version 1.6 and below):

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130

但是如果您使用 verison(1.7.2以上)的关键解剖将是这样的:

But if you use this verison(1.7.2 upwards) the key dissection will be like this:

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130
        RSA Encrypted PreMaster Secret
            Encrypted PreMaster length: 128
            Encrypted PreMaster: 761b1beac35e59de9a3bb9f74ebf9109b738e8ad346


您可以看到加密的预先格式:)


You can see the encrypted pre-master:)

这篇关于在ssh密钥交换过程中如何看到wirehark中的加密密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-05 15:43