问题描述
在wirehark中,我可以看到加密的数据来自我的电脑。因为我只看到客户端密钥交换密钥交换
数据包。这意味着浏览器将加密的密钥发送到服务器(使用服务器的公钥加密)。
但是我没有看到该数据包中的加密数据(客户端密钥交换)。如何查看加密密钥?
In wireshark, I am able to see the encrypted data to and fro from my PC. It does not use diffie hellman algorihm for key exchange because I see only the Client Key Exchange
packet but there is no Server Key Exchange
packet. That means the browser is sending the encrypted key to the server(encrypted using the server's public key).
But I do not see any encrypted data in that packet("Client Key Exchange"). How to view the encrypted key?
推荐答案
直到最近,ClientKeyExchange的解剖是这样的(1.6及以下版本):
Until recently the dissection of the ClientKeyExchange was like this(version 1.6 and below):
TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 134
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 130
但是如果您使用 verison(1.7.2以上)的关键解剖将是这样的:
But if you use this verison(1.7.2 upwards) the key dissection will be like this:
TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 134
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 130
RSA Encrypted PreMaster Secret
Encrypted PreMaster length: 128
Encrypted PreMaster: 761b1beac35e59de9a3bb9f74ebf9109b738e8ad346
您可以看到加密的预先格式:)
You can see the encrypted pre-master:)
这篇关于在ssh密钥交换过程中如何看到wirehark中的加密密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!