A little ssl
-
Upload
yang-bingwu -
Category
Technology
-
view
52 -
download
3
Transcript of A little ssl
-
A Little SSL/[email protected]
2017/03/09
-
SSL Secure Sockets Layer, Netscape1994, Web
-
TLS Transport Layer Security, 1999 RFC 2246 SSL 3.0
-
SSL TLS TLS
-
TLS OpenSSLGoogle BoringSSLOracle JSSEAmazon S2nMicrosoft SChannelApple Secure Transport
-
TLS TLS .
record layerchange_cipher_spec
record layeralert
record layerhandshake
record layerapplication_data
-
struct { uint8 major, minor; } ProtocolVersion;
enum { change_cipher_spec(20), alert(21), handshake(22), application_data(23), (255) } ContentType;
struct { ContentType type; ProtocolVersion version; uint16 length; opaque fragment[TLSPlaintext.length]; } TLSPlaintext;
-
TLS
-
Client Hello
-
Client Hello
-
Cipher Suite
-
Server Name
-
Server Hello
-
Server Hello
-
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
-
TLS
-
cipher suite
-
cipher suite 4
1. key exchange algorithm () 2. authentication method () 3. bulk encryption cipher () 4. message authentication code () 5. pseudorandom function
-
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
: ECDHE : RSA : AES_128_GCM MAC SHA256
-
cipher suite IANA
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-
parameters-4
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
-
Server Certificate
-
Chrome Firefox mozilla https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt Linux /etc/ssl/certs/ca-bundle.trust.crt https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
-
Certificate Request( (Client Certificate)
-
Server Key Exchange Message
Server Certificate premaster secret
-
Server Hello Done
-
Client Certificate()
-
Client Key Exchange Message
-
Encrypted Handshake Message
-
Change Cipher Spec Protocol
-
Application Data
-
TLS Application Data
-
master key
-
master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)
ClientHello.random ServerHello.random pre_master_secret
-
RSA
-
pre_master_secret, pre_master_secret.
TLS
-
RSA
pre master key (Forward Secrecy), HTTP2 SSL Perfect Forward Secrecy
-
DH
-
pre master key, DH DH pre master key pre master key
-
SSLKEYLOGFILE
TLS master key wireshark TLS
-
TLS
-
1. 2. 3. 4. TLS
-
1.
-
2. ECC
ECCElliptic Curve Cryptography256 ECC Key 3072 RSA Key.
-
ECC
1. ECC 2.
-
ARM ChaCha20-Poly1305 ARM
intel AES-GCM Intel AES NIAdvanced Encryption Standard new instructions x86 AES
-
1. TLS session id
session id
2. TLS session ticket
session ticket session ticket
-
TLS
RTT
-
False Start
TLS False Start
ChromeFirefoxNPN/ALPN cipher suite Forward Secrecy
-
OCSP Stapling OCSP CRL
-
TLS 1.3 Chrome Firefox TLS 1.3