Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Byte loại Tiếp theo là 3 byte để xác định chiều dài của cơ thể của thông báo bắt tay. Độ dài này được đo bằng byte và nó không bao gồm các loại hình, lĩnh vực chiều dài của tin nhắn. Phần còn lại của phần này mô tả mỗi thông điệp bắt tay cụ thể. Với một ngoại lệ, văn bản theo thứ tự của bảng 4-4. | 96 SSL TLS Essentials Securing the Web Record Layer Encrypted Figure 4-34 SSL can also use block encryption ciphers. information contains the length of the padding. After decrypting the block a recipient counts backward from the padding length byte to find the end of application data. 4.6.3 Creating Cryptographic Parameters The Secure Socket Layer s encryption and message authentication code algorithms rely on a collection of secret information known only to the communicating parties. Indeed establishing that information securely is one of the three major purposes of the ssl handshake. The other two are authenticating identity and negotiating cipher suites. The starting point for all the shared secret information is the master secret previously discussed in the context of the CertificateVerify message. The master secret is in turn based on the premaster secret. In most cases the client picks the premaster secret by generating a secure random number. The client then encrypts this value using the server s public key and sends it to the server in the ClientKeyExchange message. For Diffie-Hellman key exchange the result of the conventional Diffie-Hellman calculation serves as the premaster se Message Formats 97 cret. The ClientKeyExchange completes the Diffie-Hellman calculation. In all cases once the server has received the ClientKeyExchange message both parties know the same premaster secret. Each then takes the premaster secret and inputs it along with the random values each chose for its Hello message into secure hash functions. After combining the hash outputs in prescribed ways both systems will have the same master secret. Tables 4-9 and 4-10 show the details of these two processes. The first summarizes the rules for creating the premaster secret. Table 4-9 Creating the Premaster Secret Key Exchange Action RSA Client generates the premaster secret as 2 bytes containing the SSL version binary 3 and then 0 followed by 46 securely generated random bytes. Fortezza .