Shulou(Shulou.com)06/03 Report--

This article focuses on "HTTPS request process analysis", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Now let the editor to take you to learn "HTTPS request process analysis"!

HTTPS browser and server interaction process

Cut the crap, pictured above. Just Show Photo.

Introduction to WireShark process of TCP+TLS introduction to 1.TLS [TLS1.2 as template]

The differences between the various versions of tls are not discussed too much in this article. Just to let you know the whole encryption process of tls.

Ietf's paper https://tools.ietf.org/html/rfc5246#section-7.3

As shown in the following figure: the interaction process of TLS is relatively simple, which only requires two separate handshakes in the interactive life.

WireShark's TLS packet capture process. Request coolshell.com to grab the data of the package.

I introduce each step in detail according to the package grabbing process of tls. Follow the previous flowchart, and then follow each step to explain. This flow chart shall prevail according to the wireshark package grab.

1.1 Client Hello

When the link is established for the first time, the client sends the message to the server first. Because the client supports different encryption algorithms, you need to send the supported cipher suite [Cipher Suites] information and generate a random number [Random]. The figure below is as follows

1.2 Server Hello

After receiving the Client Hello message from the server, select an encryption algorithm from the cipher suite. If the server does not find a supported algorithm, an error message is returned. Returns a random number [Random]

1.2.1 Certifate, Server Key Exchange, Server Hello Done

Certifate: initiates a CA authentication digital certificate to the client to authenticate the server identity

Server Hello Done: the server announces the end of the first phase handshake protocol with the client

Server Key Exhchange [optional]: if CA's certified digital certificate does not provide enough information, the server sends supplementary information

1.3 Client Key Exchange,Change Cipher Spec, Encrypted Handshake Message

Client Key Exhchange: the client receives the CA digital certificate and passes the authentication, and then obtains the server public key through CA public key decryption. The Client Key Exchange message contains a random number, which is called pre-master key / secret. Indicates a notification that subsequent information is sent using the encryption method key agreed upon by both parties.

There is also a negotiated hash algorithm that calculates the hash value of all the previous content information. Used to provide server-side verification. This information is transmitted to the server through the server's public key encryption.

Change Cipher Spec: the message informs the server that the subsequent communication will be encrypted by calculating the symmetric key through the negotiated encryption algorithm. [using two random numbers and a third pre-master key/secret random number to calculate a symmetric key session key/secret] the key information is sent later.

Encrypted Handshake Message: sent by the client or server, which belongs to TLS handshake, and is also sent immediately after Key Exchange. Here is a test, one side encrypts a fixed message to the other with its own newly generated key, and if the key agreement is correct, the other side should be able to decrypt it. The plaintext of this encrypted content is generally stipulated in the agreement, and both sides know it.

In the following figure, Application Data has a symmetric key with encrypted data.

At this point, I believe you have a deeper understanding of "HTTPS request process analysis". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.