JSSE包装会创建两个需要两个包装的tls数据包.为什么? [英] JSSE wrap creates two tls packets requiring two unwraps. Why?
问题描述
我正在使用连接的openssl客户端检查Java应用程序在jsse tls加密和解密方面的行为.
I am inspecting the behavior of our java application with respect to jsse tls encryption and decryption with a connected openssl client.
首先,我观察到当我为客户端数据调用unwrap时,它总是以37个字节的字节进行包装并产生0.下一个unwrap会消耗一些字节并产生一些字节.
First I observed that when I call unwrap for client data, it always unwraps consuming 37 bytes and producing 0. The next unwrap consumes some bytes and produces some.
起初我以为客户端会先包装一个空数组. 但是后来我发现jsse代码执行相同的操作,除了它产生1个字节而不是0个字节.
At first I thought the client would wrap an empty array first. But then I discovered that the jsse code does the same, except it produces 1 byte instead of 0.
因此,每次对wrap的调用都消耗X个字节并产生Y个字节,但需要两个unwrap s,而第一个调用消耗37个字节并产生1个字节,而第二个消耗Y-37个字节并产生X-1字节.
So every call to a wrap consumes X bytes and produces Y bytes but requires TWO unwraps while the first one consumes 37 bytes and produces 1 byte and the second one consumes Y-37 bytes and produces X-1 bytes.
虽然openssl和jsse的功能几乎相同,但我希望这是正确的. 但是我想知道,为什么会这样. 我看不出原因,并且需要更多资源...?
While openssl and jsse are doing nearly the same, I expect that to be correct. However I would like to know, why that happens. I don't see a reason for that and it takes additional resources...?
推荐答案
您看到的是缓解BEAST攻击的两种略有不同的方法.一种方法是使用一个空片段,就像使用OpenSSL一样. JSSE通过发送1个字节的数据并分别发送其余字节来执行类似的操作.
What you're seeing is two slightly different ways of mitigating the BEAST attack. One way of doing this is to use an empty fragment as it's done with OpenSSL. The JSSE does something similar by sending 1 byte of data and the rest separately.
以下是一些您可能感兴趣的链接:
Here are a few links that may be of interest:
- This answer to a similar question.
- Beat the BEAST with TLS 1.1/1.2 and More.
- The BEAST summary - TLS, CBC, Countermeasures (Update 4).
- Tor and the BEAST SSL attack.
这篇关于JSSE包装会创建两个需要两个包装的tls数据包.为什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
