如何在 ssl 密钥交换期间查看wireshark中的加密密钥? [英] How to see the encrypted key in wireshark, during ssl key exchange?

问题描述

在wireshark中，我可以在我的PC上来回查看加密数据.它不使用 diffie hellman 算法进行密钥交换，因为我只看到 Client Key Exchange 数据包，但有 no Server Key Exchange 数据包.这意味着浏览器正在将加密的密钥发送到服务器(使用服务器的公钥加密).
但是我在该数据包中没有看到任何加密数据(客户端密钥交换").如何查看加密密钥?

In wireshark, I am able to see the encrypted data to and fro from my PC. It does not use diffie hellman algorihm for key exchange because I see only the Client Key Exchange packet but there is no Server Key Exchange packet. That means the browser is sending the encrypted key to the server(encrypted using the server's public key).
But I do not see any encrypted data in that packet("Client Key Exchange"). How to view the encrypted key?

推荐答案

直到最近 ClientKeyExchange 的剖析是这样的(1.6 及以下版本):

Until recently the dissection of the ClientKeyExchange was like this(version 1.6 and below):

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130

但如果你使用this verison(1.7.2 以上)，关键剖析将是像这样:

But if you use this verison(1.7.2 upwards) the key dissection will be like this:

TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
    Content Type: Handshake (22)
    Version: TLS 1.0 (0x0301)
    Length: 134
    Handshake Protocol: Client Key Exchange
        Handshake Type: Client Key Exchange (16)
        Length: 130
        RSA Encrypted PreMaster Secret
            Encrypted PreMaster length: 128
            Encrypted PreMaster: 761b1beac35e59de9a3bb9f74ebf9109b738e8ad346

可以看到加密的pre-master:)

You can see the encrypted pre-master:)

这篇关于如何在 ssl 密钥交换期间查看wireshark中的加密密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！