Skip to content

BinaryParadise/PracticeTLS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

PracticeTLS

网上的文字千千万,但是看完是不真的觉得自己都懂了呢?其实还是知其然而不知其所以然,不如从头开始自己动手用swift实现一遍TLS协议不就能更加深入的理解了。本文不讲理论只重实践Just do it.卷卷更健康

理论知识详见参考资料或自行谷歌,本文仅实现TLS 1.2、1.3协议的基本功能

调试工具: NSS Key Log & Wireshark

预览

git clone git@github.com:BinaryParadise/PracticeTLS.git
cd PracticeTLS
swift run
浏览器打开 http://127.0.0.1:8443

image

image

协议总览

Client                                               Server

ClientHello                  -------->
                                                ServerHello
                                               Certificate*
                                         ServerKeyExchange*
                                        CertificateRequest*
                             <--------      ServerHelloDone
Certificate*
ClientKeyExchange
CertificateVerify*
[ChangeCipherSpec]
Finished                     -------->
                                         [ChangeCipherSpec]
                             <--------             Finished
Application Data             <------->     Application Data

* 可选、视情况而定

image

TLS 1.2握手过程图解

image

协议报文(TLS 1.2 rfc5246)

名称 占用字节 说明
Content Type 1 协议类型
Version 2 TLS版本号
Length 2 协议体字节数
Handshake Type 1 握手协议类型
Length 3 握手协议内容字节数
... n 内容字段

1.Client Hello

image

2.Server Hello

image

3.Certificate

image

4.Server Key Exchange

image

5.Server Hello Done

6.Client Key Exchange

image

7.Change Cipher Spec

Encrypted Handshake Message

image

8.Change Cipher Sepc

9.Encrypted Handshake Message

10.Application Data...

image

密匙推导过程

PRF&HKDF

TLS_RSA_WITH_AES_128_GCM_SHA256

master_secret = PRF(ClientKeyExchange.pre_master_secret, "master secret", ClientHello.random + ServerHello.random)[0..47];

key_block = PRF(SecurityParameters.master_secret, "key expansion", SecurityParameters.server_random + SecurityParameters.client_random);

client_write_MAC_key[SecurityParameters.mac_key_length]
server_write_MAC_key[SecurityParameters.mac_key_length]
client_write_key[SecurityParameters.enc_key_length]
server_write_key[SecurityParameters.enc_key_length]
client_write_IV[SecurityParameters.fixed_iv_length]
server_write_IV[SecurityParameters.fixed_iv_length]

TLS 1.2 & 1.3参考资料

SwiftTLS

图解 HTTPS:RSA 握手过程

SSL/TLS协议详解

从Chrome源码看HTTPS

AES-GCM 加密简介

TLS1.2 PreMasterSecret And MasterSecret

图解 ECDHE 密钥交换算法 TLS 1.3 Handshake Protocol ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) TLS1.3---密钥的计算... HTTPS 温故知新(五) —— TLS 中的密钥计算

HTTP2

HTTP/2 简介 HTTP2 详解

扩展阅读

SSL/TLS协议详解(上):密码套件,哈希,加密,密钥交换算法