5,530
社区成员
发帖
与我相关
我的任务
分享SSL中使用TLS_DHE_RSA_WITH_AES_256_CBC_SHA总是返回MAC错误
根据rfc5246实现一个SSL的加密套件TLS_DHE_RSA_WITH_AES_256_CBC_SHA。各种数据如下:
DEH:
从服务器返回的数据如下:
P=bb:bc:2d:ca:d8:46:74:90:7c:43:fc:f5:80:e9:cf:db:d9:58:a3:f5:68:b4:2d:4b:08:ee:d4:eb:0f:b3:50:4c:6c:03:02:76:e7:10:80:0c:5c:cb:ba:a8:92:26:14:c5:be:ec:a5:65:a5:fd:f1:d2:87:a2:bc:04:9b:e6:77:80:60:e9:1a:92:a7:57:e3:04:8f:68:b0:76:f7:d3:6c:c8:f2:9b:a5:df:81:dc:2c:a7:25:ec:e6:62:70:cc:9a:50:35:d8:ce:ce:ef:9e:a0:27:4a:63:ab:1e:58:fa:fd:49:88:d0:f6:5d:14:67:57:da:07:1d:f0:45:cf:e1:6b:9b
g=02
server public key Yb=76:47:a0:f2:2f:17:19:b1:cd:9d:b7:ac:f0:36:d8:9c:9b:20:90:1c:16:5a:c3:cf:09:ca:e3:91:ec:3a:9a:71:be:4d:50:fa:c4:fa:83:29:2f:f8:d8:f4:d6:2f:49:29:0c:a7:b9:93:5c:3f:56:98:24:6c:35:b8:21:29:f9:d7:2e:8e:26:df:88:bb:bd:b0:30:38:23:61:e6:2f:84:01:83:4d:aa:48:5a:a3:42:2f:93:f3:cb:c8:b5:1b:b7:7d:6b:4b:7f:9a:31:30:73:d7:ed:7e:b8:55:1b:b1:7a:c2:7c:81:19:bd:ce:08:0a:17:da:92:28:57:8c:bf:57:4e
我自己的X为04:00
计算并发送给服务端的client public key[(g^X) mod p] Ya=44:43:d2:35:27:b9:8b:6f:83:bc:03:0a:7f:16:30:24:26:a7:5c:0a:97:4b:d2:b4:f7:11:2b:14:f0:4c:af:b3:93:fc:fd:89:18:ef:7f:f3:a3:34:45:57:6d:d9:eb:3a:41:13:5a:9a:5a:02:0e:2d:78:5d:43:fb:64:19:88:7f:9f:16:e5:6d:58:a8:1c:fb:70:97:4f:89:08:2c:93:37:0d:64:5a:20:7e:23:d3:58:da:13:19:9d:8f:33:65:af:ca:27:31:31:10:61:5f:d8:b5:9c:54:e1:a7:05:02:b6:77:2f:09:a2:eb:98:a8:25:f8:e2:0f:ba:30:1e:94:65
计算得到的K为[(Yb^X) mod p]
K=AF 77 96 27 AB A0 92 D4 69 A3 E3 C3 D7 37 98 BA 64 ED 00 99 62 99 28 95 AE 40 4D BC 2F E5 2B 71 CB 46 65 78 C8 88 58 E2 B7 A8 69 F7 71 38 76 68 7D 2E 1E AF F4 D6 2D 94 36 98 88 2B 82 2F E1 A9 86 B6 58 0C 2C 89 80 6E 54 21 B6 D9 0C 8D 9E 81 51 A6 F7 2F 6B D1 01 D0 C3 D7 75 DB AA 63 CC CE 0A BC CB E8 41 22 16 1E E9 0E C5 DA B6 F6 F6 47 47 F4 1D E4 F0 A8 6D 5D D6 73 39 10 79 52 1E B9
client_ramdon
50 48 7C 7B 7A 22 CB 74 1D C5 6E 17 BF 68 11 B9
62 0B B4 5C 05 AE 56 C7 70 18 C1 6A 12 BB 64 0C
server_ramdon
50 48 0C 01 7D 95 29 37 81 09 55 E7 42 BF 77 5D
7C 16 26 C0 9B 18 EC 98 7B 34 26 2A B8 9E 5C A6
将K作为per master secret生成master secret为[master secret=RPF(per_master_secret,'master secret',client_ramdon+server_ramdon,48)]
master_secret=86 51 7A 35 49 31 62 C4 22 FE CC 45 5E 90 C1 FC FC 2D B3 9A 36 08 DE E9 E6 04 2E 9C 7F 95 0A 98 71 87 2C 0A 9D 45 55 FD FA EF 54 BA 48 BB 93 8C
因为加密套件为AES_256_CBC_SHA,所以需要136字节的keyblock
根据master secret生成keyblock为[keyblock=RPF(master_secret,'key expansion',server_ramdon+client_ramdon,136)]
keyblock=B4 B1 47 EE 8F E8 1C A6 65 12 3F 97 C7 1D 2B 5E
E2 4E 45 BE B3 DE 73 A0 2D 38 AC EA 5C 51 DD 3A
E8 34 E0 F3 93 ED 83 01 CD 24 04 25 62 55 FF AF
BC DE 87 C6 93 93 45 D0 9D 0A DE 6D D8 DF B5 3E
5A 1E D1 47 45 37 35 5E A1 B5 22 44 DC C6 C3 2C
45 91 19 DC D2 11 38 F9 72 36 13 81 17 0B 10 64
C3 02 04 5C 9D BC 5E E9 5B F7 45 9A 5A 9C 4B 06
CA 3F 33 82 A9 41 49 93 D0 A1 24 93 8F EC A9 04
7C CB 98 B4 E4 C7 A2 AF
分解keyblock得到如下值
client_mac_secret=B4B147EE8FE81CA665123F97C71D2B5EE24E45BE
client_iv=5BF7459A5A9C4B06CA3F3382A9414993
生成的clientVerifyData=1400000CE26481255CEE405EA38805DB
使用sha算法计算clientVerifyData
计算得到的MAC=a01c02dd9fbb9d6f80d9571a6270feaa11710181
使用加密算法AES_256_CBC加密clientVerifyData+MAC
密匙使用client_mac_secret,向量使用client_iv,
得到的值为
EA EA 7D FF A3 02 85 2E E0 28 C9 6C 1D E2 EA 98 F8 73 88 D8 17 1E 02 C8 BF 28 01 95 60 A1 F0 4C 59 1E 9B 93 B0 4F 73 AE 81 4E 07 07 34 8F D9 D1
发往服务器验证总是返回15 03 01 00 02 02 14,即MAC验证不正确。
分析原因可能如下:
1.AES密匙或向量计算错误
2.MAC计算错误
因为看不到服务器的验证过程。所以无法得知。求大神指点哪里错了?
分不多。要发往好几个区。解决了一并给。
DEH:
从服务器返回的数据如下:
P=bb:bc:2d:ca:d8:46:74:90:7c:43:fc:f5:80:e9:cf:db:d9:58:a3:f5:68:b4:2d:4b:08:ee:d4:eb:0f:b3:50:4c:6c:03:02:76:e7:10:80:0c:5c:cb:ba:a8:92:26:14:c5:be:ec:a5:65:a5:fd:f1:d2:87:a2:bc:04:9b:e6:77:80:60:e9:1a:92:a7:57:e3:04:8f:68:b0:76:f7:d3:6c:c8:f2:9b:a5:df:81:dc:2c:a7:25:ec:e6:62:70:cc:9a:50:35:d8:ce:ce:ef:9e:a0:27:4a:63:ab:1e:58:fa:fd:49:88:d0:f6:5d:14:67:57:da:07:1d:f0:45:cf:e1:6b:9b
g=02
server public key Yb=76:47:a0:f2:2f:17:19:b1:cd:9d:b7:ac:f0:36:d8:9c:9b:20:90:1c:16:5a:c3:cf:09:ca:e3:91:ec:3a:9a:71:be:4d:50:fa:c4:fa:83:29:2f:f8:d8:f4:d6:2f:49:29:0c:a7:b9:93:5c:3f:56:98:24:6c:35:b8:21:29:f9:d7:2e:8e:26:df:88:bb:bd:b0:30:38:23:61:e6:2f:84:01:83:4d:aa:48:5a:a3:42:2f:93:f3:cb:c8:b5:1b:b7:7d:6b:4b:7f:9a:31:30:73:d7:ed:7e:b8:55:1b:b1:7a:c2:7c:81:19:bd:ce:08:0a:17:da:92:28:57:8c:bf:57:4e
我自己的X为04:00
计算并发送给服务端的client public key[(g^X) mod p] Ya=44:43:d2:35:27:b9:8b:6f:83:bc:03:0a:7f:16:30:24:26:a7:5c:0a:97:4b:d2:b4:f7:11:2b:14:f0:4c:af:b3:93:fc:fd:89:18:ef:7f:f3:a3:34:45:57:6d:d9:eb:3a:41:13:5a:9a:5a:02:0e:2d:78:5d:43:fb:64:19:88:7f:9f:16:e5:6d:58:a8:1c:fb:70:97:4f:89:08:2c:93:37:0d:64:5a:20:7e:23:d3:58:da:13:19:9d:8f:33:65:af:ca:27:31:31:10:61:5f:d8:b5:9c:54:e1:a7:05:02:b6:77:2f:09:a2:eb:98:a8:25:f8:e2:0f:ba:30:1e:94:65
计算得到的K为[(Yb^X) mod p]
K=AF 77 96 27 AB A0 92 D4 69 A3 E3 C3 D7 37 98 BA 64 ED 00 99 62 99 28 95 AE 40 4D BC 2F E5 2B 71 CB 46 65 78 C8 88 58 E2 B7 A8 69 F7 71 38 76 68 7D 2E 1E AF F4 D6 2D 94 36 98 88 2B 82 2F E1 A9 86 B6 58 0C 2C 89 80 6E 54 21 B6 D9 0C 8D 9E 81 51 A6 F7 2F 6B D1 01 D0 C3 D7 75 DB AA 63 CC CE 0A BC CB E8 41 22 16 1E E9 0E C5 DA B6 F6 F6 47 47 F4 1D E4 F0 A8 6D 5D D6 73 39 10 79 52 1E B9
client_ramdon
50 48 7C 7B 7A 22 CB 74 1D C5 6E 17 BF 68 11 B9
62 0B B4 5C 05 AE 56 C7 70 18 C1 6A 12 BB 64 0C
server_ramdon
50 48 0C 01 7D 95 29 37 81 09 55 E7 42 BF 77 5D
7C 16 26 C0 9B 18 EC 98 7B 34 26 2A B8 9E 5C A6
将K作为per master secret生成master secret为[master secret=RPF(per_master_secret,'master secret',client_ramdon+server_ramdon,48)]
master_secret=86 51 7A 35 49 31 62 C4 22 FE CC 45 5E 90 C1 FC FC 2D B3 9A 36 08 DE E9 E6 04 2E 9C 7F 95 0A 98 71 87 2C 0A 9D 45 55 FD FA EF 54 BA 48 BB 93 8C
因为加密套件为AES_256_CBC_SHA,所以需要136字节的keyblock
根据master secret生成keyblock为[keyblock=RPF(master_secret,'key expansion',server_ramdon+client_ramdon,136)]
keyblock=B4 B1 47 EE 8F E8 1C A6 65 12 3F 97 C7 1D 2B 5E
E2 4E 45 BE B3 DE 73 A0 2D 38 AC EA 5C 51 DD 3A
E8 34 E0 F3 93 ED 83 01 CD 24 04 25 62 55 FF AF
BC DE 87 C6 93 93 45 D0 9D 0A DE 6D D8 DF B5 3E
5A 1E D1 47 45 37 35 5E A1 B5 22 44 DC C6 C3 2C
45 91 19 DC D2 11 38 F9 72 36 13 81 17 0B 10 64
C3 02 04 5C 9D BC 5E E9 5B F7 45 9A 5A 9C 4B 06
CA 3F 33 82 A9 41 49 93 D0 A1 24 93 8F EC A9 04
7C CB 98 B4 E4 C7 A2 AF
分解keyblock得到如下值
client_mac_secret=B4B147EE8FE81CA665123F97C71D2B5EE24E45BE
client_iv=5BF7459A5A9C4B06CA3F3382A9414993
生成的clientVerifyData=1400000CE26481255CEE405EA38805DB
使用sha算法计算clientVerifyData
计算得到的MAC=a01c02dd9fbb9d6f80d9571a6270feaa11710181
使用加密算法AES_256_CBC加密clientVerifyData+MAC
密匙使用client_mac_secret,向量使用client_iv,
得到的值为
EA EA 7D FF A3 02 85 2E E0 28 C9 6C 1D E2 EA 98 F8 73 88 D8 17 1E 02 C8 BF 28 01 95 60 A1 F0 4C 59 1E 9B 93 B0 4F 73 AE 81 4E 07 07 34 8F D9 D1
发往服务器验证总是返回15 03 01 00 02 02 14,即MAC验证不正确。
分析原因可能如下:
1.AES密匙或向量计算错误
2.MAC计算错误
因为看不到服务器的验证过程。所以无法得知。求大神指点哪里错了?
分不多。要发往好几个区。解决了一并给。
...全文
请发表友善的回复…
发表回复
firstroot 2012-09-06
- 打赏
- 举报
顶一下。期待大牛~~~
