Richard Kao wrote:
Hi,
From rfc2246, a struct for server hello is like this. It will be also
helpful to know about the length for each field in the struct. Can
anybody give a hint?
--------------------
From RFC2246
--------------------
7.4.1.3. Server hello
When this message will be sent:
The server will send this message in response to a client hello
message when it was able to find an acceptable set of algorithms.
If it cannot find such a match, it will respond with a handshake
failure alert.
Structure of this message:
struct {
ProtocolVersion server_version;
Random random;
SessionID session_id;
CipherSuite cipher_suite;
CompressionMethod compression_method;
} ServerHello;
The simple explanation goes something like this..
TLS defines some data types of known length (like int16) those will not
have a length field before, the decoder just reads off that many bytes
and gets the value.
Then there are things called variable length vectors, written as
Type typename[low...high]
where low, high are in bytes and their encoding will have a length field
big enough to hold the value 'high'.
Eg:
uint8 random[1..2^16-1]
will be encoded as
00 05 11 22 33 44 55
where the first 2 bytes( cos that's how much u need to hold 2^16-1) are
length of what comes later.
Hope that helps.
-jb
-----------------------------
By sniffing the packet, I can see a server hello byte by byte:
These three fields occupy five bytes long,
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 74
and the server hello itself is 74 bytes long. Since "5" is not wrote
into the packet, I'm not sure if it's standard for other SSL versions.
******************************************************************
Secure Socket Layer
SSLv3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 74
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 70
Version: SSL 3.0 (0x0300)
Random.gmt_unix_time: Apr 3, 2006 15:16:06.000000000
Random.bytes
Session ID Length: 32
Session ID (32 bytes)
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
Compression Method: null (0)
SSLv3 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 985
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 981
Certificates Length: 978
Certificates (978 bytes)
Certificate Length: 975
Certificate:
30820338A00302010202105A7341E94B5AA4529CEBC57DBD...
SSLv3 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 4
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
******************************************************************
Thanks,
-Rick
From: jimmy <[EMAIL PROTECTED]>
Reply-To: [email protected]
To: [email protected]
Subject: Re: How long is the server hello header?
Date: Tue, 04 Apr 2006 14:27:00 +0530
Richard Kao wrote:
Hi I'm a newbie to openssl. This is actually a question about
concept, and I hope this is the place I can ask this question.
Basically speaking, I'm trying to get the pointer to Certificate in a
raw Server Hello packet on the Client side. So far when the client
receives a Server Hello, I can get the pointer to the first byte of
Secure Socket Layer, from there I see there is a server hello header
before the actual Certificate data. In order to get the pointer to
Certificate, I need to learn the structure (length) of this server
hello header. Which part of code in Openssl I can learn from for
reference purpose?
Maybe it'll be easier to discern the structure of the msgs from the
struct definitions in rfc2246.
-jb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's
FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
