Hello,
I have been playing with an the command line tools of open SSL and am
examining traces in hopes to get an understanding of how ECDHE works
in real life.
My confusion focuses on the Client Key Exchange, Change Cipher Spec,
Encrypted Handshake message.
The server has selected:
TLS_ECDHE_ECDSA_WITH_AES256_CBC_SHA (0x00a) for the cipher suite.
My EC Public Key is: (from my certificate)
04:b9:53:3e:60:db:02:2c:6e:c4:ed:15:95:87:26:
1b:c9:96:ae:c9:a8:64:03:3a:6a:8d:14:ce:69:05:
fc:4b:ea:4c:ed:a1:7f:6e:9f:37:74:20:f0:42:e2:
69:a0:02:48
The algorithm is:
ASN1 OID: prime192v1
So, to make this short, what exactly is contained in the:
- Client Key Exchange message?
Is this the clients 'public key', so should be the same size
as the server public key?
- Change cipher spec.
Does this tell the server server to switch to the AES256?
- Encrypted handshake message?
Does this contain a new key with which to use with AES256?
Thank you, I appreciate any help.
Mike
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
