Cheatsheet: Difference between revisions

;SSL Record Overview

Record Format - Each record consists of a five-byte record header, followed by data.

Type

Version - VH,VL

Length - LH,LL

*Record Type - There are four record types in SSL:

Handshake

Change Cipher Spec

Alert

Application Data

*Version Details:

SSLv2 0x0002

SSLv3 0x0300.

TLSv1 0x0301.

*Record Length - 16-byte value, single record can be up to 65,535 (2^16 -1) bytes in length.

;Types of Records

*Handshake records:

Handshake records are not encrypted.

Handshake record that contains a finished message is always encrypted.

It always occurs after a Change Cipher Spec (CCS) record.

Hello Request (0)

Client Hello (1)

Server Hello (2)

Certificate (11)

Server Key Exchange (12)

Certificate Request (13)

Server Hello Done (14)

Certificate Verify (15)

Client Key Exchange (16)

Finished (20)

*Change Cipher Spec protocol:

CCS records are used in order to indicate a change in cryptographic ciphers.

Immediately after the CCS record, all data is encrypted with the new cipher.

Sent by both client and server in order to notify the receiving party that subsequent records are protected under the most recently negotiated Cipher Spec and keys.

Might or might not be encrypted; in a simple connection with single handshake, the CCS record is not encrypted.

*Finished Messages

Always sent immediately after a Change Cipher Spec message in order to verify that the key exchange and authentication processes were successful.

The Finished message is the first protected packet with the most recently negotiated algorithms, keys, and secrets.

No acknowledgment of the Finished message is required; parties can begin to send encrypted data immediately after they send the Finished message.

Recipients of Finished messages must verify that the contents are correct.

* Hello Request