如何解决HTTPS 握手调试
Wireshark 有没有调试握手通信的方法,我只需要检查操作是否正确,我在 MCU 中集成了 TLS 并且想向我的服务器发送 GET 请求,我可以看到操作Wireshark 中的handeshark,加密数据发送到服务器,但是在服务器端,我没有看到任何记录添加到MysqL数据库中。
请看这张图片:
wireshark handshake screenshot
*欲了解更多信息,请参阅我的第二篇文章有点相关:stackoverflow
日志:
No. Time Source Destination Protocol Length Info
2637 33.855902 192.168.1.4 45.84.204.10 TLSv1.2 120 Client Hello
Frame 2637: 120 bytes on wire (960 bits),120 bytes captured (960 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},id 0
Ethernet II,Src: IntelCor_7b:8a:77 (2c:6e:85:7b:8a:77),Dst: HuaweiTe_7c:8f:66 (64:2c:ac:7c:8f:66)
Internet Protocol Version 4,Src: 192.168.1.4,Dst: 45.84.204.10
Transmission Control Protocol,Src Port: 63991,Dst Port: 443,Seq: 1,Ack: 1,Len: 66
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 61
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 57
Version: TLS 1.2 (0x0303)
Random: 4e3ea400d95c40913a10c5b8394761c17351f121497bab2c…
GMT Unix Time: Aug 7,2011 21:41:04.000000000 SE Asia Standard Time
Random Bytes: d95c40913a10c5b8394761c17351f121497bab2cd902d9c3…
Session ID Length: 0
Cipher Suites Length: 6
Cipher Suites (3 suites)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 10
Extension: signature_algorithms (len=6)
Type: signature_algorithms (13)
Length: 6
Signature Hash Algorithms Length: 4
Signature Hash Algorithms (2 algorithms)
Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
Signature Algorithm: SHA224 RSA (0x0301)
No. Time Source Destination Protocol Length Info
2682 34.102896 45.84.204.10 192.168.1.4 TLSv1.2 1078 Server Hello
Frame 2682: 1078 bytes on wire (8624 bits),1078 bytes captured (8624 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Src: HuaweiTe_7c:8f:66 (64:2c:ac:7c:8f:66),Dst: IntelCor_7b:8a:77 (2c:6e:85:7b:8a:77)
Internet Protocol Version 4,Src: 45.84.204.10,Dst: 192.168.1.4
Transmission Control Protocol,Src Port: 443,Dst Port: 63991,Ack: 67,Len: 1024
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 81
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 77
Version: TLS 1.2 (0x0303)
Random: 609e9998b95481a4551fe5cdf796856b14cdc268405d9ad5…
GMT Unix Time: May 14,2021 22:39:04.000000000 SE Asia Standard Time
Random Bytes: b95481a4551fe5cdf796856b14cdc268405d9ad5444f574e…
Session ID Length: 32
Session ID: 417862426c4f746e79dd6e68aedaff40d27d175f688b1a83…
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Compression Method: null (0)
Extensions Length: 5
Extension: renegotiation_info (len=1)
Type: renegotiation_info (65281)
Length: 1
Renegotiation Info extension
No. Time Source Destination Protocol Length Info
2872 35.805250 45.84.204.10 192.168.1.4 TLSv1.2 252 Certificate,Server Hello Done
Frame 2872: 252 bytes on wire (2016 bits),252 bytes captured (2016 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Seq: 5121,Len: 198
[6 Reassembled TCP Segments (5223 bytes): #2682(938),#2683(1024),#2731(1024),#2732(1024),#2871(1024),#2872(189)]
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 5218
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 5214
Certificates Length: 5211
Certificates (5211 bytes)
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 4
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
No. Time Source Destination Protocol Length Info
3070 39.245136 192.168.1.4 45.84.204.10 TLSv1.2 321 Client Key Exchange
Frame 3070: 321 bytes on wire (2568 bits),321 bytes captured (2568 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Seq: 67,Ack: 5319,Len: 267
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 262
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 258
RSA Encrypted PreMaster Secret
No. Time Source Destination Protocol Length Info
3085 39.493438 192.168.1.4 45.84.204.10 TLSv1.2 60 Change Cipher Spec
Frame 3085: 60 bytes on wire (480 bits),60 bytes captured (480 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Seq: 334,Len: 6
Transport Layer Security
TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.2 (0x0303)
Length: 1
Change Cipher Spec Message
No. Time Source Destination Protocol Length Info
3090 39.559920 192.168.1.4 45.84.204.10 TLSv1.2 99 Encrypted Handshake Message
Frame 3090: 99 bytes on wire (792 bits),99 bytes captured (792 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Seq: 340,Len: 45
Transport Layer Security
TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 40
Handshake Protocol: Encrypted Handshake Message
No. Time Source Destination Protocol Length Info
3099 39.842679 45.84.204.10 192.168.1.4 TLSv1.2 105 Change Cipher Spec,Encrypted Handshake Message
Frame 3099: 105 bytes on wire (840 bits),105 bytes captured (840 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Seq: 5319,Ack: 385,Len: 51
Transport Layer Security
TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.2 (0x0303)
Length: 1
Change Cipher Spec Message
TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 40
Handshake Protocol: Encrypted Handshake Message
No. Time Source Destination Protocol Length Info
3122 40.259176 192.168.1.4 45.84.204.10 TLSv1.2 181 Application Data
Frame 3122: 181 bytes on wire (1448 bits),181 bytes captured (1448 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Src Port: 63992,Len: 127
Transport Layer Security
TLSv1.2 Record Layer: Application Data Protocol: http-over-tls
Content Type: Application Data (23)
Version: TLS 1.2 (0x0303)
Length: 122
Encrypted Application Data: 0000000000000001a3bc5fda47bb853433419dc3a8e63df6…
No. Time Source Destination Protocol Length Info
3147 40.511536 45.84.204.10 192.168.1.4 TLSv1.2 61 Alert (Level: Fatal,Description: Unexpected Message)
Frame 3147: 61 bytes on wire (488 bits),61 bytes captured (488 bits) on interface \Device\NPF_{0BF443D1-F659-40FD-96FE-C40B5B821ABA},Dst Port: 63992,Ack: 128,Len: 7
Transport Layer Security
TLSv1.2 Record Layer: Alert (Level: Fatal,Description: Unexpected Message)
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Length: 2
Alert Message
Level: Fatal (2)
Description: Unexpected Message (10)
解决方法
输出的最后一行显示“应用程序数据”。仅当 TLS 握手成功时才会传输应用程序数据。因此,您遇到的任何问题都在 TLS 握手之外。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。