最近流行の DTLS を試すための openssl コマンドのメモです。
サーバ証明書/秘密鍵、CA 証明書は事前に準備しておきます。
サーバ
$ openssl s_server -dtls1 -key private.key -cert server.pem -msg
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
<<< DTLS 1.0 Handshake [length 00cd], ClientHello
01 00 00 c1 00 00 00 00 00 00 00 c1 fe ff 7d 1b
9b 6f 7d b8 5a 85 2f 23 5f 78 41 f6 68 e6 ff 1a
80 3c 37 fe b0 d5 89 be 21 5c 5e 49 45 f4 00 00
00 4e c0 14 c0 0a 00 39 00 38 00 88 00 87 c0 0f
c0 05 00 35 00 84 c0 13 c0 09 00 33 00 32 00 9a
00 99 00 45 00 44 c0 0e c0 04 00 2f 00 96 00 41
00 07 c0 12 c0 08 00 16 00 13 c0 0d c0 03 00 0a
00 15 00 12 00 09 00 14 00 11 00 08 00 06 00 ff
01 00 00 49 00 0b 00 04 03 00 01 02 00 0a 00 34
00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00 09
00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00 15
00 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0f
00 10 00 11 00 23 00 00 00 0f 00 01 01
>>> DTLS 1.0 Handshake [length 0023], HelloVerifyRequest
03 00 00 17 00 00 00 00 00 00 00 17 fe ff 14 0d
13 04 5b 01 61 81 06 a5 8e f8 cb 1d af db 32 ea
9c 1c ec
<<< DTLS 1.0 Handshake [length 00e1], ClientHello
01 00 00 d5 00 01 00 00 00 00 00 d5 fe ff 7d 1b
9b 6f 7d b8 5a 85 2f 23 5f 78 41 f6 68 e6 ff 1a
80 3c 37 fe b0 d5 89 be 21 5c 5e 49 45 f4 00 14
0d 13 04 5b 01 61 81 06 a5 8e f8 cb 1d af db 32
ea 9c 1c ec 00 4e c0 14 c0 0a 00 39 00 38 00 88
00 87 c0 0f c0 05 00 35 00 84 c0 13 c0 09 00 33
00 32 00 9a 00 99 00 45 00 44 c0 0e c0 04 00 2f
00 96 00 41 00 07 c0 12 c0 08 00 16 00 13 c0 0d
c0 03 00 0a 00 15 00 12 00 09 00 14 00 11 00 08
00 06 00 ff 01 00 00 49 00 0b 00 04 03 00 01 02
00 0a 00 34 00 32 00 0e 00 0d 00 19 00 0b 00 0c
00 18 00 09 00 0a 00 16 00 17 00 08 00 06 00 07
00 14 00 15 00 04 00 05 00 12 00 13 00 01 00 02
00 03 00 0f 00 10 00 11 00 23 00 00 00 0f 00 01
01
>>> DTLS 1.0 Handshake [length 004a], ServerHello
02 00 00 3e 00 01 00 00 00 00 00 3e fe ff ce 43
77 d1 f5 99 54 94 ce a1 87 4d 58 66 63 58 11 2c
c3 0b 48 e8 4b e8 e5 bf 3d c1 f7 a1 97 06 00 c0
0a 00 00 16 ff 01 00 01 00 00 0b 00 04 03 00 01
02 00 23 00 00 00 0f 00 01 01
>>> DTLS 1.0 Handshake [length 0236], Certificate
0b 00 02 2a 00 02 00 00 00 00 02 2a 00 02 27 00
02 24 30 82 02 20 30 82 01 c5 a0 03 02 01 02 02
01 00 30 0a 06 08 2a 86 48 ce 3d 04 03 02 30 4a
31 0b 30 09 06 03 55 04 06 13 02 4a 50 31 0e 30
0c 06 03 55 04 08 0c 05 54 6f 6b 79 6f 31 15 30
13 06 03 55 04 0a 0c 0c 6f 72 67 61 6e 69 7a 61
74 69 6f 6e 31 14 30 12 06 03 55 04 03 0c 0b 45
43 43 20 54 65 73 74 20 43 41 30 1e 17 0d 31 35
30 32 31 31 30 33 33 39 35 30 5a 17 0d 31 36 30
32 31 31 30 33 33 39 35 30 5a 30 4a 31 0b 30 09
06 03 55 04 06 13 02 4a 50 31 0e 30 0c 06 03 55
04 08 0c 05 54 6f 6b 79 6f 31 15 30 13 06 03 55
04 0a 0c 0c 6f 72 67 61 6e 69 7a 61 74 69 6f 6e
31 14 30 12 06 03 55 04 03 0c 0b 65 78 61 6d 70
6c 65 2e 63 6f 6d 30 59 30 13 06 07 2a 86 48 ce
3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00
04 0e a2 61 04 e6 3c 09 8f 71 6b 14 0b da e8 79
d9 bd 00 a9 ee 7d 82 c7 56 22 a0 99 99 14 d6 4b
fd 2b 80 05 65 7f 11 2d 18 0f a2 80 d6 f1 c3 ea
85 b2 db 70 68 70 37 70 72 c0 2b 89 30 bf cf f4
e6 a3 81 9b 30 81 98 30 09 06 03 55 1d 13 04 02
30 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04
1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72
61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65
30 1d 06 03 55 1d 0e 04 16 04 14 f5 08 7a cd 7d
8c 7d e4 2a ae fe a5 80 18 e0 9c cf e9 7a 4e 30
1f 06 03 55 1d 23 04 18 30 16 80 14 0c 91 03 88
11 2e db 43 a8 07 9a 24 76 fe 21 7d a9 e4 ed e0
30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01
05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30
0a 06 08 2a 86 48 ce 3d 04 03 02 03 49 00 30 46
02 21 00 8e 08 85 00 cd 7a 2c 62 e2 eb 8e 0f 74
47 77 2f be 76 a3 72 d5 b7 01 67 e9 eb 7f 1a b4
a2 45 45 02 21 00 ee 07 8a f2 4f fd 36 95 82 f3
e3 32 3f 6a d6 48 7f 66 d0 e6 9d 08 e8 65 df f1
7f 51 22 6a 93 56
>>> DTLS 1.0 Handshake [length 009a], ServerKeyExchange
0c 00 00 8e 00 03 00 00 00 00 00 8e 03 00 17 41
04 d9 78 6c a3 05 37 12 7a 8f ac dc 12 14 31 a5
06 79 37 d7 ea 00 1f c4 18 5d c9 4f 36 21 d4 29
95 47 e8 d5 fe ce e6 6b de df 01 13 74 23 2c e2
0b c5 17 3b b6 1a 3e 0a ee 9b 50 31 f6 3e 44 31
1f 00 47 30 45 02 20 76 23 d1 d7 b0 43 b6 fd 5f
0a de 4e 8b c3 b2 d2 49 38 16 18 11 f3 8b fa 52
0c 9a e2 5d 79 9a 68 02 21 00 a7 38 92 d7 76 0a
d6 0f 82 4e cd 65 ad d3 8d b6 cd ff 7b 75 17 9c
ed ea 35 a0 c0 ac 66 c2 36 68
>>> DTLS 1.0 Handshake [length 000c], ServerHelloDone
0e 00 00 00 00 04 00 00 00 00 00 00
<<< DTLS 1.0 Handshake [length 004e], ClientKeyExchange
10 00 00 42 00 02 00 00 00 00 00 42 41 04 08 db
5d fc 5f 61 ae d8 c6 d5 01 c5 0b 9b 51 f5 60 59
fe 68 26 b3 09 97 a2 37 61 30 d1 7b b3 f5 23 db
7e b7 53 53 a9 77 e9 99 c6 b2 6c 72 99 92 04 4f
3b 85 97 15 14 53 5e 6b a3 62 94 37 22 5d
<<< DTLS 1.0 ChangeCipherSpec [length 0001]
01
<<< DTLS 1.0 Handshake [length 0018], Finished
14 00 00 0c 00 03 00 00 00 00 00 0c f5 22 dd 68
cd 1d 84 3e 75 61 e3 8e
>>> DTLS 1.0 Handshake [length 00b2]???
04 00 00 a6 00 05 00 00 00 00 00 a6 00 00 00 00
00 a0 fa 81 fa a2 ac b8 a9 e5 8e b8 c3 ce 84 55
3c ae bd a2 5e 24 21 e2 fe 37 b9 9c b0 13 18 b3
6c 5c f4 cf 2d 28 0c 6b a0 5b b6 69 7d fd ee 04
89 0f 07 f1 bb 36 83 09 79 82 8e bb a7 df 5d 7b
2c 41 2c 2f 74 05 79 3d b4 c5 bb aa f3 fa 0b c4
d4 a8 bf df 70 a1 38 2c 3f 2b 1b 38 e6 19 1b 31
c2 0b 6a 76 73 84 17 6d 48 49 ce 18 51 a2 90 fd
00 20 2a d8 72 21 06 23 66 08 67 71 e6 33 f2 9e
74 45 01 e6 5f 2d 66 f4 fa 90 b9 7e 43 44 d3 e2
63 fc d6 8d ab 7f 52 33 1c 34 5b cc 58 0a 5d b8
a3 17
>>> DTLS 1.0 ChangeCipherSpec [length 0001]
01
>>> DTLS 1.0 Handshake [length 0018], Finished
14 00 00 0c 00 06 00 00 00 00 00 0c 46 f8 ff 65
a1 ea 52 d8 a1 20 c4 6f
-----BEGIN SSL SESSION PARAMETERS-----
MFYCAQECAwD+/wQCwAoEAAQw1urqrqbXCDNdHHF5ljIXqO8HzlHBa+V/o2b+uWho
RhLY41uSj6U/2CXr/0JkV8p/oQYCBFTbDvaiBAICHCCkBgQEAQAAAA==
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5
CIPHER is ECDHE-ECDSA-AES256-SHA
Secure Renegotiation IS supported
クライアント
$ openssl s_client -msg -dtls1 -CAfile ca.pem -connect localhost:4433
CONNECTED(00000003)
>>> DTLS 1.0 Handshake [length 00cd], ClientHello
01 00 00 c1 00 00 00 00 00 00 00 c1 fe ff 7d 1b
9b 6f 7d b8 5a 85 2f 23 5f 78 41 f6 68 e6 ff 1a
80 3c 37 fe b0 d5 89 be 21 5c 5e 49 45 f4 00 00
00 4e c0 14 c0 0a 00 39 00 38 00 88 00 87 c0 0f
c0 05 00 35 00 84 c0 13 c0 09 00 33 00 32 00 9a
00 99 00 45 00 44 c0 0e c0 04 00 2f 00 96 00 41
00 07 c0 12 c0 08 00 16 00 13 c0 0d c0 03 00 0a
00 15 00 12 00 09 00 14 00 11 00 08 00 06 00 ff
01 00 00 49 00 0b 00 04 03 00 01 02 00 0a 00 34
00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00 09
00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00 15
00 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0f
00 10 00 11 00 23 00 00 00 0f 00 01 01
<<< DTLS 1.0 Handshake [length 0023], HelloVerifyRequest
03 00 00 17 00 00 00 00 00 00 00 17 fe ff 14 0d
13 04 5b 01 61 81 06 a5 8e f8 cb 1d af db 32 ea
9c 1c ec
>>> DTLS 1.0 Handshake [length 00e1], ClientHello
01 00 00 d5 00 01 00 00 00 00 00 d5 fe ff 7d 1b
9b 6f 7d b8 5a 85 2f 23 5f 78 41 f6 68 e6 ff 1a
80 3c 37 fe b0 d5 89 be 21 5c 5e 49 45 f4 00 14
0d 13 04 5b 01 61 81 06 a5 8e f8 cb 1d af db 32
ea 9c 1c ec 00 4e c0 14 c0 0a 00 39 00 38 00 88
00 87 c0 0f c0 05 00 35 00 84 c0 13 c0 09 00 33
00 32 00 9a 00 99 00 45 00 44 c0 0e c0 04 00 2f
00 96 00 41 00 07 c0 12 c0 08 00 16 00 13 c0 0d
c0 03 00 0a 00 15 00 12 00 09 00 14 00 11 00 08
00 06 00 ff 01 00 00 49 00 0b 00 04 03 00 01 02
00 0a 00 34 00 32 00 0e 00 0d 00 19 00 0b 00 0c
00 18 00 09 00 0a 00 16 00 17 00 08 00 06 00 07
00 14 00 15 00 04 00 05 00 12 00 13 00 01 00 02
00 03 00 0f 00 10 00 11 00 23 00 00 00 0f 00 01
01
<<< DTLS 1.0 Handshake [length 004a], ServerHello
02 00 00 3e 00 01 00 00 00 00 00 3e fe ff ce 43
77 d1 f5 99 54 94 ce a1 87 4d 58 66 63 58 11 2c
c3 0b 48 e8 4b e8 e5 bf 3d c1 f7 a1 97 06 00 c0
0a 00 00 16 ff 01 00 01 00 00 0b 00 04 03 00 01
02 00 23 00 00 00 0f 00 01 01
<<< DTLS 1.0 Handshake [length 0236], Certificate
0b 00 02 2a 00 02 00 00 00 00 02 2a 00 02 27 00
02 24 30 82 02 20 30 82 01 c5 a0 03 02 01 02 02
01 00 30 0a 06 08 2a 86 48 ce 3d 04 03 02 30 4a
31 0b 30 09 06 03 55 04 06 13 02 4a 50 31 0e 30
0c 06 03 55 04 08 0c 05 54 6f 6b 79 6f 31 15 30
13 06 03 55 04 0a 0c 0c 6f 72 67 61 6e 69 7a 61
74 69 6f 6e 31 14 30 12 06 03 55 04 03 0c 0b 45
43 43 20 54 65 73 74 20 43 41 30 1e 17 0d 31 35
30 32 31 31 30 33 33 39 35 30 5a 17 0d 31 36 30
32 31 31 30 33 33 39 35 30 5a 30 4a 31 0b 30 09
06 03 55 04 06 13 02 4a 50 31 0e 30 0c 06 03 55
04 08 0c 05 54 6f 6b 79 6f 31 15 30 13 06 03 55
04 0a 0c 0c 6f 72 67 61 6e 69 7a 61 74 69 6f 6e
31 14 30 12 06 03 55 04 03 0c 0b 65 78 61 6d 70
6c 65 2e 63 6f 6d 30 59 30 13 06 07 2a 86 48 ce
3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00
04 0e a2 61 04 e6 3c 09 8f 71 6b 14 0b da e8 79
d9 bd 00 a9 ee 7d 82 c7 56 22 a0 99 99 14 d6 4b
fd 2b 80 05 65 7f 11 2d 18 0f a2 80 d6 f1 c3 ea
85 b2 db 70 68 70 37 70 72 c0 2b 89 30 bf cf f4
e6 a3 81 9b 30 81 98 30 09 06 03 55 1d 13 04 02
30 00 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04
1f 16 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72
61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65
30 1d 06 03 55 1d 0e 04 16 04 14 f5 08 7a cd 7d
8c 7d e4 2a ae fe a5 80 18 e0 9c cf e9 7a 4e 30
1f 06 03 55 1d 23 04 18 30 16 80 14 0c 91 03 88
11 2e db 43 a8 07 9a 24 76 fe 21 7d a9 e4 ed e0
30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01
05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30
0a 06 08 2a 86 48 ce 3d 04 03 02 03 49 00 30 46
02 21 00 8e 08 85 00 cd 7a 2c 62 e2 eb 8e 0f 74
47 77 2f be 76 a3 72 d5 b7 01 67 e9 eb 7f 1a b4
a2 45 45 02 21 00 ee 07 8a f2 4f fd 36 95 82 f3
e3 32 3f 6a d6 48 7f 66 d0 e6 9d 08 e8 65 df f1
7f 51 22 6a 93 56
depth=1 C = JP, ST = Tokyo, O = organization, CN = ECC Test CA
verify return:1
depth=0 C = JP, ST = Tokyo, O = organization, CN = example.com
verify return:1
<<< DTLS 1.0 Handshake [length 009a], ServerKeyExchange
0c 00 00 8e 00 03 00 00 00 00 00 8e 03 00 17 41
04 d9 78 6c a3 05 37 12 7a 8f ac dc 12 14 31 a5
06 79 37 d7 ea 00 1f c4 18 5d c9 4f 36 21 d4 29
95 47 e8 d5 fe ce e6 6b de df 01 13 74 23 2c e2
0b c5 17 3b b6 1a 3e 0a ee 9b 50 31 f6 3e 44 31
1f 00 47 30 45 02 20 76 23 d1 d7 b0 43 b6 fd 5f
0a de 4e 8b c3 b2 d2 49 38 16 18 11 f3 8b fa 52
0c 9a e2 5d 79 9a 68 02 21 00 a7 38 92 d7 76 0a
d6 0f 82 4e cd 65 ad d3 8d b6 cd ff 7b 75 17 9c
ed ea 35 a0 c0 ac 66 c2 36 68
<<< DTLS 1.0 Handshake [length 000c], ServerHelloDone
0e 00 00 00 00 04 00 00 00 00 00 00
>>> DTLS 1.0 Handshake [length 004e], ClientKeyExchange
10 00 00 42 00 02 00 00 00 00 00 42 41 04 08 db
5d fc 5f 61 ae d8 c6 d5 01 c5 0b 9b 51 f5 60 59
fe 68 26 b3 09 97 a2 37 61 30 d1 7b b3 f5 23 db
7e b7 53 53 a9 77 e9 99 c6 b2 6c 72 99 92 04 4f
3b 85 97 15 14 53 5e 6b a3 62 94 37 22 5d
>>> DTLS 1.0 ChangeCipherSpec [length 0001]
01
>>> DTLS 1.0 Handshake [length 0018], Finished
14 00 00 0c 00 03 00 00 00 00 00 0c f5 22 dd 68
cd 1d 84 3e 75 61 e3 8e
<<< DTLS 1.0 Handshake [length 00b2]???
04 00 00 a6 00 05 00 00 00 00 00 a6 00 00 00 00
00 a0 fa 81 fa a2 ac b8 a9 e5 8e b8 c3 ce 84 55
3c ae bd a2 5e 24 21 e2 fe 37 b9 9c b0 13 18 b3
6c 5c f4 cf 2d 28 0c 6b a0 5b b6 69 7d fd ee 04
89 0f 07 f1 bb 36 83 09 79 82 8e bb a7 df 5d 7b
2c 41 2c 2f 74 05 79 3d b4 c5 bb aa f3 fa 0b c4
d4 a8 bf df 70 a1 38 2c 3f 2b 1b 38 e6 19 1b 31
c2 0b 6a 76 73 84 17 6d 48 49 ce 18 51 a2 90 fd
00 20 2a d8 72 21 06 23 66 08 67 71 e6 33 f2 9e
74 45 01 e6 5f 2d 66 f4 fa 90 b9 7e 43 44 d3 e2
63 fc d6 8d ab 7f 52 33 1c 34 5b cc 58 0a 5d b8
a3 17
<<< DTLS 1.0 ChangeCipherSpec [length 0001]
01
<<< DTLS 1.0 Handshake [length 0018], Finished
14 00 00 0c 00 06 00 00 00 00 00 0c 46 f8 ff 65
a1 ea 52 d8 a1 20 c4 6f
---
Certificate chain
0 s:/C=JP/ST=Tokyo/O=organization/CN=example.com
i:/C=JP/ST=Tokyo/O=organization/CN=ECC Test CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICIDCCAcWgAwIBAgIBADAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJKUDEOMAwG
A1UECAwFVG9reW8xFTATBgNVBAoMDG9yZ2FuaXphdGlvbjEUMBIGA1UEAwwLRUND
IFRlc3QgQ0EwHhcNMTUwMjExMDMzOTUwWhcNMTYwMjExMDMzOTUwWjBKMQswCQYD
VQQGEwJKUDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDG9yZ2FuaXphdGlvbjEU
MBIGA1UEAwwLZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQO
omEE5jwJj3FrFAva6HnZvQCp7n2Cx1YioJmZFNZL/SuABWV/ES0YD6KA1vHD6oWy
23BocDdwcsAriTC/z/Tmo4GbMIGYMAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8W
HU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBT1CHrNfYx9
5Cqu/qWAGOCcz+l6TjAfBgNVHSMEGDAWgBQMkQOIES7bQ6gHmiR2/iF9qeTt4DAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCgYIKoZIzj0EAwIDSQAwRgIh
AI4IhQDNeixi4uuOD3RHdy++dqNy1bcBZ+nrfxq0okVFAiEA7geK8k/9NpWC8+My
P2rWSH9m0OadCOhl3/F/USJqk1Y=
-----END CERTIFICATE-----
subject=/C=JP/ST=Tokyo/O=organization/CN=example.com
issuer=/C=JP/ST=Tokyo/O=organization/CN=ECC Test CA
---
No client certificate CA names sent
---
SSL handshake has read 1188 bytes and written 638 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-SHA
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : DTLSv1
Cipher : ECDHE-ECDSA-AES256-SHA
Session-ID: 99A86ACA58E79660DE2542DBBDBA1FD92214C9F29C29F250DF8E1313FC802C17
Session-ID-ctx:
Master-Key: D6EAEAAEA6D708335D1C7179963217A8EF07CE51C16BE57FA366FEB968684612D8E35B928FA53FD825EBFF426457CA7F
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket:
0000 - fa 81 fa a2 ac b8 a9 e5-8e b8 c3 ce 84 55 3c ae .............U<.
0010 - bd a2 5e 24 21 e2 fe 37-b9 9c b0 13 18 b3 6c 5c ..^$!..7......l\
0020 - f4 cf 2d 28 0c 6b a0 5b-b6 69 7d fd ee 04 89 0f ..-(.k.[.i}.....
0030 - 07 f1 bb 36 83 09 79 82-8e bb a7 df 5d 7b 2c 41 ...6..y.....]{,A
0040 - 2c 2f 74 05 79 3d b4 c5-bb aa f3 fa 0b c4 d4 a8 ,/t.y=..........
0050 - bf df 70 a1 38 2c 3f 2b-1b 38 e6 19 1b 31 c2 0b ..p.8,?+.8...1..
0060 - 6a 76 73 84 17 6d 48 49-ce 18 51 a2 90 fd 00 20 jvs..mHI..Q....
0070 - 2a d8 72 21 06 23 66 08-67 71 e6 33 f2 9e 74 45 *.r!.#f.gq.3..tE
0080 - 01 e6 5f 2d 66 f4 fa 90-b9 7e 43 44 d3 e2 63 fc .._-f....~CD..c.
0090 - d6 8d ab 7f 52 33 1c 34-5b cc 58 0a 5d b8 a3 17 ....R3.4[.X.]...
Start Time: 1423642358
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
Finished の後に ??? となっている Handshake は 04 なので、NewSessionTicket ですね。