Server Hello 書き直し
chrome + wiresharkで暗号化されてる中身をwiresharkで見る方法を見つけた
そしたら、serverhelloの後半が見れたのでここにメモる
TLSv1.3 Server Hello, Encrypted Extensions
Transport Layer Security
TLSv1.3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 155
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 151
Version: TLS 1.2 (0x0303)
Random: e026eb9e16fdf8d23254eb6d8982ab21d1e0fc5ed0e131bf402bea0468916da8
Session ID Length: 32
Session ID: 6b34cb2f3b8f7dd1e9b3e4bc7687cdddca84c561b78f3ae7aae184a1e9a9dc1a
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Compression Method: null (0)
Extensions Length: 79
Extension: supported_versions (len=2)
Type: supported_versions (43)
Length: 2
Supported Version: TLS 1.3 (0x0304)
Extension: key_share (len=69)
Type: key_share (51)
Length: 69
Key Share extension
Key Share Entry: Group: secp256r1, Key Exchange length: 65
Group: secp256r1 (23)
Key Exchange Length: 65
Key Exchange: 0439a651bf7133b2add4846cb1a583ed0d48e4601aaa969c4e1e473c5cead13fa30c8b39…
[JA3S Fullstring: 771,4866,43-51]
[JA3S: 15af977ce25de452b96affa2addb1036]
TLSv1.3 Record Layer: Handshake Protocol: Encrypted Extensions
Opaque Type: Application Data (23)
Version: TLS 1.2 (0x0303)
Length: 32
[Content Type: Handshake (22)]
Handshake Protocol: Encrypted Extensions
Handshake Type: Encrypted Extensions (8)
Length: 11
Extensions Length: 9
Extension: application_layer_protocol_negotiation (len=5)
Type: application_layer_protocol_negotiation (16)
Length: 5
ALPN Extension Length: 3
ALPN Protocol
ALPN string length: 2
ALPN Next Protocol: h2
Server Helloのkey_share以降は暗号化される。
Encrypted Extensions で ALPN が送信されてた。
さらに certificate などが続く。