Stardust
老师您好,tls hand shake的过程中,client hello和sever hello这两个报文会协商使用的tls版本是吗?我查看抓到的报文,tls1.2和tls1.3的client hello报文基本是一样的
我查看抓到的tls1.3报文,version字段为什么写着 TLS 1.2呢?从Wireshark复制的报文信息见下方
Secure Sockets Layer
TLSv1.3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 122
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 118
Version: TLS 1.2 (0x0303)
Random: 0545e9c1dbec579f52230bba54a8789319a30958a43dfe11...
Session ID Length: 32
Session ID: 85ef21c4e96122226117a77250ca7d62847b2d731a51f768...
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Compression Method: null (0)
Extensions Length: 46
Extension: key_share (len=36)
Type: key_share (51)
Length: 36
Key Share extension
Key Share Entry: Group: x25519, Key Exchange length: 32
Group: x25519 (29)
Key Exchange Length: 32
Key Exchange: 599ede022b7ae40b7cf408aea5576617f9c069f1734f2f5a...
Extension: supported_versions (len=2)
Type: supported_versions (43)
Length: 2
Supported Version: TLS 1.3 (0x0304)
TLSv1.3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.2 (0x0303)
Length: 1
Change Cipher Spec Message
作者回复: 因为浏览器发起TLS握手时,虽然更倾向1.3,但它同时也支持tls1.2,所以把1.2与1.3里在clienthello所需要的信息都列上了。
如果你使用老版本只支持tls1.2的浏览器就不会这样。