Encrypted Handshake Message

Finished (Encrypted Handshake)

The Finished message is complicated as it is a hash of all the messages exchanged previously along with a label (“client finished”). This message indicates that the TLS negotiation is completed for the client.

Note: Wireshark displays the Finished message as Encrypted Handshake since, unlike the previous messages, this message has been encrypted with the just negotiated keys/algorithms.

HTTPS over TLS - encrypted type

How does wireshark recognizes: Handshake protocol: Encrypted Handshake message. From the rfc, it doesn't seem to have this type? how can we recognize it from the bytes?

回答1

Wireshark lists this as an "Encrypted Handshake" message because:

It sees from the SSL record that it is a handshake message
The communication is encrypted, as "ChangeCipherSpec" indicates that the negtiated session keys will from that point on be used to encrypt the communication.

When you tell Wireshark to do SSL decryption (by using the private key of the server), the message would have been decrypted and you would see that it is indeed one of the listed handshake messages.

回答2

Handshake messages are encrypted after ChangeCipherSpec message with appropriate preceding parameters.

From RFC 5246 (TLS 1.2), section 7.4. Handshake protocol:

The TLS Handshake Protocol is one of the defined higher-level clients of the TLS Record Protocol. This protocol is used to negotiate the secure attributes of a session. Handshake messages are supplied to the TLS record layer, where they are encapsulated within one or more TLSPlaintext structures, which are processed and transmitted as specified by the current active session state.

The current state is described in section 6.1. Connection states:

The security parameters for the pending states can be set by the TLS Handshake Protocol, and the ChangeCipherSpec can selectively make either of the pending states current, in which case the appropriate current state is disposed of and replaced with the pending state; the pending state is then reinitialized to an empty state. It is illegal to make a state that has not been initialized with security parameters a current state. The initial current state always specifies that no encryption, compression, or MAC will be used.

In practice, you will see unencrypted Client Hello, Server Hello, Certificate, Server Key Exchange, Certificate Request, Certificate Verify and Client Key Exchange messages. The Finished handshake message is encrypted since it occurs after the Change Cipher Spec message.