The client now has the information to calculate the keys used to encrypt application traffic. It uses the following information in this calculation:
The handshake secret (from "Client Handshake Key Calc")
The SHA256 hash of every handshake message from Client Hello to Server Handshake Finished
We calculate the SHA256 hash of all handshake messages to this point (Client Hello, Server Hello, Encrypted Extensions, Server Certificate, Server Certificate Verify, Server Finished). The hash input does not include the 5-byte "record" headers of ClientHello and ServerHello.
Aufwandschätzung: soll=13 Stunden
The client now has the information to calculate the keys used to encrypt application traffic. It uses the following information in this calculation:
We calculate the SHA256 hash of all handshake messages to this point (Client Hello, Server Hello, Encrypted Extensions, Server Certificate, Server Certificate Verify, Server Finished). The hash input does not include the 5-byte "record" headers of ClientHello and ServerHello.
Consider: