When learning network protocols, practical analysis can help us understand some concepts. This article is based on Mr. Peak’s Wireshark tutorial to capture iOS packets. It analyzes a network session during the iOS client startup of a well-known application. See Mr. Peak’s article for a detailed tutorial. So let’s start analyzing.
TCP handshake
The App uses the HTTPS protocol, and the transport layer undergoes three handshakes before the HTTPS handshake. After the TCP connection is established, the TLS layer Client sends Client Hello to start the TLS handshake process. Look at the first four lines of the diagram below.
The source port number is 55185. The destination port number is 443. This is easier to understand because the port number 443 is used by default for HTTPS communication. Context This is the first handshake when the client sends the SYN to the server. Seq =0, Acknowledgment Number =0. Some may wonder: Isn’t the first handshake SYN=1,ACK=0? Note that the Sequence number and the SYN bit are two different things. SYN=1 and ACK=0 are Control Flag values. Acknowledgment Number =0 because this is the first handshake and no ACK is set, so it is 0. Sequence number is the initial value of a random number generated by the computer during connection establishment, which is exactly 0, but not always 0.
Reserved Field: Reserved field for future expansion. It is a 4-bit field and is usually set to 0. As can be seen from the above structure diagram, the first three bits are 0, and the last bit is NS flag bit (Nonce Sum), which is used for experimental purposes. There is some controversy about NS: In Illustrated TCP/IP, NS is classified as Reserved, and in Wikipedia, NS is classified as Control Flag, that is, in Wikipedia, Control Flag has 9 bits, and in Xie Xiren’s Computer Network 6th edition, the Reserved field is as long as 6 bits. The division of this part is quite controversial, so we should look at it dialectically.
The first highlighted section, Flags, is clearly marked with SYN. Generally speaking, the right side of Reserved is the control field. Due to the controversial issues mentioned above, we change to a more rigorous statement: the 8 bits after NS bit, according to the illustration of TCP/IP, the symbols from left to right are:
CWRCongesting Window reduced, and the rear ECE are used on the ECE field of the IP capital. If ECE is 1, notify the peer that the congestion window is about to shrink.ECE: ECN – Echo.URG: Urgent Flag Indicates that there is data in the packet that needs to be processed urgently, which is explained in the following Urgent pointer.ACK: All ACK values except the first handshake should be 1.PSH: Push Flag: When the value is 1, the received data is immediately transmitted to the upper-layer application protocol. When the value is 0, the data is cached first.RST: Reset Flag. If this bit is 1, it indicates that an exception occurs and the connection must be forcibly disconnected. (The program flashes back, the computer runs out of power, etc.)SYN: Synchronize Flag: wishes to set up a connection and initialize the Sequence number in the fields of the Sequence table.FIN: 1 indicates that data is no longer being sent and the connection is expected to be disconnected. After the two parties confirm and reply to the FIN packet of the other party, the connection can be disconnected. After receiving a FIN, the host can wait until all data in the cache is sent and automatically deleted before sending a FIN to the peer.
First handshake
After the above instructions, expand the Flags for packet capture:
Other fields are analyzed later in the handshake.
Second handshake
The server sends it to the client
Third handshake
The TLS handshake
After a TCP connection is established, the TLS handshake, also known as the HTTPS handshake, starts. For TLS handshake, you can refer to the previous theoretical explanation.
Client Hello
Server Hello
Password suite sent from the server to the client, compression mode, etc.
Certificates, CertificateRequest , ServerHellopDone
ServerKeyExchange:
ClientKeyExchange
So the question is, when I said ClientKeyExchange, I sent an encrypted preliminary master password. Where is the ciphertext? It is not currently seen here, only the public key used for encryption. Next, it is most likely to be sent in the Application Data line below, we can look at the Application Data
The recording protocol of TLS contains the Encrypted Application Data sent by the client to the server. According to the role of the recording protocol, this ciphertext is likely to be the Encrypted preliminary master password. Of course, I am not very sure, if not, please point out.
The ChangeCipherSpec doesn’t contain any real content, it just tells the other person to change their password.
Then the two sides began to use symmetric ciphers, encrypted communication of ciphertext.
The last
The above is a simple packet capture record, a practical verification of the previous theoretical study. Finally, if you want to try it out for yourself, I recommend reading the WireShark tutorial by Mr. Peak.