'How can I get common key from master secret? I have read RFC 5246 6.3. But I can't figure out;In TLS1.2 and TLS_RSA_WITH_AES_128_CBC_SHA;

I am studying TLS1.2;

So,I launched a simple https server by Java that replies only "abc" and uses CipherSuites TLS_RSA_WITH_AES_128_CBC_SHA;

Certificate info is

RSA Private-Key: (2048 bit, 2 primes)
modulus:
    00:c1:0d:4c:ee:50:cf:8b:05:9c:e0:98:a6:11:b8:
    3b:49:34:63:07:c5:ce:ff:23:b2:2a:fa:e6:64:4f:
    34:d0:1e:f7:59:fd:04:1c:66:31:c6:a5:d7:52:a1:
    11:19:a2:b0:50:d2:18:e5:fe:a0:1f:4c:e7:69:21:
    1a:bf:7d:b4:9c:22:96:ee:1e:de:c7:04:3e:ce:76:
    cb:7a:b6:08:cc:59:10:57:84:56:e5:0d:f9:f9:e7:
    78:ba:ca:2b:29:aa:3a:17:4a:d4:ed:f2:1c:d2:f6:
    0c:52:41:de:bc:a7:2e:6f:3d:e7:90:09:b7:3c:80:
    fd:36:ac:4f:7a:89:ff:cb:8c:d7:6c:b4:ed:d0:d2:
    05:45:e0:a6:a7:fa:9f:2f:ce:09:f6:05:58:14:a8:
    3d:f5:d2:73:c0:35:8f:62:c0:35:2c:7c:16:cd:a6:
    52:03:f6:c2:ec:9b:87:33:28:8e:b5:7c:15:f5:b2:
    e2:0c:10:a4:32:7d:e5:75:47:c9:47:35:7b:10:77:
    8d:a0:75:de:8e:62:2c:e4:1f:5f:a2:a4:93:ea:36:
    c9:63:13:2a:66:99:6a:71:c0:3a:3b:30:15:27:89:
    2e:27:e0:22:69:d0:ff:d8:89:83:20:e6:f6:5a:bb:
    ba:31:f4:22:22:96:27:64:e1:f7:95:d4:dd:03:48:
    73:c5
publicExponent: 65537 (0x10001)
privateExponent:
    2e:49:23:15:cc:78:46:4b:bd:36:38:43:30:e2:6c:
    0c:7c:2b:f6:34:1e:12:1c:1b:de:a4:33:52:ff:8e:
    99:0b:a3:a0:86:c2:52:90:ca:04:67:c4:bd:81:f2:
    98:a3:e2:04:2e:ab:5b:91:76:10:ab:1e:9c:9d:1c:
    4d:a7:35:03:6e:63:a3:89:f1:3d:e4:2d:ae:d0:da:
    ae:7c:30:95:d6:10:cd:fa:e3:de:9d:40:3f:03:99:
    75:a7:7d:3b:cb:1d:8c:72:1b:a5:45:34:55:fc:3a:
    2e:0a:ae:fd:aa:53:be:c6:27:db:e8:08:6f:d0:39:
    65:bf:60:7a:ef:d5:4d:96:f7:42:c1:78:0d:d5:b1:
    40:93:93:e1:c4:66:df:55:3c:ef:2c:53:53:83:f3:
    1f:e7:1e:dd:16:13:1b:f5:51:47:e7:12:21:15:14:
    b4:3d:c9:96:df:b1:e9:8d:e9:f8:f5:ae:5a:aa:a9:
    87:d3:d1:be:3a:b5:5f:af:cd:0e:97:d6:3f:eb:39:
    fc:b9:fd:c1:2e:7a:5f:e0:a0:8d:39:1e:11:d0:cc:
    f4:55:84:4d:e7:f6:e7:1c:4b:76:45:7a:d2:57:db:
    69:ab:78:be:3a:de:7e:75:ae:8c:02:e4:c1:e6:5d:
    44:95:36:b3:17:f4:d6:37:24:30:2f:8e:33:42:75:
    a1
prime1:
    00:cf:bf:9b:7d:c6:62:40:db:13:cd:c1:24:61:a0:
    b0:20:b8:35:3d:f0:65:3a:0c:6d:79:91:31:5f:5c:
    4d:31:68:d4:10:38:b5:cf:ba:0f:e4:32:5a:eb:19:
    22:42:6a:57:1d:01:da:9e:a2:96:ae:3d:2b:b8:9f:
    fb:db:fc:91:21:57:ff:64:bf:7b:71:b8:9a:cb:2c:
    f7:09:77:92:f4:e0:c4:fb:f7:ad:42:ba:b1:b4:bb:
    d8:0d:76:08:bf:b1:3c:c8:a4:6f:fe:78:61:68:10:
    c9:c5:50:ae:ff:45:b3:f7:2c:af:65:c3:31:e3:c0:
    aa:9b:a6:cf:43:c5:d6:88:6d
prime2:
    00:ed:e3:dc:ab:b2:b0:d2:1d:55:56:11:c3:26:de:
    47:6f:88:1e:19:ea:88:ab:a4:8a:18:45:a5:b4:a8:
    e8:97:88:05:61:36:89:ef:bc:16:0e:1c:64:68:45:
    a0:1e:eb:f4:59:ef:40:06:80:ee:79:3d:89:82:92:
    a4:65:e1:5c:fe:36:06:a3:09:ef:f0:fe:b3:7f:00:
    cc:68:a5:65:78:fe:df:7c:4c:5a:89:f3:9e:83:0a:
    5c:d9:c0:7e:b9:51:f4:a6:86:f5:84:ac:cd:92:2f:
    c9:d3:85:05:d2:48:05:e6:d9:1b:d2:47:da:df:75:
    2a:23:b8:59:6a:77:cf:31:b9
exponent1:
    00:b2:72:dd:b7:6d:fe:db:c2:d3:01:fc:13:aa:20:
    82:e9:b8:11:53:c0:f8:d2:a1:f6:2f:64:3e:4a:b1:
    58:45:46:cc:51:9a:c4:e1:47:eb:7a:92:9e:72:2f:
    46:b4:51:ef:be:24:e7:8b:38:11:c2:5d:1c:ff:1b:
    bd:15:bb:9f:56:4a:e6:3f:be:12:e5:1e:33:28:ae:
    d9:0c:32:bf:f2:c4:57:b0:2f:91:8e:2e:1b:93:29:
    7f:6e:20:a3:67:35:71:06:cf:e8:bb:66:e0:14:a9:
    c7:07:4c:44:e5:55:14:3f:0f:0d:22:96:46:76:61:
    fa:aa:74:e0:b8:50:69:f5:09
exponent2:
    00:dd:31:56:f9:0b:30:a0:5e:07:ff:fc:8a:11:74:
    f2:c5:40:b2:84:74:6f:d9:f1:27:3a:44:60:3c:68:
    25:c4:e8:03:e0:8d:3e:9a:7b:af:a2:35:42:23:36:
    42:19:1e:5a:58:d9:3e:16:0e:02:2f:17:49:e9:f0:
    02:0e:7d:0a:e3:90:46:81:88:76:e3:05:60:cf:01:
    66:0f:13:63:13:ab:21:10:49:4a:92:24:c4:c9:a1:
    74:0e:40:8f:54:2f:61:25:0a:2d:f5:cc:5b:64:c7:
    2c:89:91:91:85:21:d4:e2:fe:12:81:66:b0:9b:c0:
    2c:8b:84:19:18:07:08:cf:79
coefficient:
    00:a6:08:ef:e8:98:ec:5c:6d:cc:1c:44:0c:f6:00:
    5d:fc:6d:cd:97:03:24:f9:8e:48:22:8c:19:08:09:
    cb:a8:b5:8a:ec:90:85:4c:f1:fd:dd:b8:ca:80:87:
    88:cb:b9:4e:72:82:45:cd:82:37:c2:77:70:8e:31:
    13:73:42:8c:df:ca:f2:a9:dc:b1:6f:2b:df:b4:d0:
    68:1f:70:ac:fa:a4:45:f1:02:90:1f:41:19:41:04:
    c7:3f:38:ad:65:b3:ea:ec:7a:95:4e:9d:0d:58:d6:
    c1:dc:23:8d:b0:a7:9b:73:b2:3d:48:2c:f3:e4:7c:
    e6:a8:b3:ff:48:4b:29:9a:c4

and

Client Random is

ede6b47287bcb60b56c7045f1672ea92e4e45aa5af6e902e359901ddaece4936

and

Server Random is

b3e805de8f3d430d2087824dec737840e0a98691fcaee2a2e7fb58d9c13fa3a7

and

Master Secret is

2494e0d48fa86f33855bdd7495e9e566da5e5f56e5507abecea9909af27814abca678306a2646baa6059c2a5aa05a369

and

target(That I want to decrypt) data is

7878023688c55d0fdcd9726b95b98a17d41990ea15e179ef9ae35431847f31dcc9e79a0388abd6b82f62dad181e1e2bb5e1c803f6d8b6075725a5e61542418ea0dfb0998b9f9367e995a37eecf20ab9c8bc187b0f70a0e1828ceceffbc69e3cc1fafb8b61e2b5274d381fb748984ccfa2ba8c9ac3e165ecdb846495d6abae7444f0545b48775716138d6fccacbc4d513ea1b3d2fbc496caf008aad44f24d32f2d69bdfd40ed93acc6c3ddef028958b92121d621796f21513e21d1695aaba77cd959027b79f1aac9e22f69190a3777a529644e1b779b88398fdb3c703fd2a6d17b0128d91d1f02545b42bc6c42278c17cf823f8aee76d6d5a222c31d90509d2786cba08cc0ef61c4f7eba9b7a8c7bd34923c62e931310fd86f6f96ad130c533223ad76c67163d0a3a8d3143fb282591855402939bff4a017e378a4e1df3ce522320fd12483d39aa278106adec4eabe82b6b574d2d6b115736aebe84f5322773746aaa61c115d7f754ca52dc8acc1c67b933bf6f2c302fc21bb3341ce72aa1517d30e72122a5cab50ea1ebcd31059a9a02a8dfbb01ca9cd1c1ce2f48d7f0d5cc4dbc0ae6e85379f70e574f44ce04ab9ca312203f7bda75de270ecb42062af09b93a6d6d2f75e1eaf86d523cc6eecdddd7d65f3d975c87d5ef4f749d5fa4f082ce561cecaaa8411b435ebf0545fa649b3f3d6379b8536d7431576991edcd5264f1b91846075f0e1f5d485e55805ef4a1450876a6439bee5a8b3b1d196fe3d0b61b71126b9dc1fec1e865c9fea79a9728cebed0eb9de46d5d13374b7138c035cd3a48dbde09e094b1979406914e05b57bae7b117317449d0495389b5da107f17cc8a7b3c6e27fa06e6ddefd73a30106e9b3602a69d7ac64da6c7f86816c00759b983c0b7448ace8c1f67cb34d9d7f162ae5e942a2b91df31a3e9057c6348b656402c8c747cf7a3de2e975f34baf2b71fedafd9cf7c75943a07d02631b279aa93aec21715a8fd349679d5cc4529216bfcef93

I have tried to decrypt target data by this program;

import hashlib
from base64 import b64encode, b64decode

import cryptography
from cryptography.fernet import Fernet
master_secret = bytes.fromhex("2494e0d48fa86f33855bdd7495e9e566da5e5f56e5507abecea9909af27814abca678306a2646baa6059c2a5aa05a369")
label = b"key expansion"
hh1 = hashlib.sha1();
hh1.update(master_secret)
hh2 = hashlib.sha1();
hh2.update(label)
hh3 = hashlib.sha1();
tmptmptmp=bytes.fromhex("ede6b47287bcb60b56c7045f1672ea92e4e45aa5af6e902e359901ddaece4936"+"b3e805de8f3d430d2087824dec737840e0a98691fcaee2a2e7fb58d9c13fa3a7")
hh3.update(tmptmptmp)
last_key = hh1.hexdigest()+hh2.hexdigest()+hh3.hexdigest()
print(last_key)

#because base64encode of last_key's first 32byte is kE3/lhlz3PtJQZkus4AIrY0PA0yxRtIjBdoQa7RwjKo=
f = Fernet(b"kE3/lhlz3PtJQZkus4AIrY0PA0yxRtIjBdoQa7RwjKo=")
#because base64encode of target data is this
out = f.decrypt(b"eHgCNojFXQ/c2XJrlbmKF9QZkOoV4XnvmuNUMYR/MdzJ55oDiKvWuC9i2tGB4eK7XhyAP22LYHVyWl5hVCQY6g37CZi5+TZ+mVo37s8gq5yLwYew9woOGCjOzv+8aePMH6+4th4rUnTTgft0iYTM+iuoyaw+Fl7NuEZJXWq650RPBUW0h3VxYTjW/MrLxNUT6hs9L7xJbK8Aiq1E8k0y8tab39QO2TrMbD3e8CiVi5ISHWIXlvIVE+IdFpWqunfNlZAnt58arJ4i9pGQo3d6UpZE4bd5uIOY/bPHA/0qbRewEo2R0fAlRbQrxsQieMF8+CP4rudtbVoiLDHZBQnSeGy6CMwO9hxPfrqbeox700kjxi6TExD9hvb5atEwxTMiOtdsZxY9CjqNMUP7KCWRhVQCk5v/SgF+N4pOHfPOUiMg/RJIPTmqJ4EGrexOq+gra1dNLWsRVzauvoT1MidzdGqqYcEV1/dUylLciswcZ7kzv28sMC/CG7M0HOcqoVF9MOchIqXKtQ6h680xBZqaAqjfuwHKnNHBzi9I1/DVzE28CuboU3n3DldPRM4Eq5yjEiA/e9p13icOy0IGKvCbk6bW0vdeHq+G1SPMbuzd3X1l89l1yH1e9PdJ1fpPCCzlYc7KqoQRtDXr8FRfpkmz89Y3m4U210MVdpke3NUmTxuRhGB18OH11IXlWAXvShRQh2pkOb7lqLOx0Zb+PQthtxEmudwf7B6GXJ/qealyjOvtDrneRtXRM3S3E4wDXNOkjb3gnglLGXlAaRTgW1e657EXMXRJ0ElTibXaEH8XzIp7PG4n+gbm3e/XOjAQbps2AqadesZNpsf4aBbAB1m5g8C3RIrOjB9nyzTZ1/Firl6UKiuR3zGj6QV8Y0i2VkAsjHR896PeLpdfNLrytx/tr9nPfHWUOgfQJjGyeaqTrsIXFaj9NJZ51cxFKSFr/O+T")
print(out)

But it does not work at all;

I think that it is wrong with getting key block, but I can't figure out correct specification from RFC 5246 6.3.;

Can someone please tell me the correct program in Python that can find the common key and decrypt the target data?

PS

I must have completely missed the fact that I needed to use the hmac-sha1 function instead of sha1. Perhaps that will work. If it works, I'll post the program here.

sslhttpscryptographyaestls1.2


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Convert this Nodejs Function to C# Function

System.ArgumentNullException: 'String reference not set to an instance of a String. Parameter name: s'

What Salt size and position for AES 256?

One-to-one integer mapping function

Getting Started with crypto++ decryption with AES

Flutter - How to decrypt a RSA private key encrypted string if we have RSA public key with us?

Python cryptography -- How to include X509 extensions for "Subject Key Identifier" and "Authority Key Identifier" in a self-signed cert?

ECDH with HKDF using c#

Get IV size for a specific cipher in node.js

Is there a way to seed a cryptographically secure RNG engine in rust using a [u8; 64] array?

Does the size of the prime number in Shamir's Secret Sharing affect the security of the sharding?

How to transfer custom SPL token by '@solana/web3.js' and '@solana/sol-wallet-adapter'

How to apply Shamir's Secret Sharing on strings passwords

pyconfig.h missing during "pip install cryptography"

from field must match key's x, but it was y