How is the pre master key generated?

113 views

Skip to first unread message

baoguox...@gmail.com

unread,

Nov 8, 2018, 2:15:25 AM11/8/18

to Chromium-discuss

A few days ago, my colleague asked me a question about how the pre master key was generated, because I didn't know much about the https principle at the time, so I spent a lot of time querying a lot of information and understanding the process of https creating links. I'm seeing how many pages are generated for the pre master key and I haven't explained it. I am browsing this page https://security.stackexchange.com/questions/63971/how-is-the-premaster-secret-used-in-tls-generated. The site has two answers, one is 2 The character is the version number and the remaining 46 characters are random values. Another answer is to use the RSA or DH algorithm. Both of these answers are the opposite. Then I queried https://tools.ietf.org/html/rfc5246#section-7.4.7.1. The above explanation tends to the first answer. So my colleague's explanation is that the pre master key is generated by the system using a random value generator. Colleagues say that the value of pre master key is generated using random_C and random_S, and neither of us can convince anyone. So come over and ask a professional. How is the pre master key generated?

I am using this document translated by Google. Chinese original text is as follows:

前几天同事问我一个问题，pre master key 是如何生成的，因为我当时对https原理不太了解，所以我花费了很多时间查询了很多的资料，了解了https创建链接的过程。我在看到很多的网页对于pre master key 的是如何生成的，并没有做出解释。我浏览到这个网页 https://security.stackexchange.com/questions/63971/how-is-the-premaster-secret-used-in-tls-generated .该网站有两个回答，一个是回答是2个字符是版本号，剩下的46个字符是随机值。另外一个回答说是使用了RSA或者DH算法。这个两个回答都是相反的。然后我又查询到了 https://tools.ietf.org/html/rfc5246#section-7.4.7.1。上面的解释倾向于第一个回答。所以我跟同事的解释是 pre master key 是系统使用随机值生成器生成的。同事说pre master key 的值是使用 random_C 和 random_S 生成的，我们两个谁也说服不了谁。所以过来请教一下专业人士。到底 pre master key 是如何生成。

PhistucK

unread,

Nov 8, 2018, 3:28:18 AM11/8/18

to baoguox...@gmail.com, Chromium-discuss

> Both of these answers are the opposite.

Not really, one is for RSA and the other is for DH and similar, as the answer notes.

I reckon this function generated the premaster key (look for what is going on with the pms variable) -

https://cs.chromium.org/chromium/src/third_party/boringssl/src/ssl/handshake_client.cc?type=cs&sq=package:chromium&g=0&l=1353

☆PhistucK

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

Reply all

Reply to author

Forward

0 new messages