Composition of DES_CBC_SHA

Sun Mar 19 16:41:41 UTC 2023

On Sun, Mar 19, 2023 at 03:09:47PM +0000, Ren Yanyu wrote:

> I use SSL_write(ssl, buf, len) send the data to a memory BIO and read
> the encrypted message. For example, one of the message reads:
                                      ---
                                     [two]

> 17 03 00 00 18
>       ab d0 3c ae 20 f5 f8 ad dd 92 06 83 32 bd fa 6a
>       02 44 5d ec 7b 6d 0c 2b
> 17 03 00 00 28
>       66 45 37 06 e6 86 3e d2 cc 77 c1 0b 45 dd 96 0c
>       c3 7c 23 8e ea 72 fa a6 f0 67 74 28 38 ae 37 23
>       92 b8 07 96 ce 0f d3 ea

You're confusing TCP segments with TLS records.  A single TCP segment
can carry more than one TCL record (or fewer, if the record is longer
than the TCP MSS, or is the last fragment of a long record).

-- 
    Viktor.