Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

5.3.4.1 Encrypting Client Random

The client random is encrypted by the client with the server's public key (obtained from the Server Security Data (section 2.2.1.4.3)) using RSA. Mathematically the encryption operation is formulated as follows.

 c = r^e mod n

Where

 c = encrypted client random
 r = unencrypted client random
 e = public exponent
 n = modulus

The client random value must be interpreted as an unsigned little-endian integer value when performing the encryption. The resultant encrypted client random must be copied into a zeroed-out buffer, which is of size:

 (bitlen / 8) + 8

For example, if the public key of the server is 512 bits long, then the zeroed-out buffer must be 72 bytes. This value can also be obtained from the keylen field in the public key structure (section 2.2.1.4.3.1.1.1). The buffer is sent to the server in the Security Exchange PDU (section 2.2.1.10).

Example Java source code that shows how to use a public 64-byte asymmetric key to encrypt a 32-byte client random using RSA is presented in section 4.8. The code also shows how to use the associated private key to decrypt the ciphertext.

Show:
© 2015 Microsoft