18.104.22.168 Encrypting Client Random
The client random is encrypted by the client with the server's public key (obtained from the Server Security Data (section 22.214.171.124.3)) using RSA. Mathematically the encryption operation is formulated as follows.
c = r^e mod n
c = encrypted client random r = unencrypted client random e = public exponent n = modulus
The client random value must be interpreted as an unsigned little-endian integer value when performing the encryption. The resultant encrypted client random must be copied into a zeroed-out buffer, which is of size:
(bitlen / 8) + 8
For example, if the public key of the server is 512 bits long, then the zeroed-out buffer must be 72 bytes. This value can also be obtained from the keylen field in the public key structure (section 126.96.36.199.188.8.131.52). The buffer is sent to the server in the Security Exchange PDU (section 184.108.40.206).
Example Java source code that shows how to use a public 64-byte asymmetric key to encrypt a 32-byte client random using RSA is presented in section 4.8. The code also shows how to use the associated private key to decrypt the ciphertext.