未指定字節

Question

在SSL 3.0以下服務器問候消息

16 03 00 00 51 02 00 
00 4d 03 00 4f a1 c1 
eb e3 fb 00 a9 c8 25 
25 48 6f 89 27 ec bb 
80 f3 8c 5d db f7 6c 
94 56 d8 34 7a b5 9d 
02 20 54 ab 20 ea 05 
a6 38 6f ee 55 40 ae 
af e2 5d ae 2a 4d c1 
c6 f4 09 a7 08 b1 c5 
49 39 87 82 d3 f7 00 
39 00 00 05 ff 01 00 
01 00 

我理解這種反應如下握手服務器響應：

Content-type: 22 (Handshake protocol) 
Version: 3.0 
Length: a1 (81 bytes) 

Content-type: 02 (ServerHello) 
Length: 4d (77 bytes) 
Version: 3.0 
Random: 4f a1 c1 eb e3 fb 00 a9 
     c8 25 25 48 6f 89 27 ec 
     bb 80 f3 8c 5d db f7 6c 
     94 56 d8 34 7a b5 9d 02 
SessionID Length: 20 (32 bytes) 
SessionID: 54 ab 20 ea 05 a6 38 6f 
      ee 55 40 ae af e2 5d ae 
      2a 4d c1 c6 f4 09 a7 08 
      b1 c5 49 39 87 82 d3 f7 
Cipher Suite: 00 39 
Compression method: 00 

但我不能明白是怎麼過去的應解釋7個字節：00 05 ff 01 00 01 00

Answer 1

這將是renegotiation_info擴展名，如RFC 5746中所定義：

o If this is the initial handshake for a connection, then the 
    "renegotiated_connection" field is of zero length in both the 
    ClientHello and the ServerHello. Thus, the entire encoding of the 
    extension is ff 01 00 01 00. The first two octets represent the 
    extension type, the third and fourth octets the length of the 
    extension itself, and the final octet the zero length byte for the 
    "renegotiated_connection" field.