AceSheep 发布的文章

PHP AES/CBC/128/PKCS7Padding

PHP 7.2 加密实例 PKCS7Padding PKCS5Padding

阅读全文 >>


Golang AES/CBC/PKCS7Padding

Golang没有像PHP那样提供一个现成的aes加密函数,不过标准库里有crypto,利用里面的aes等可以自己封装个加密函数,不过需要理解下整个加解密的过程和原理

阅读全文 >>


使用 Wireshark 解密SSL | 网站调试时使用 | 笔记

Wireshark 解密SSL 有两种办法
1.使用预主密钥来解密SSL (pre-master secret key)
2.使用RSA密钥解密SSL (不推荐)

本文使用第二种方法来做网站调试.

阅读全文 >>


Security/Server Side TLS | wiki 备份

Recommended configurations
Mozilla maintains three recommended configurations for servers using TLS. Pick the correct configuration depending on your audience:

  • Modern: Modern clients that support TLS 1.3, with no need for
    backwards compatibility
  • Intermediate: Recommended configuration for a general-purpose server
  • Old: Services accessed by very old clients or libraries, such as
    Internet Explorer 8 (Windows XP), Java 6, or OpenSSL 0.9.8
Configuration Firefox Android Chrome Edge Internet Explorer Java OpenSSL Opera Safari
Modern 63 10.0 70 75 -- 11 1.1.1 57 12.1
Intermediate 27 4.4.2 31 12 11 (Win7) 8u31 1.0.1 20 9
Old 1 2.3 1 12 8 (WinXP) 6 0.9.8 5 1

The ordering of cipher suites in the Intermediate and Old configurations is very important, as it determines the priority with which algorithms are selected.

OpenSSL will ignore cipher suites it doesn't understand, so always use the full set of cipher suites below, in their recommended order. The use of the Old configuration with modern versions of OpenSSL may require custom builds with support for deprecated ciphers.

阅读全文 >>