I know that in TLS 1.2 the client generates PMS (Pre Master Secret) which is used to get master_secret
and Key_Block
.
Where Key_Block
combined with clinet_random
and server_random
gives us: clientMAC
, serverMAC
, clientWrite
and serverWrite
.
For example clientWrite
is used to encrypt all messages from client to server.
What I don't understand is which key the server uses to encrypt the messages it gets and which one the client uses?
clientWrite
is used to encrypt messages from client to server, so it's the key used by the server for decryption... which hopefully makes it obvious which key the server uses for encryption (and the client for decryption). These are symmetric keys, you use the same one for encrypt and decrypt. – CBHacking Jul 26 '22 at 00:57