Reputation: 1105
After decrypting a TLS record, how do I know what decompression to apply, if any?
I successfully implemented TLS 1.3 decryption for specific records, but I am having a hard time figuring out how to go get readable plain text (assume it is compressed).
The TLS record does not include any data about payload compression. Say that for example the compression is gzip, do I need to concatenate several TLS records spanning the same gzipped payload in order for decompression to succeed or can I decompress each one independently?
Upvotes: 0
Views: 118
Answers (2)
Reputation: 112502
RFC 2246 identifies one byte in the message structure that is the compression method. 0 means no compression. RFC 3749 says that 1 means deflate, and RFC 3943 allocates 64 for LZSS. According to the IANA, that's all of them.
The compression methods are "stateful", which means you have to decompress the records as a stream, not individually.
Upvotes: 0
Reputation: 5982
Say that for example the compression is gzip, do I need to concatenate several TLS records spanning the same gzipped payload in order for decompression to succeed or can I decompress each one independently ?
Depends - if the payload was compressed as a whole then chopped up in pieces for each TLS record, you have to concatenate them, but if the payload was first chopped up then compressed you can decompress it piece-by-piece.
Upvotes: 0
Related Questions
- How to handle gzip-compressed responses with the gsoap logging plugin; alternately, how to turn off compression completely
- Disable Chrome's gzip automatic decompression
- Apache Commons CompressorInputStream and HDFS Gzip files error No Compressor found for the stream signature
- Gzip files and Angular 2
- boost::iostreams decompression returns an empty stream
- How to determine whether content returned by .NET HttpClient is Gzipped?
- GZipStream with StreamReader.ReadLine only reads first line
- How Gzip in Tomcat works