17.8 Summary
In this chapter, we covered the TLS record layer and learned how cryptographic mechanisms, in particular AEAD algorithms, are used in the TLS record protocol. We described the data structures and messages on the record layer and saw how record payloads are protected. In addition, we discussed per-record nonces and the use of padding for TLS records.
Moreover, we covered how TLS can be further explored – down to nitty-gritty details – by debugging OpenSSL, specifically OpenSSL’s s˙client
test tool. While we did not describe the GNU debugger in detail, the Git repository and instructions for building a Docker image with an OpenSSL 3.1.0 installation suitable for debugging and the GDB commands shown in the examples in this chapter are good starting points for exploring OpenSSL and TLS in more detail.
In the next chapter, we will take a look at TLS 1.3 cipher suites. These are pairs composed of an AEAD algorithm and a hash algorithm to be used with...