Skip to navigation
How TLS works with a mssql server
23.04.26
Let's go through the detailed steps of a TLS handshake when a client accesses a MS SQL Server, assuming both client and server are configured to use TLS (and we'll consider TLS 1.2 as a representative modern version). This process happens on top of the established TCP connection. **Assumptions:** * A TCP connection has already been established between the client and the MS SQL Server (using the three-way handshake we discussed earlier). * Both the client and the server support TLS 1.2 or higher. * The client knows the server's IP address and port (e.g., 1433). * The MS SQL Server has a valid SSL/TLS certificate installed that covers the hostname the client is trying to connect to. --- ### Phase 1: TLS Handshake (Simplified for TLS 1.2) The goal of the handshake is for the client and server to: 1. Agree on which TLS version to use. 2. Agree on which cipher suite (encryption and hashing algorithms) to use. 3. Authenticate the server to the client (and optionally, the client to the server). 4. Establish a shared secret key for encrypting the actual application data. **Step 1: Client Hello** * **What happens:** The client, after establishing the TCP connection, sends a `Client Hello` message to the server. * **Contents of `Client Hello`:** * **TLS Version:** Indicates the highest TLS version the client supports (e.g., TLS 1.2). * **Random `client_random`:** A random byte string generated by the client. This is crucial for key generation later. * **Session ID (optional):** If the client has connected to this server recently and has a valid session ID, it can send it here to attempt a *session resumption* (which speeds things up by skipping some steps). * **Cipher Suites:** A list of all the cipher suites the client supports, ordered by the client's preference (most preferred first). A cipher suite is a combination of algorithms for key exchange, encryption, and message authentication. Examples: `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`, `TLS_RSA_WITH_AES_128_CBC_SHA256`. * **Extensions:** Additional parameters like Supported Groups (Elliptic Curve names), Signature Algorithms, etc. **Step 2: Server Hello** * **What happens:** The server receives the `Client Hello` and chooses the best match from the client's offered cipher suites and its own supported capabilities. It then sends back a `Server Hello` message. * **Contents of `Server Hello`:** * **TLS Version:** The chosen TLS version (must be supported by both client and server). * **Random `server_random`:** A random byte string generated by the server. * **Session ID:** If the client offered one and the server wants to resume a session, it will echo that Session ID back. Otherwise, it might send a new, empty Session ID to indicate a new session. * **Chosen Cipher Suite:** The single cipher suite selected from the client's list that the server also supports and prefers for this connection. **Step 3: Server Certificate** * **What happens:** The server sends its SSL/TLS certificate to the client. * **Contents of `Server Certificate`:** * **Certificate Chain:** This includes the server's public certificate, and potentially intermediate certificates that chain up to a trusted Certificate Authority (CA) root certificate. * **Server's Public Key:** The certificate contains the server's public key, which the client will use for authentication and/or key exchange. **Step 4: Server Key Exchange (Optional, depends on cipher suite)** * **What happens:** If the chosen cipher suite uses ephemeral key exchange (like ECDHE), the server sends a `Server Key Exchange` message. This message contains the server's contribution to the Diffie-Hellman key exchange (e.g., its ephemeral public key and parameters). * **Digital Signature:** This `Server Key Exchange` message (if present) is digitally signed by the server's private key. This signature is crucial for authentication, allowing the client to verify that the server indeed possesses the private key corresponding to the public certificate it sent earlier. **Step 5: Certificate Request (Optional)** * **What happens:** If the server is configured for *mutual TLS authentication* (client authentication), it sends a `Certificate Request` message. This tells the client to send its own certificate. (Most MS SQL Server connections do *not* require client authentication). **Step 6: Server Hello Done** * **What happens:** The server sends a `Server Hello Done` message to indicate that it has finished sending its initial handshake messages. **Step 7: Client Verification and Key Generation** * **What happens:** The client now has received all the server's initial messages. It performs several checks: * **Certificate Validation:** * Is the certificate expired or not yet valid? * Does the hostname in the certificate match the server's hostname the client is trying to connect to? * Is the certificate trusted? The client checks if the CA that issued the server's certificate (or an intermediate CA) is in its own trusted root CA store. * Is the certificate revoked? (Often checked via OCSP or CRLs, though this can be complex and sometimes skipped for performance). * **Signature Verification:** If a `Server Key Exchange` was sent, the client uses the server's public key (from the certificate) to verify the digital signature on that message. This proves the server owns the private key associated with the certificate. * **Key Exchange:** If ephemeral key exchange was used (like ECDHE), the client uses its own generated ephemeral public key and the server's ephemeral public key (from the `Server Key Exchange` message) to compute a shared secret. This shared secret is then used to derive the actual symmetric encryption keys (for both client-to-server and server-to-client) and MAC keys. * **Client Certificate Handling (if requested):** If the server requested a client certificate, the client would select its own certificate, sign it, and send it back. **Step 8: Client Certificate (Optional)** * **What happens:** If the server requested it, the client sends its `Certificate` message. **Step 9: Client Key Exchange** * **What happens:** The client sends a `Client Key Exchange` message. * **Pre-Master Secret:** This message typically contains the client's contribution to the key exchange (e.g., its ephemeral public key for ECDHE, or encrypted pre-master secret for RSA key exchange). * The client and server independently use this pre-master secret, along with the `client_random` and `server_random` values, to derive the same **master secret**. This master secret is then used to generate the actual session keys (symmetric encryption keys and MAC keys) for both directions of communication. **Step 10: Change Cipher Spec** * **What happens:** Both client and server send a `Change Cipher Spec` message. This is a single-byte message that signals that all subsequent messages *will* be encrypted using the newly derived session keys and the agreed-upon cipher suite. **Step 11: Finished** * **What happens:** Immediately after sending `Change Cipher Spec`, both client and server send a `Finished` message. * This `Finished` message is encrypted. * It contains a hash of all handshake messages exchanged so far, plus a label indicating whether it's from the client or server. * This is the final step of the handshake. It serves two purposes: 1. **Verification:** It proves to the other side that they have correctly derived the session keys, as the encrypted hash would be incorrect if the keys were wrong. 2. **Final Check:** It confirms that the handshake messages haven't been tampered with. --- ### Phase 2: Encrypted Application Data Transfer Once both sides have sent and received the `Finished` message, the handshake is complete. 1. **Client Sends SQL Query (Encrypted):** * The client application's SQL query is passed to the OS. * The TCP/IP stack segments the data. * Before sending, the data is **encrypted** using the symmetric session key (e.g., AES-GCM) and the agreed-upon cipher suite. * A Message Authentication Code (MAC) is generated (e.g., using the agreed-upon hashing algorithm like SHA-384) and appended to the encrypted data. This MAC ensures data integrity and authenticity. * The encrypted segment with the MAC is sent over the TCP connection. 2. **Server Receives and Decrypts Data:** * The MS SQL Server's TCP/IP stack receives the segment. * It verifies the MAC using its own derived MAC key. If the MAC doesn't match, the data is discarded or an error is flagged (indicating tampering or corruption). * If the MAC is valid, the encrypted payload is **decrypted** using the symmetric session key. * The decrypted data (the SQL query) is passed up to the MS SQL Server process. * The server then processes the query as before. 3. **Server Sends Results (Encrypted):** * The MS SQL Server process generates results. * The data is passed to the server's OS. * The TCP/IP stack segments the data, **encrypts** it using the same session keys, calculates a **MAC**, and sends it back to the client. 4. **Client Receives and Decrypts Results:** * The client's TCP/IP stack receives the segment. * It verifies the **MAC**. * If valid, it **decrypts** the data. * The decrypted results are passed up to the client application (e.g., SSMS). --- ### Phase 3: Connection Termination (with TLS) When the TCP connection is terminated (via the four-way handshake), the TLS layer also signals closure. * A final `Change Cipher Spec` and `Finished` message might be exchanged, encrypted, to confirm the secure channel is being closed gracefully. * Then, the underlying TCP FIN/ACK sequence proceeds. This detailed process ensures that the communication between the client and MS SQL Server is confidential (encrypted), integral (cannot be tampered with), and authenticated (the client is sure it's talking to the legitimate server).
https://certera.com/blog/tls-1-3-everything-you-need-to-know/
Reply
Anonymous
Information Epoch 1781398360
Worse is better.
Home
Notebook
Contact us
