| 主权项 |
1. A method comprising:
receiving, by a security device, a handshake message from a security protocol client; transmitting, by the security device, the handshake message to a security protocol server; receiving, by the security device, a response including a certificate of the security protocol server; transmitting, by the security device, a response including a certificate of the security device to the security protocol client; receiving, by the security device, an encrypted packet from the security protocol client, wherein application data contained in the encrypted packet is encrypted with a cipher suite deliberately caused to be selected for use in connection with both (i) a first security protocol session established between the security protocol client and the security device and (ii) a second security protocol session established between the security protocol server to which the encrypted packet is destined and the security device; buffering, by the security device, the encrypted packet in a buffer; accessing, by an inspection module of the security device, the encrypted packet from the buffer; decrypting the encrypted packet, by the inspection module, to produce a plain text version of the application data; scanning, by the inspection module, the plain text version of the application data; when a Transmission Control Protocol (TCP) sequence number of the first security protocol session is equivalent to a TCP sequence number of the second security protocol session, transmitting, by the security device, the encrypted packet to the security protocol server; and when a size of the certificate of the security device is smaller than a size of the certificate of the security protocol server, transmitting at least one more Secure Sockets Layer (SSL) record from the security device to the security protocol client so that the TCP sequence number of the first security protocol session is equivalent to the TCP sequence number of the second security protocol session. |
