A Usable, Secure Communications Protocol: Client-Side TLS - Implementing SSL/TLS Using Cryptography and PKI

Cryptography Reference

In-Depth Information

{

fprintf( stderr, “Error, server wants compression.\n” );

return NULL;

}

// TODO - abort if there's more data here than in the spec (per section

// 7.4.1.2, forward compatibility note)

// TODO - abort if version < 3.1 with “protocol_version” alert error

// 28 random bytes, but the preceding four bytes are the reported GMT unix

// time

memcpy( ( void * ) parameters->server_random, &hello.random.gmt_unix_time, 4

);

memcpy( ( void * ) ( parameters->server_random + 4 ),

( void * ) hello.random.random_bytes, 28 );

return read_pos;

}

Note that if the server asked for compression, this function returns null

because this implementation doesn't support compression. This is recognized

by the calling routine and is used to generate an alert. Here the terseness of the

TLS alert protocol shows. If the server asked for compression, it just gets back a

nondescript illegal parameter but receives no indication of which parameter was

illegal. It certainly would be more robust if you were allowed to tell it which

parameter you were complaining about. This is generally not a problem for users

of TLS software — if you get an illegal parameter while using, say, a browser,

that means that the programmer of the browser did something wrong — but is a

hassle when developing/testing TLS software like the library developed in this

topic. When developing, therefore, it's best to test against a client or server with

its debug levels set to maximum so that if you do get back an illegal parameter

(or any other nondescript alert message), you can go look at the server logs to

see what you actually did wrong.

This routine stores the server random, of course, because it is needed later on

in the master secret computation. Primarily, though, it sets the values pending_

send_parameters and pending_recv_parameters with the selected suite. Expand

the defi nition of ProtectionParameters to keep track of this in Listing 6-24.

Listing 6-24: “tls.h” ProtectionParameters with cipher suite

typedef struct

{

unsigned char *MAC_secret;

unsigned char *key;

unsigned char *IV;

CipherSuiteIdentifier suite;

}

ProtectionParameters;

Search WWH ::

Custom Search

Home