Cryptography Reference
In-Depth Information
were implementing TLS with a strictly correct DES implementation, you'd need
to recognize this fact and parity adjust the generated key (e.g. ensure an even
number of 1 bits), or you'd get an inexplicable error when you tried to use it.
Diffi e-Hellman Key Exchange
TLS 1.0 supports Diffi e-Hellman key exchange in addition to RSA key exchange.
Remember that, in Diffi e-Hellman key exchange, neither side gets to pick the
negotiated secret, but both sides end up computing the same value. This works
out in the context of TLS key exchange; both sides can agree on the premaster
secret, which is expanded to the master secret, which is expanded to the key-
ing material.
Add support for DH key exchange in
send_client_key_exchange
as shown
in Listing 6-42.
Listing 6-42:
“tls.c” send_client_key_exchange with Diffi e-Hellman key exchange
switch ( parameters->pending_send_parameters.suite ) {
case TLS_NULL_WITH_NULL_NULL:
// XXX this is an error, exit here
break;
…
case TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
case TLS_DH_DSS_WITH_DES_CBC_SHA:
case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
…
premaster_secret_len = parameters->server_dh_key.p.size;
premaster_secret = malloc( premaster_secret_len );
key_exchange_message_len = dh_key_exchange( ¶meters->server_dh_key,
premaster_secret, &key_exchange_message );
break;
The Diffi e-Hellman key exchange procedure continues as described in Chapter 3.
Recall that you didn't code a specifi c Diffi e-Hellman routine because it was
essentially just a couple of calls to
mod_pow
. These calls can be integrated into
a premaster secret exchange as shown in Listing 6-43.
Listing 6-43:
“tls.c” dh_key_exchange
/**
* Just compute Yc = g^a % p and return it in “key_exchange_message”. The
* premaster secret is Ys ^ a % p.
*/
int dh_key_exchange( dh_key *server_dh_key,
unsigned char *premaster_secret,
unsigned char **key_exchange_message )
{
huge Yc;
huge Z;
(Continued)
Search WWH ::
Custom Search