Cryptography Reference
In-Depth Information
CHAPTER
7
Adding Server-Side TLS 1.0
Support
The previous chapter examined the TLS protocol in detail from the perspec-
tive of the client. This chapter examines the server's role in the TLS exchange.
Although you should have a pretty good handle by now on what's expected
of the server, the implementation includes a few gotchas that you should be
aware of.
The good news is that you can reuse most of the code from the previous
chapter; the supporting infrastructure behind encrypting and authenticat-
ing is exactly the same for the server as for the client. For the most part,
implementing the server's view of the handshake involves sending what
the client received and receiving what the client sent. After the handshake
is complete,
tls_send
,
tls_recv
, and
tls_shutdown
work exactly as they do
on the client side.
Implementing the TLS 1.0 Handshake from the
Server's Perspective
You need to have a way to verify the server-side code, so add HTTPS support
to the simple web server developed in Chapter 1. The startup and listen routine
doesn't change at all. Of course, it's listening on port 443 instead of port 80, but
otherwise, the main routine in Listing 7-1 is identical to the one in Listing 1-18.
Search WWH ::
Custom Search