Cryptography Reference
In-Depth Information
data, handshake — so you must keep processing messages until you get
the one you were expecting.
peer_finished . The same as server_finished . In fact, you should delete
server_finished from the TLSParameters structures and rename it peer_
finished ; the fi nished messages are identical whether they came from the
client or from the server, so handling them is exactly the same either way.
Defi ne these new members in Listing 7-5.
Listing 7-5: “tls.h” TLSParameters with server-side support
typedef enum { connection_end_client, connection_end_server } ConnectionEnd;
typedef struct
{
ConnectionEnd connection_end;
master_secret_type master_secret;
random_type client_random;
random_type server_random;
ProtectionParameters pending_send_parameters;
ProtectionParameters active_send_parameters;
ProtectionParameters pending_recv_parameters;
ProtectionParameters active_recv_parameters;
public_key_info server_public_key;
dh_key server_dh_key;
// Internal state
int got_client_hello;
int server_hello_done;
int peer_finished;
digest_ctx md5_handshake_digest;
digest_ctx sha1_handshake_digest;
char *unread_buffer;
int unread_length;
}
TLSParameters;
Change references from server_finished to peer_finished and change the
verify data label depending on the connection end in Listing 7-6.
Listing 7-6: “tls.c” peer_fi nished
static unsigned char *parse_finished( unsigned char *read_pos,
int pdu_length,
TLSParameters *parameters )
{
Search WWH ::




Custom Search