Cryptography Reference
In-Depth Information
sizeof( Random ) +
sizeof( unsigned char ) +
( sizeof( unsigned char ) * package.session_id_length ) +
sizeof( unsigned short ) +
sizeof( unsigned char );
write_buffer = send_buffer = ( char * ) malloc( send_buffer_size );
write_buffer = append_buffer( write_buffer,
( void * ) &package.server_version.major, 1 );
write_buffer = append_buffer( write_buffer,
( void * ) &package.server_version.minor, 1 );
write_buffer = append_buffer( write_buffer,
( void * ) &package.random.gmt_unix_time, 4 );
write_buffer = append_buffer( write_buffer,
( void * ) &package.random.random_bytes, 28 );
write_buffer = append_buffer( write_buffer,
( void * ) &package.session_id_length, 1 );
if ( package.session_id_length > 0 )
{
write_buffer = append_buffer( write_buffer, ( void * )package.session_id,
package.session_id_length );
}
write_buffer = append_buffer( write_buffer,
( void * ) &package.cipher_suite, 2 );
write_buffer = append_buffer( write_buffer,
( void * ) &package.compression_method, 1 );
assert( ( ( char * ) write_buffer - send_buffer ) == send_buffer_size );
send_handshake_message( connection, server_hello, send_buffer,
send_buffer_size, parameters );
free( send_buffer );
return 0;
}
The selected cipher suite is copied from
pending_send_parameters
and bun-
dled off to the client. Notice that the session ID sent by this implementation is
empty; this is permissible per the specifi cation and indicates to the client that
this server either does not support session resumption or does not intend to
resume this session.
TLS Certifi cate
After the server hello is sent, the server should send a certifi cate, if the cipher
spec calls for one (which is the case in the most common cipher specs). Because
the certifi cate normally must be signed by a certifi cate authority in order to be
accepted, it's usually pre-generated and signed, and it must be loaded from disk
Search WWH ::
Custom Search