Cryptography Reference
In-Depth Information
…
free( hello.session_id );
}
// Parse client hello extensions
if ( ( read_pos - init_pos ) < pdu_length )
{
read_pos = parse_client_hello_extensions( read_pos, parameters );
}
return read_pos;
}
Client hello extensions are, of course, a list of extensions; like every other
variable-length list in TLS, the extensions list is preceded by the byte count (not
the item count!) of the list that follows. The extensions themselves are as open-
ended as possible; each starts with a two-byte extension identifi er and another
variable-length
blob
of data whose contents depend on the extension identifi er.
The interpretation of this blob varies greatly from one extension to the next. In
many cases, it's yet another variable-length list of data, but in other cases it's a
simple numeric type, and sometimes it's empty if the extension is just a marker
that indicates that a certain feature is supported.
This topic won't exhaustively cover all the available client hello extensions.
Of those that are covered, most are discussed as they come up rather than in
this section. They'll make more sense that way. However, Listings 8-2 and 8-3
illustrate the parsing of the server name extension:
Listing 8-2:
“tls.c” parse_client_hello_extensions
typedef enum
{
server_name = 0
}
ExtensionType;
static char *parse_client_hello_extensions( char *read_pos,
TLSParameters *parameters )
{
unsigned short extensions_size, extension_data_size;
char *init_pos;
ExtensionType type;
read_pos = read_buffer( ( void * ) &extensions_size, ( void * ) read_pos, 2 );
extensions_size = ntohs( extensions_size );
init_pos = read_pos;
while ( ( read_pos - init_pos ) < extensions_size )
(Continued)
Search WWH ::
Custom Search