Cryptography Reference
In-Depth Information
Requesting Session Resumption
To add session resumption to the TLS client from Chapter 6, modify the
TLSParameters
structure from Listing 6-5 to include an optional session ID as
shown in Listing 8-4:
Listing 8-4:
“tls.h” TLSParameters with session ID
#define MAX_SESSION_ID_LENGTH 32
typedef struct
{
…
int session_id_length;
unsigned char session_id[ MAX_SESSION_ID_LENGTH ];
}
TLSParameters;
Adding Session Resumption Logic to the Client
Now, go ahead and defi ne a new top-level function called
tls_resume
that
renegotiates a previously negotiated session. If you were so inclined, you could
probably work this into the logic of
tls_connect
from Listing 6-7, but it's clearer
to just defi ne a new function.
tls_resume
is shown in Listing 8-5.
Listing 8-5:
“tls.c” tls_resume
int tls_resume( int connection,
int session_id_length,
const unsigned char *session_id,
const unsigned char *master_secret,
TLSParameters *parameters )
{
init_parameters( parameters );
parameters->connection_end = connection_end_client;
parameters->session_id_length = session_id_length;
memcpy( ¶meters->session_id, session_id, session_id_length );
new_md5_digest( ¶meters->md5_handshake_digest );
new_sha1_digest( ¶meters->sha1_handshake_digest );
// Send the TLS handshake “client hello” message
if ( send_client_hello( connection, parameters ) < 0 )
{
perror( “Unable to send client hello” );
return 1;
}
// Receive server hello, change cipher spec & finished.
parameters->server_hello_done = 0;
Search WWH ::
Custom Search