Cryptography Reference
In-Depth Information
CHAPTER
9
Adding TLS 1.2 Support to Your
TLS Library
TLS 1.2 was formally specifi ed in 2008 after several years of debate. It represents
a signifi cant change to its predecessor TLS 1.1 — mostly in terms of increased
security options and additional cipher suite choices. This chapter details the
changes that you need to make to the TLS 1.0 implementation of the previous
three chapters to make it compliant with TLS 1.2.
The next two sections detail the message-format level changes that TLS 1.2
introduced. I move quickly here, assuming a good familiarity with the mate-
rial in the previous three chapters — if you don't remember what the PRF is or
what messages are involved in the TLS handshake, you may want to jump back
and briefl y review at least Chapter 6. Alternatively, if you're more interested in
what TLS 1.2 does, rather than how it does it, you can skip ahead to the section
in the chapter on AEAD encryption.
Supporting TLS 1.2 When You Use RSA for the
Key Exchange
This section covers changes suffi cient enough to support TLS 1.2 in the most
straightforward case: when RSA is used directly for key exchange. To do so,
you would follow these basic steps.
Search WWH ::
Custom Search