Cryptography Reference
In-Depth Information
int bufsz,
TLSParameters *parameters )
{
…
update_digest( ¶meters->sha256_handshake_digest,
handshake_msg_start, handshake.length + 4 );
}
}
else if ( message.type == content_alert )
3. Finally,
tls_resume
and
tls_connect
must both be changed to initialize
this digest rather than the two parallel digests that they initialized in
Chapters 6 and 8. Listing 9-7 demonstrates.
Listing 9-7:
“tls.c” TLS 1.2 handshake digest initialization
int tls_resume( int connection,
int session_id_length,
const unsigned char *session_id,
const unsigned char *master_secret,
TLSParameters *parameters )
{
init_parameters( parameters, 0 );
parameters->connection_end = connection_end_client;
parameters->session_id_length = session_id_length;
memcpy( ¶meters->session_id, session_id, session_id_length );
new_sha256_digest( ¶meters->sha256_handshake_digest );
...
int tls_connect( int connection,
TLSParameters *parameters,
int renegotiate )
{
init_parameters( parameters, renegotiate );
parameters->connection_end = connection_end_client;
new_sha256_digest( ¶meters->sha256_handshake_digest );
…
int tls_accept( int connection,
TLSParameters *parameters )
{
init_parameters( parameters, 0 );
parameters->connection_end = connection_end_server;
new_sha256_digest( ¶meters->sha256_handshake_digest );
...
Of course, if you want to implement this code to support TLS 1.0 through TLS
1.2 concurrently, you'd have some conditional logic to initialize the handshake
digests depending on the version of TLS.
Search WWH ::
Custom Search