Cryptography Reference
In-Depth Information
}
HashAlgorithm;
typedef enum
{
anonymous = 0,
sig_rsa = 1,
sig_dsa = 2,
sig_ecdsa = 3
}
SignatureAlgorithm;
This is less extensible, but signifi cantly easier to code, than the X.509 OID
structure.
Modify
parse_server_key_exchange
from Listing 8-19 as shown in Listing
9-10 to read the hash and signature algorithm from the beginning of the packet.
Note that this implementation reads, but completely ignores, the declared sig-
nature and hash algorithms; a proper, robust implementation verifi es that the
algorithm is one that has a public key to verify with and, if the hash algorithm
is not SHA-256, the implementation computes that hash or throws an alert
indicating that it can't.
Listing 9-10:
“tls.c” parse_server_key_exchange with signature and hash algorithm declaration
static char *parse_server_key_exchange( unsigned char *read_pos,
TLSParameters *parameters )
{
short length;
int i;
unsigned char *dh_params = read_pos;
HashAlgorithm hash_alg;
SignatureAlgorithm sig_alg;
// TLS 1.2 read off the signature and hash algorithm
hash_alg = read_pos[ 0 ];
sig_alg = read_pos[ 1 ];
read_pos += 2;
for ( i = 0; i < 4; i++ )
These changes are necessary to support ephemeral key exchange algorithms.
Because the structure of the message itself changes, you must be ready to at
least look in a different place for the key exchange parameters.
Finally, remember that if the server wants a client certifi cate, the client must
also send back a
certifi cate verify
message with its own signature. To save the
client the trouble of sending a certifi cate whose public key the server cannot
use to verify a signature, the certifi cate request message was changed in TLS
Search WWH ::
Custom Search