Cryptography Reference
In-Depth Information
The SSLv2 specifi cation isn't clear on how many initialization vectors you
should use. Should each side have its own initialization vector, or should the
same one be used for both client and server? OpenSSL expects a single initial-
ization vector that both sides start with (of course, they diverge immediately),
so follow suit.
The send_client_master_key function is shown in Listing C-21.
Listing C-21: “ssl.c” send_client_master_key
static int send_client_master_key( int connection,
SSLParameters *parameters )
{
int status = 0;
unsigned char *send_buffer, *write_buffer;
int buf_len;
unsigned short network_number;
ClientMasterKey package;
memcpy( package.cipher_kind,
&parameters->proposed_cipher_spec->cipher_spec_code, 3 );
package.clear_key_len = 0; // not supporting export ciphers
package.encrypted_key_len = rsa_encrypt( parameters->master_key,
parameters->proposed_cipher_spec->key_size,
&package.encrypted_key, &parameters->server_public_key );
package.key_arg_len = parameters->proposed_cipher_spec->IV_size;
package.clear_key = malloc( sizeof( unsigned char ) *
package.clear_key_len );
package.key_arg = malloc( sizeof( unsigned char ) *
package.key_arg_len );
memcpy( package.key_arg, parameters->read_iv,
parameters->proposed_cipher_spec->IV_size );
buf_len = sizeof( unsigned char ) * 3 +
sizeof( unsigned short ) * 3 +
package.clear_key_len +
package.encrypted_key_len +
package.key_arg_len;
send_buffer = write_buffer = malloc( buf_len );
write_buffer = append_buffer( write_buffer, package.cipher_kind, 3 );
network_number = htons( package.clear_key_len );
write_buffer = append_buffer( write_buffer,
( void * ) &network_number, 2 );
network_number = htons( package.encrypted_key_len );
write_buffer = append_buffer( write_buffer,
( void * ) &network_number, 2 );
 
Search WWH ::




Custom Search