Протоколы Internet


Протокол TLS версия 0 - часть 36


ClientKeyExchange;

case finished:

Finished; } body;

} Handshake;

A.4.1. Сообщения Hello

struct { } HelloRequest;

struct { uint32 gmt_unix_time; opaque random_bytes[28]; } Random;

opaque SessionID;

uint8 CipherSuite[2];

enum { null(0), (255) } CompressionMethod;

struct { ProtocolVersion client_version; Random random;

SessionID session_id;

CipherSuite cipher_suites16-1>;

CompressionMethod compression_methods8-1>;

} ClientHello;

struct { ProtocolVersion server_version;

Random random;

SessionID session_id;

CipherSuite cipher_suite;

CompressionMethod compression_method;

} ServerHello;

A.4.2. Аутентификация сервера и сообщения обмена ключами

opaque ASN.1Cert24-1>;

struct { ASN.1Cert certificate_list24-1>;} Certificate;

enum { rsa, diffie_hellman } KeyExchangeAlgorithm;

struct { opaque RSA_modulus16-1>; opaque RSA_exponent16-1>;

} ServerRSAParams;

struct { opaque DH_p16-1>; opaque DH_g16-1>;

opaque DH_Ys16-1>; ServerDHParams;

struct { select (KeyExchangeAlgorithm) {

case diffie_hellman:

ServerDHParams params;

Signature signed_params;

case rsa:

ServerRSAParams params;

Signature signed_params; };

} ServerKeyExchange;

enum { anonymous, rsa, dsa } SignatureAlgorithm;

select (SignatureAlgorithm)

{ case anonymous: struct { };

case rsa:

digitally-signed struct {

opaque md5_hash[16];

opaque sha_hash[20]; };

case dsa:

digitally-signed struct {

opaque sha_hash[20]; };

} Signature;

enum { rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4), (255)} ClientCertificateType;

opaque DistinguishedName16-1>;

struct { ClientCertificateType certificate_types8-1>;

DistinguishedName certificate_authorities16-1>;

} CertificateRequest;

struct { } ServerHelloDone;

A.4.3. Аутентификация клиента и сообщения обмена ключами

struct { select (KeyExchangeAlgorithm) { case rsa: EncryptedPreMasterSecret;

case diffie_hellman: DiffieHellmanClientPublicValue; } exchange_keys;

} ClientKeyExchange;

struct { ProtocolVersion client_version; opaque random[46]; } PreMasterSecret;




Начало  Назад  Вперед