Zilog EZ80F91AZA User Manual download pdf (Page 30)

UM020107-1211 SSL Configuration

ZTP Network Security SSL Plug-In

User Manual

Client Mode or Server Mode Support

When each of the SSL handshake protocols is initialized (see the SSL Handshake Protocol

Initialization section on page 22), the first parameter on the initialization call specifies

whether the protocol supports the client and/or server mode of operation.

1. SSL sessions are always initialized by clients. Servers will only wait passively for

connection attempts from remote clients.

2. The SSL handshake protocols implemented in the ZTP Network Security SSL Plug-In

are capable of operating simultaneously. For example, it is possible that an SSLv3 cli-

ent session is being established at the same time as a TLSv1 server session and a

TLSv1 client session. However, when multiple sessions are established at the same

time, it takes longer for all sessions to be established than if they had been established

serially.

Digest Algorithm Selection

The SSL handshake protocols use digest algorithms for many purposes, including generat-

ing and verifying message authentication codes, generating session keys, and verifying

digital signatures. The ZTP Network Security SSL Plug-In recognizes the following four

digest (or hash) algorithms:

•

MD5

•

SHA1

•

HMAC_MD5

•

HMAC_SHA1 

Depending on the SSL handshake protocols used and the configuration of cipher suites,

some of these digest algorithms can be removed from the project to reduce code size. This

removal can be performed by modifying

HashGen array in the hash_conf.c file.

The default setting of the

HashGen array is shown in the following code fragment.

HASH_NEW HashGen[ SSL_MAX_HASH ] =

{

NullHash_New,

MD5_New,

HMAC_MD5_New,

SHA1_New,

HMAC_SHA1_New

};

Notes:

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 78 79

Comments to this Manuals

No comments

Zilog EZ80F91AZA User Manual Page 30

Comments to this Manuals

Related products and manuals for Sensors Zilog EZ80F91AZA