Zilog EZ80F91AZA User Manual download pdf (Page 9)

UM020107-1211 Introduction

ZTP Network Security SSL Plug-In

User Manual

Each of the following SSL modules is described in this section.

•

TCP Interface Module

•

SSL Record Layer Module

•

SSL Session Cache Module

•

SSL Interface Module

•

SSL Cryptographic Module

TCP Interface Module. This module uses the ZTP TCP API to establish TCP connections

and exchange SSL data. It also uses the stream sockets interface (open, bind, close, read,

write).

SSL Record Layer Module. SSL Record Layer module is above the TCP Interface mod-

ule. This module is responsible for framing all SSL handshake messages and application

data. After an SSL session is established, the record layer will pad all messages to a multi-

ple of the cipher’s block size, compute a message authentication code on the data, frag-

ment the message, and then encrypt each of the fragments. Upon receiving the message,

the record layer reassembles inbound fragments, decrypts the message, verifies the mes-

sage authentication code, and passes the message to the handshake protocol for additional

processing. For application-level data, the record layer allows the data to be received from

the upper SSL interface.

Figure 1. Software Modules in the ZTP Network Security SSL Plug-In

Handshake Protocol

Record Layer

Alert Protocol

Cryptographic Library

(RC4, DES, 3DES, AES, MD5, SHA-1, RSA, DH, DSA)

TCP

Interface

SSL Interface/ TCP Emulation

SSL

Session Cache

1 2 3 4 5 6 7 8 9 10 11 12 13 14 ... 78 79

No comments

Zilog EZ80F91AZA User Manual Page 9