[gnutls-help] Using GnuTLS with an HSM - Implementation
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Sep 17 10:01:05 CEST 2013
On 09/16/2013 11:32 AM, Horst Freiburger wrote:
> Hi Nikos, hi everyone,
>
> now i am implementing the function hooks to use a TR03109 security
> module in GnuTLS described in "Using GnuTLS with an HSM" (July 2013).
> (Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_123_CBC_SHA256)
>
> I've already implemented the functions to set the function pointers in
> GnuTLS. After this i've added the automated function call for getting
> the random number of the security module for the "client hello"-message.
> So part one is implemented.
>
> Now i will implement the function to get the EC-Key-Pair from the
> security module and to calculate the pre-master-secret in the security
> module. I have a few problems to find the right place in the source-code.
>
> I've tracked the function calls to the right place:
> _gnutls_handshake()
> _gnutls_handshake_client()
> _gnutls_send_client_kx_message()
> _gnutls_generate_client_kx()
>
> For the last function i cannot find the implementation... Where is this
> function implemented?
Hello Horst,
It depends on the key exchange method of the ciphersuite. Check
gnutls_auth.h and the auth/ directory which has the implementation for
the various supported methods.
regards,
Nikos
More information about the Gnutls-help
mailing list