A simple library to support serving https.
Dependents: oldheating gps motorhome heating
explanation.txt
- Committer:
- andrewboyson
- Date:
- 2019-10-02
- Revision:
- 14:03a0b8fd6ddc
- Parent:
- 8:5e66a6b4b38c
- Child:
- 19:f22327e8be7b
File content as of revision 14:03a0b8fd6ddc:
Names ===== SHA secure hash algorithm - it is deterministic, meaning that the same message always results in the same hash - it is quick to compute the hash value for any given message - it is infeasible to generate a message that yields a given hash value - it is infeasible to find two different messages with the same hash value - a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value (avalanche effect) HMAC keyed-hash message authentication code or hash-based message authentication code - it is a message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key. - it may be used to simultaneously verify both the data integrity and the authentication of a message - used to sign a message with a symmetrical key Links ===== https://tls.ulfheim.net/ Full RSA handshake =================== ClientHello -=> use session id to jump to short handshake <=- ServerHello <=- Certificate <=- ServerHelloDone ClientKeyExchange -=> start asynchronous sha256 decryption ChangeCipherSpec --> switch to encrypedIn Finished -=> store the encrypted verify message sha256 decrypted --> prepare the keys and decrypt the verify message <-- ChangeCipherSpec <=- Finished Short RSA handshake =================== ClientHello -=> <=- ServerHello <-- ChangeCipherSpec <=- Finished ChangeCipherSpec --> switch to encrypedIn Finished -=>