beautypg.com

How to use ssl, Ssl session cache module, Ssl interface module – Zilog EZ80F91AZA User Manual

Page 10: Ssl cryptographic module

background image

UM020107-1211

Introduction

ZTP Network Security SSL Plug-In

User Manual

4

The handshake protocol module is responsible for establishing SSL sessions. This module
actually contains six sub-modules:

1. SSLv2 Client

2. SSLv2 Server

3. SSLv3 Client

4. SSLv3 Server

5. TLSv1 Client

6. TLSv1 Server

The module used to establish an SSL session depends on the configuration of the ZTP
Network Security SSL Plug-In. It is possible for multiple handshake modules to be active
at the same time.

SSL Session Cache Module.

Adjacent to the handshake module is the SSL session

cache module, which is used to store information about the established SSL sessions. If
the same client and server attempt to establish another session in the future, the session
cache can be enabled to reduce the number of handshake messages that must be
exchanged, which will in turn reduce the session establishment time. This reduction is pri-
marily a result of not having to perform complex public key algorithms.

SSL Interface Module.

Above the handshake module is the SSL interface module. This

layer exposes the SSL API to upper-layer applications. Other than the SSL-specific initial-
ization commands (

Initialize_SSL

,

SSL2_ClientInit

,

SSL2_ServerInit

,

SSL3_ClientInit

,

SSL3_ServerInit

,

TLS1_ClientInit

, and

TLS1_ServerInit

), this interface exposes the same TCP interface as used by the TCP

Interface module. This exposure allows user applications that are written to use ZTP’s
TCP interface to be seamlessly ported to use SSL.

SSL Cryptographic Module.

The final module in the ZTP Network Security SSL Plug-In

is the cryptographic module, which contains the digest algorithms, ciphers and public key
algorithms used by the SSL protocol to secure application data.

How to Use SSL

The

Initialize_SSL

API must be called to enable the SSL Interface layer used by

applications to securely transfer data. This API must be called only one time during sys-
tem initialization, regardless of how many SSL client and server tasks are created. Addi-
tionally, an initialization call must be made for each version of the SSL handshake
protocol that will be supported by the application. This initialization routine is accom-
plished by calling one or more of the following APIs:

SSL2_ClientInit

SSL2_ServerInit

This manual is related to the following products:
See also other documents in the category Zilog Sensors: