The connect_server procedure is called from dispatch_call after successful execution of check_finger_print in order to find the subscriber with whom a secure communication channel must be established. After successful detection of such a subscriber, connect_server provides the procedure for agreeing on a common session key for two subscribers (sending key_data and hash_data objects).
It is important to emphasize that when sending key security objects key_data and hash_data between subscribers, the Extra Systems Cypher Net central server (as can be easily seen in the code below) does not interfere with this process in any way. For the server, this data is complete gibberish, the meaning of which it does not understand, and only knows their size (PACKED_VALUE_LENTH and HASH_SIZE).
int connect_server(THREADDATA *thread_item) {
int i, found, my_socket, his_socket, socket_buffer_size;
char socket_buffer[MAX_SOCKET_BUFFER_SIZE];
found = 0;
thread_item->buffer_to_send = NULL;
while (!found) {
for (i = 0; (i < THREAD_POOL_SIZE) && (!found); i++) {
found = ((thread_pool[i].client_id == thread_item->server_id) && (thread_pool[i].server_id == thread_item->client_id) && (thread_pool[i].client_mode != thread_item->client_mode));
if (found) thread_item->server_thread = i;
}
if (!found) es_sleep(100);
}
my_socket = thread_item->thread_socket;
his_socket = thread_pool[thread_item->server_thread].thread_socket;
if (socket_read_buffer(my_socket, socket_buffer, thread_item->prolog_size) != thread_item->prolog_size) return 0;
if (socket_send_buffer(his_socket, socket_buffer, thread_item->prolog_size) != thread_item->prolog_size) return 0;
return 1;
}
Please note that the server does not know in advance the size of the information that the subscribers exchange during the session key negotiation process. This is due to the fact that they can use RSA keys of different sizes, as well as different hashing algorithms. Therefore, the client procedure get_common_key first sends the packet size (PACKED_VALUE_LENTH + HASH_SIZE), so that the server knows what size information (the socket_buffer_size variable) should be sent between the subscribers.
The content of this page is also available in French, German, Ukrainian and Russian.
| © Extra Systems, 2024 |
|