Figure 11.2: GnuTLS handshake state machine.
Next: TLS Authentication Methods, Previous: The TLS Protocol, Up: Internal architecture of GnuTLS [Contents][Index]
The GnuTLS handshake protocol is implemented as a state machine that waits for input or returns immediately when the non-blocking transport layer functions are used. The main idea is shown in Figure 11.2.
Figure 11.2: GnuTLS handshake state machine.
Also the way the input is processed varies per ciphersuite. Several
implementations of the internal handlers are available and
gnutls_handshake only multiplexes the input to the appropriate
handler. For example a PSK ciphersuite has a different
implementation of the process_client_key_exchange than a
certificate ciphersuite. We illustrate the idea in Figure 11.3.
Figure 11.3: GnuTLS handshake process sequence.