DTLS protocol version 1.2 was published in January 2012 and is copyrighted by the Internet Engineering Task Force (IETF). This section shares code samples that illustrate the changes made in version 1.2.
The following code illustrates the TLS 1.2 handshake message header. This format supports:
- Message fragmentation
- Message loss
- Reordering:
// Copyright (c) 2012 IETF Trust and the persons identified
// as authors of the code. All rights reserved.
struct
{
HandshakeType msg_type;
uint24 length;
uint16 message_seq; // New field
uint24 fragment_offset; // New field
uint24 fragment_length; // New field
select (HandshakeType)
{
case hello_request: HelloRequest;
case client_hello: ClientHello;
case hello_verify_request: HelloVerifyRequest; // New type
case server_hello: ServerHello;
case certificate:Certificate;
case server_key_exchange: ServerKeyExchange;
case certificate_request: CertificateRequest;
case server_hello_done:ServerHelloDone;
case certificate_verify: CertificateVerify;
case client_key_exchange: ClientKeyExchange;
case finished: Finished;
} body;
} Handshake;
The code presented in this section is from the DTLS protocol documentation and is republished here in accordance with IETF's Legal Provisions Relating to IETF Documents.
The record layer contains the information that we intend to send into records. The information starts off inside a DTLSPlaintext structure and then after the handshake takes place, the records are encrypted and are eligible to be sent by the communication stream. The record layer format follows with new fields in version 1.2, and is annotated with the // New field in-code comments, as follows:
// Copyright (c) 2012 IETF Trust and the persons identified
// as authors of the code. All rights reserved.
struct
{
ContentType type;
ProtocolVersion version;
uint16 epoch; // New field
uint48 sequence_number; // New field
uint16 length;
opaque fragment[DTLSPlaintext.length];
} DTLSPlaintext;
struct
{
ContentType type;
ProtocolVersion version;
uint16 epoch; // New field
uint48 sequence_number; // New field
uint16 length;
opaque fragment[DTLSCompressed.length];
} DTLSCompressed;
struct
{
ContentType type;
ProtocolVersion version;
uint16 epoch; // New field
uint48 sequence_number; // New field
uint16 length;
select (CipherSpec.cipher_type)
{
case block: GenericBlockCipher;
case aead: GenericAEADCipher; // New field
} fragment;
} DTLSCiphertext;
Finally, here is the updated handshake protocol:
// Copyright (c) 2012 IETF Trust and the persons identified
// as authors of the code. All rights reserved.
enum {
hello_request(0), client_hello(1),
server_hello(2),
hello_verify_request(3), // New field
certificate(11), server_key_exchange (12),
certificate_request(13), server_hello_done(14),
certificate_verify(15), client_key_exchange(16),
finished(20), (255) } HandshakeType;
struct {
HandshakeType msg_type;
uint24 length;
uint16 message_seq; // New field
uint24 fragment_offset; // New field
uint24 fragment_length; // New field
select (HandshakeType) {
case hello_request: HelloRequest;
case client_hello: ClientHello;
case server_hello: ServerHello;
case hello_verify_request: HelloVerifyRequest; // New field
case certificate:Certificate;
case server_key_exchange: ServerKeyExchange;
case certificate_request: CertificateRequest;
case server_hello_done:ServerHelloDone;
case certificate_verify: CertificateVerify;
case client_key_exchange: ClientKeyExchange;
case finished: Finished;
} body; } Handshake;
struct {
ProtocolVersion client_version;
Random random;
SessionID session_id;
opaque cookie<0..2^8-1>; // New field
CipherSuite cipher_suites<2..2^16-1>;
CompressionMethod compression_methods<1..2^8-1>; } ClientHello;
struct {
ProtocolVersion server_version;
opaque cookie<0..2^8-1>; } HelloVerifyRequest;