jspωiki
Key_share

Overview#

Key_share is a TLS extension contains the endpoint's cryptographic parameters.

Clients MAY send an empty client_shares vector in order to request group selection from the server at the cost of an additional round trip. (see Section 4.1.4)

struct {
    NamedGroup group;
        opaque key_exchange<1..2^16-1>;
} KeyShareEntry;

group - The named group for the key being exchanged. Finite Field Diffie-Hellman DH parameters are described in Section 4.2.7.1; Elliptic Curve Diffie-Hellman Ephemeral parameters are described in Section 4.2.7.2.

key_exchange - Key exchange information. The contents of this field are determined by the specified group and its corresponding definition.

The "extension_data" field of this extension contains a "KeyShare" value:

struct {
    select (Handshake.msg_type) {
        case client_hello:
            KeyShareEntry client_shares<0..2^16-1>;

        case hello_retry_request:
            NamedGroup selected_group;

        case server_hello:
            KeyShareEntry server_share;
    };
} KeyShare;

More Information#

There might be more information for this subject on one of the following: