Practical 1 Guide
guide
User Manual:
Open the PDF directly: View PDF .
Page Count: 15
Download | |
Open PDF In Browser | View PDF |
D EPARTMENT OF E LECTRICAL , E LECTRONIC AND C OMPUTER E NGINEERING N ETWORK S ECURITY (EHN 410) P RACTICAL 1 G UIDE 1 Contents 1 . . . . . . 3 3 4 4 4 5 6 . . . . . 6 6 7 7 7 8 . . . . 9 9 9 10 12 4.3 4.4 OpenSSL’s SSL library Initialising the OpenSSL library . . . . . . . Creating an SSL context . . . . . . . . . . . 4.2.1 Setting up the certificates for the web server Setting up and accepting a connection . . . . Reading and writing on the connection . . . . . . . . . 12 12 12 12 13 14 5.1 5.2 5.3 Miscellaneous Linking against libssl . . . . . . . . . . . . . . . . . . . . . . . . . . . . Suggested implementation order . . . . . . . . . . . . . . . . . . . . . . Other notes about the practical . . . . . . . . . . . . . . . . . . . . . . . 14 14 14 15 Recommended resources 15 1.1 1.2 1.3 1.4 2 2.1 2.2 2.3 3 3.1 3.2 3.3 3.4 4 4.1 4.2 5 6 Introduction Public-key cryptography . . . . . . . . . . . . . . . . X.509 Certificates and Certification Authorities (CA’s) 1.2.1 X.509 Certificates . . . . . . . . . . . . . . . . . . . 1.2.2 Certification Authorities and certificate signing . . . Secure Sockets Layer (SSL/TLS) . . . . . . . . . . . . OpenSSL Library . . . . . . . . . . . . . . . . . . . . Generating X.509 certificates Setting up a Certification Authority (CA) Creating and signing a certificate . . . . . Installing the CA’s certificate on Firefox . 2.3.1 Manually adding a certificate . . . . . . 2.3.2 Alternative approach . . . . . . . . . . OpenSSL’s BIO library Making a new connection (client) . . . Accepting a connection (server) . . . . Reading and writing from a connection Closing and freeing the sockets . . . . . 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 I NTRODUCTION P UBLIC - KEY CRYPTOGRAPHY Public key cryptography can be used for message authentication and key distribution. A public key encryption scheme uses two separate keys. An example of using public key cryptography for encryption and authentication is given below Figure 1: Encryption using public key cryptography If one key in the public and private key pair is used for encryption, the other key must be used for decryption. In figure 1 the plaintext message is encrypted using Alice’s public key. Only Alice can decrypt the message since only she knows her private key. In Fig 2 Bob encrypts a message with his private key. Alice decrypts the message with Bob’s public key. Since the message is encrypted with Bob’s private key, any person can decrypt the message, but only Bob can create the message. This provides authentication -Alice can be sure that Bob created the message. Public key cryptography systems can be classified in three categories: • Encryption/decryption: The sender encrypts the message with the recipient’s public key. • Digital signature: The sender signs a message with his private key. An example is a sender that encrypts a fingerprint of the file with his private key. • Key exchange: The sender or receiver cooperates to establish a session key. An example is the server that encrypts a session key with the receiver’s public key. The session key is then used with conventional (symmetric) encryption. 3 Figure 2: Authentication using public key cryptography 1.2 1.2.1 X.509 C ERTIFICATES AND C ERTIFICATION AUTHORITIES (CA’ S ) X.509 C ERTIFICATES ITU-T recommendation X.509 is part of the X.500 series of recommendations that defines a directory service. The X.509 specification defines a framework for the provision of authentication services to the X.500 directory users. The IETF’s public key infrastructure X.509 (PKIX) working group adapted the infrastructure to the internet. The certificate format is described in RFC3280. 1.2.2 C ERTIFICATION AUTHORITIES AND CERTIFICATE SIGNING The Certification Authority’s public key is distributed in a secure fashion to all the users. Fig. 3 shows how a CA signs a public key certificate. The unsigned certificate contains the user ID and the user’s public key. The CA does a background check on the user. The CA signs the certificate by encrypting the hash code with it’s private key. Any person who receives the certificate can easily verify that the CA signed the certificate. The user first computes the hash code of the certificate. Next the user decrypts the signature using the CA’s public key. The decrypted signature and the hash code should match if the certificate wasn’t modified. 4 Figure 3: Public-key certificate signing 1.3 S ECURE S OCKETS L AYER (SSL/TLS) SSL provides a reliable and secure end-to-end service. SSL works on top of the TCP protocol. Some other protocols such as HTTP can be placed on top of the SSL protocol. SSL can use X.509 certificates to enable authentication between clients and servers. An example of the handshake between the SSL client and server is shown in figure 5. This practical does not require that the client (i.e. the browser) send a certificate to identify itself. Figure 4: SSL protocol stack 5 Figure 5: SSL handshaking 1.4 O PEN SSL L IBRARY OpenSSL is an open source implementation of the SSL/TLS protocols. Most Unix versions include the OpenSSL library. OpenSSL is based on SSLeay by Eric A. Young and Tim Hudson. OpenSSL also includes notoriously bad documentation. 2 G ENERATING X.509 CERTIFICATES The following subsections provide the general procedure followed to generate X.509 certificates. Links to more information regarding these commands can be found in section 6 2.1 S ETTING UP A C ERTIFICATION AUTHORITY (CA) The first step in setting up a CA is creating a public and private key pair for the certification authority. This can be done with the following command: openssl genrsa -des3 -out cert.key 1024 This command will create a 1024 bit RSA key pair. The key pair will be encrypted using 6 triple DES. This password (or the key if no password was set up) should be protected. The next step is to generate the CA’s certificate. The certificate contains information about the certificate authority, the public key and a signature. The certificate can be generated with the following command: openssl req -new -key cert.key -x509 -days 1095 -out cert.crt You will be prompted for a password to decrypt the CA’s key. The -days parameter specifies the number of days for which the certificate is valid. The CA’s certificate needs to be distributed in a secure fashion to all the users. For example, the CA’s certificate will be emailed to all the users and the fingerprint of the certificate will be confirmed over a secure channel. Once confirmed, the fingerprint of the certificate can be retrieved using: openssl x509 -fingerprint -noout -in cert.crt 2.2 C REATING AND SIGNING A CERTIFICATE The administrator for the web server should generate their key pair. This key does not have to be encrypted (as it will be used every time that someone requests an HTTPS web-page). The key is generated in almost exactly the same way as the CA’s key: openssl genrsa -des3 -out webServ.key The next step is to generate a Certificate Signing Request (CSR). This request is sent to the CA for signing. A signing request is generated with the command: openssl req -new -key webServ.key -out webServReq.csr The final step is to have the CA created sign the web-server’s CSR with its key and certificate. This can be achieved using the following command: openssl x509 -req -days 365 -in webServReq.csr -CA/cert.crt -CAkey /cert.key -CAcreateserial -out webServCert.crt 2.3 2.3.1 I NSTALLING THE CA’ S CERTIFICATE ON F IREFOX M ANUALLY ADDING A CERTIFICATE To manually add a certificate to a web browser, the following procedure can be followed: • Go to the Certificate Manager in Firefox, click on Tools → Options → Advanced, click on the Encryption Tab and click on View Certificates. 7 • Click on the Authorities tab and click Import. • Select your created certificate and provide the necessary permissions (usually you can just use it for http authentication). Fig 6 shows a screen shot of where to add the certificates. Similar steps can be followed to add the certificates to other browsers. 2.3.2 A LTERNATIVE APPROACH If you have already set up the server-side of your SSL connection, the domain address can be inserted into the browser and Firefox should automatically detect that the connection requires a certificate. It will therefore ask you to allow/disallow the certificate and set the permissions accordingly. Figure 6: Installing the CA’s certificate on Firefox 8 3 O PEN SSL’ S BIO LIBRARY The BIO library is part of the OpenSSL library. This library is an abstraction for all the communication libraries. The library also includes implementations of all the supported platform’s socket libraries (i.e. BSD sockets under Linux and Winsock under Windows). This means that the same API can be used on different platforms. Code that reads and writes to a BIO object does not have to be changed if it uses a secure or normal socket connection. 3.1 M AKING A NEW CONNECTION ( CLIENT ) Making a new connection with the BIO library requires initialising the OpenSSL library and creating a new BIO object to connect to use as a connection. Once initialised, it is also prudent to check whether the connection succeeded. The following code snipped provides an example of how this may be done: / / i n i t SSL l i b r a r y SSL_library_init (); / ∗ c o n n e c t t h e BIO o b j e c t w i t h o u t SSL a u t h e n t i c a t i o n ∗ \ B I O _ n e w _ co n n e ct ( c t x ) ; i n t connected = BIO_do_connect ( bio ) ; 3.2 ACCEPTING A CONNECTION ( SERVER ) When accepting a connection, the first thing that needs to be done is to create the socket and bind it to a port to listen to. Creating a listening socket can be done in one call as shown below. BIO ∗ a b i o ; / ∗ c r e a t e a new l i s t e n i n g BIO o b j e c t ( on p o r t 80 − HTTP ) ∗ / a b i o = BIO_new_accept ( " 80 " ) ; The first call to the BIO_do_accept() function sets up the socket. The second call to the function accepts a new connection. 9 / ∗ s e t up t h e s o c k e t ( f i r s t c a l l ) ∗ / i f ( BIO_do_accept ( a b i o ) <=0) { p r i n t f ( " e r r o r s e t t i n g up t h e l i s t e n i n g s o c k e t \ n " ) ; BIO_free ( abio ) ; return 0; } / ∗ s e t t h e mode t o b l o c k i n g mode ∗ / BIO_set_nbio_accept ( abio , 0 ) ; /∗ wait f o r the incoming connection ∗/ i f ( BIO_do_accept ( a b i o ) <=0) { p r i n t f ( " error accepting the socket \ n" ) ; BIO_free ( abio ) ; return 0; } The BIO_set_nbio_accept() function sets up the listening socket as blocking or nonblocking. When the listening BIO is set to blocking, the function will not return until a connection is made. When the listening BIO is set to non-blocking, the function will exit if there are no connections to be made. The socket that is created when the connection is accepted is retrieved with the BIO_pop() function as shown below. /∗ r e t r i e v e the bio for the connection ∗/ c b i o = BIO_pop ( a b i o ) ; 3.3 R EADING AND WRITING FROM A CONNECTION Reading and writing to the BIO object is done with the BIO_read() and BIO_write() calls. An example of code that reads a buffer from the BIO object is given below. / ∗ r e a d any d a t a f r o m t h e b i o ∗ / b y t e s r e a d = BIO_read ( c b i o , b u f f e r , s i z e o f ( b u f f e r ) ) ; i f ( b y t e s r e a d == 0 ) { p r i n t f ( " c l i e n t closed the connection \ n" ) ; BIO_free ( cbio ) ; return 0; } 10 A simple function that reads a text file and writes it to the BIO object is shown below. This function is trivial and will not be explained. / ∗ W r i t e s a page t o t h e BIO o b j e c t . returns 1 i f successful , else returns 0. ∗/ i n t w r i t e _ p a g e ( BIO ∗ b i o , c o n s t char ∗ p a g e ) { FILE ∗ f ; int bytesread ; u n s i g n e d char b u f [ 5 1 2 ] ; / ∗ open t h e f i l e ∗ / f = f o p e n ( page , " r t " ) ; if (! f ) { p r i n t f ( " c o u l d n o t open t h e p a g e \ n " ) ; return 0; } / ∗ r e a d t h e page f r o m f i l e and w r i t e t h e page t o t h e BIO s o c k e t ∗ / while ( 1 ) { / ∗ r e a d a number o f b y t e s ∗ / b y t e s r e a d = f r e a d ( buf , s i z e o f ( u n s i g n e d char ) , 5 1 2 , f ) ; / ∗ c h e c k i f i t i s t h e end o f t h e f i l e ∗ / i f ( b y t e s r e a d == 0 ) break ; /∗ write the buffer to the socket ∗/ i f ( B I O _ w r i t e ( b i o , buf , b y t e s r e a d ) <= 0 ) { p r i n t f ( " write failed \ n" ) ; break ; } } /∗ close the f i l e ∗/ fclose ( f ); } 11 3.4 C LOSING AND FREEING THE SOCKETS The BIO_free() function can be used to free the connected sockets. 4 4.1 O PEN SSL’ S SSL LIBRARY I NITIALISING THE O PEN SSL LIBRARY The code to initialize the SSL library is shown below. SSL_load_error_strings ( ) ; SSL_library_init (); The SSL_load_error_strings() function ensures that errors returned by the SSL library are readable while the SSL_library_init() function registers all the available ciphers and message digests. 4.2 C REATING AN SSL CONTEXT The SSL context (SSL_CTX structure) holds the default values for the SSL structures from which later connections are created. It also initializes the list of ciphers to be used. The SSL_CTX structure is created once per program life-time. / ∗ c r e a t e t h e SSL c o n t e x t ∗ / c t x = SSL_CTX_new ( S S L v 2 3 _ s e r v e r _ m e t h o d ( ) ) ; i f ( c t x ==NULL) { p r i n t f ( " f a i l e d t o c r e a t e t h e SSL c o n t e x t \ n " ) ; return 0; } The SSL_CTX_new() function creates a new context. SSL_CTX_new() takes a function as a parameter. 4.2.1 S ETTING UP THE CERTIFICATES FOR THE WEB SERVER The certificate of the web server should be added to the context with the SSL_CTX_use_certificate_file() function. The public and private key is loaded with the SSL_CTX_use_PrivateKey_file() function. The file-type of the keys that were generated in section 2 is SSL_FILETYPE_PEM(). 12 4.3 S ETTING UP AND ACCEPTING A CONNECTION The first step in setting up the socket to accepting connections is to create a new SSL BIO. The new BIO is created from the SSL_CTX as shown below. b i o = BIO_new_ssl ( c t x , 0 ) ; i f ( b i o == NULL) { p r i n t f ( " f a i l e d r e t r i e v i n g t h e BIO o b j e c t \ n " ) ; } To disable retries the following code is used: B I O _ g e t _ s s l ( b i o ,& s s l ) ; SSL_set_mode ( s s l , SSL_MODE_AUTO_RETRY ) ; The reason why this should be done is explained in the BIO_f_ssl(3) man page under notes. The next step is to create a BIO that listens on the correct port. An example of this is given below: /∗ s e t the l i s t e n i n g bio to accept the connections ∗/ a b i o = BIO_new_accept ( " 443 " ) ; BIO_set_accept_bios ( abio , bio ) ; The BIO_set_accept_bios() function chains the SSL BIO to the accept BIO. This enables the SSL encryption. NOTE: Only the accept BIO needs to be freed. The other BIOs that are chained to the accept BIO will be automatically freed. The next step is to set up the socket. This can be done with a call to the BIO_do_accept() function. The second call to this function will wait for new connections. The new connections can be retrieved using the BIO_pop() function. This part of the setup is exactly the same as the example in the example in section 3.2. After the connection is accepted, the SSL handshake needs to be done. An example of how a handshaking is implemented is shown below: / ∗ do t h e SSL h a n d s h a k e and c h e c k i f i t was s u c c e s s f u l ∗ / i f ( BIO_do_handshake ( c o n n e c t b i o ) <= 0 ) { p r i n t f ( " handshake f a i l e d \ n" ) ; return 0; } If the client did not accept the server’s certificate, the handshake will fail. 13 4.4 R EADING AND WRITING ON THE CONNECTION Reading and writing on the SSL BIO is done exactly the same as described in section 3.3. 5 5.1 M ISCELLANEOUS L INKING AGAINST LIBSSL The OpenSSL library is correctly installed on most distributions of Linux. Linking against the OpenSSL library can be done as shown in the excerpt below. LINKFLAGS = − l s s l $ (PROGNAME ) : $ ( OBJS ) g c c $ ( OBJS ) $ ( LINKFLAGS ) −o $ (PROGNAME) NOTE: In some cases the -lssl does not link automatically to the "libcrypto" libraries. To rectify this the -lcrypto flag must also be included in the linker flag. 5.2 S UGGESTED IMPLEMENTATION ORDER The suggested implementation order of the assignment is: 1. Implement a normal web server using only the BIO functions. Test with telnet on port 80. Read the “GET /” request from the client but ignore it and write a simple page to the client. 2. Generate the certificates 3. Implement a simple client and server using the BIO and SSL library. Do not use any certificates. 4. Install the CA’s certificate in a browser and set the server to deliver a certificate. Test the web page. This is to test that your web server works properly. 5. Redesign and refactor the web server to use threads and different GET strings. 6. Implement a simple client to connect to the web server. This client should then verify the certificate of the web server and retrieve a web page and display some information of the web page. 7. Generate Doxygen html and Latex files of your code. 14 5.3 OTHER NOTES ABOUT THE PRACTICAL Look into using the chroot function. Most versions of Linux includes both a chroot command and a chroot function. Using this command increases security and can even simplify the implementation. Use a high numbered port (i.e. 4001) because you do not have permissions to open a lower numbered port. Please use original and unique names for your CA and web server’s details in the certificates. Write your program so that it takes the certificate and key name it should open as arguments from the command line. e.g. the program should be called with: ./mySecureWebServer /webserverskey.key /webserverscertificate.crt or something similar. The client should be executed using: ./client /certificate.crt 6 R ECOMMENDED RESOURCES 1. IBM developerWorks OpenSSL tutorial: http://www- 128.ibm.com/developerworks/linux/library/lopenssl.html 2. OpenSSL documentation: http://www.openssl.org/docs/ssl/ 3. Generating certificates: http://gagravarr.org/writing/openssl-certs/index.shtml 4. Doxygen coding format: http://www.stack.nl/ dimitri/doxygen/ 15
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.5 Linearized : No Page Count : 15 Page Mode : UseOutlines Author : Title : Subject : Creator : LaTeX with hyperref package Producer : pdfTeX-1.40.14 Create Date : 2016:04:22 09:54:02+02:00 Modify Date : 2016:04:22 09:54:02+02:00 Trapped : False PTEX Fullbanner : This is pdfTeX, Version 3.1415926-2.5-1.40.14 (TeX Live 2013/Debian) kpathsea version 6.1.1EXIF Metadata provided by EXIF.tools