Hands-on OpenSSL Programming
Hands-on OpenSSL Programming
November 13, 2000
Speaker: David Molnar, Harvard; Kevin Fu, MIT
Scribe: TBD
OpenSSL is an open-source software package which implements
general-purpose cryptography and the Secure Sockets Layer (SSL).
Learn how to use this tool.
What does that little padlock in your Web browser really mean? How
does one set up a secure Web server? How does one implement client
and server authentication? What about SSL for non-Web software? We
will try to remove the mystique behind such questions.
Participants can passively watch our presentation, or compile along
with us. We have several snippets of code:
- Unix programmers can download slightly modified
OpenSSL demo code
- Windows programmers should download some modified the OpenSSL demo code. This is a WinZip
file with a MSVC++ 6 workspace containing the client and server
examples. Also a short readme, and some precompiled library files. It
should work out of the box, but probably won't. It needs to be
unzipped in its own directory. The code assumes that certificates are
in a c:\certs directory.
Agenda
- Getting started with OpenSSL.
- Install OpenSSL 0.9.6
get openssl
$ ./config --prefix=/usr/local
$ make
$ make test
$ make install
- Connect to our server, type a string.
openssl s_client -connect snafu.fooworld.org:443
GET / HTTP/1.0
- Certificate generation
- Demo certs.
- Sample X509 self-signed server
certificate
- Sample X509 server
certificate issued by Verisign
- Generate a key pair:
openssl genrsa -out server-key.pem 1024
- Generate certificate request:
openssl req -new -key server-key.pem -out server-req.pem
- Generate a self-signed cert and key at the same time:
openssl req -x509 -newkey rsa:1024 -keyout server-key.pem -out server-req.pem
- Generate CA key pair. Trickier.
- Authentication
- Server authentication. Most common in SSL. Clients
will require servers to prove who they claim to be.
- Client authentication. Clients can prove identity to a server.
Available in SSL, but less
common. Used at MIT.
Most sites use passwords instead of client certificates.
- Non-Web SSL Applications
- Use our demo code. Compile client.
- Modify client to set client certificate.
- SSL Analyzer. Decrypt SSL traffic on the fly.
- Start the SSL dump program.
./ssldump -Ad -k /home/key.pem -p foobar -i eth0 host snafu-beta.mit.edu
- Start an SSL client to dump. Note, ssldump requires Kx=RSA.
openssl s_client -connect snafu-beta.mit.edu:443 -cipher DES-CBC3-SHA
- SSL on the Web
- Apache
untar apache, openssl, modssl
install openssl
cd mod_ssl-2.7.1-1.3.14
./configure --with-apache=../apache_1.3.14 \
--with-ssl=../openssl-0.9.6 \
--prefix=/usr/local/apache
cd ../apache_1.3.14/
make
make certificate
[fill in values]
make install
load httpd.conf to see SSL stuff
./bin/apachectl startssl
[enter cert password]
- Problems related to SSL
- Flawed implementation of SSL. E.g., bad random numbers
- Demonstrate bug in certificate management of Netscape <= 4.73
- Set DNS server to 18.26.4.9. This simulates DNS spoofing.
Might need to reboot.
- Visit https://snafu.mit.edu/ and click away the warnings
- Visit https://www5.etrade.com/etrade.html
- Enter the form data. Submit. It's harmless.
- technical
explanation
- Caching on bad parameters. E.g., IP address instead of hostname.
Remembering authentication based on certificate, not the hostname.
- CA could accidentally certify an inappropriate site.
For instance.
- Root CA compromised (Sun cert)
- What CAs do you trust? Do you know all your CAs?
- SSL
proxying. Server authentication does not imply content
authentication.
- Misleading certificate management
Links to software
- OpenSSL for the low-level
crypto and SSL libraries. Minimal certificate generation tools.
- Apache and
ModSSL to compile an SSL Web Server
- SSL Analyzer to
dump SSL negotiation traffic and optionally decrypt traffic.
- OpenCA for a
collection of scripts to implement a certificate authority.
Questions/Answers
Brought to you by the MIT LCS Applied Security Reading
Group