Scribd
Upload
8 views

OpenSSL Programming 20140424 01

Uploaded by

Qwerty Asdfgh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

OpenSSL Programming 20140424 01

Uploaded by

Qwerty Asdfgh
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 40

Shteryana Shopova,

[email protected]

Programming with OpenSSL and


libcrypto in examples
BurgasLab, Burgas
April, 2014
secured communications

the need for secured communications


world war II Enigma cipher machine
bank transfers
private data (drunk pictures from that
party, etc)
crypto-what?
what is SSL/TLS
OpenSSL and libcrypto
alternatives

Apple's libsecurity_ssl
PolarSSL (used by OpenVPN)
full list
● http://en.wikipedia.org/wiki/Comparison
_of_TLS_implementations
● http+ssh:// ?
● LibreSSL - OpenBSD's OpenSSL fork
concepts in cryptography
plaintext/ciphertext
block ciphers vs stream ciphers
symetric cryptography
public key cryptography
hash function
digital signature
message authentication code
digital certificates
security algorithms

hash functions – MD5, SHA1


authentication codes – HMAC
cryptographic algorithms
symetric – Blowfish, DES, AES
public key – DSA/RSA
key agreement algorithms – Diffie-Hellman
public key infrastructure
contents of a X.509 certificate
what is SSL/TLS

cryptographic protocols, designed to


provide communication security over
unsecured network
provide connection security by
privacy – encrypt connection
authentication – prove identity through
certificates
reliability – maintenance of secure connection
through message integrity checking
how SSL works
four protocol layers
record layer – formats messages, incl.
Generated HMAC at the end
ChangeCipherSpec protocol layer – one
message that signals the beginning of secure
communication
alert protocol – sends errors, problems or
warnings about the connection
handshake protocol – establish a handshake
that begins secure connection
how SSL works (2)
SSL handshake
SSL handshake,2-way authentication
before we start programming

Learn to code C
properly !!!
good programming practices
clear design
coding style (indentation matters too!)
compiler warnings
code versioning systems
code reviews
static code analyzers
unit testing
fuzz testing
automation testing
good C coding practices
input validation
bounds checking
string manipulation
initialize data
sanitize output
proper cleanup
error checking
principle of least priviledge and priviledge
separation
keep it simple
good C coding practices (2)
Build a habit of applying those!
All of them!
Always!
Apple's gotofail bug

● http://opensource.apple.com/source/Security/Security-
55471/libsecurity_ssl/lib/sslKeyExchange.c
Apple's gotofail bug (2)
OpenSSL's heartbleed
OpenSSL's heartbleed (2)
● http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4817504
OpenSSL's heartbleed (3)

“First, I have yet to see a SSL library where the


source code is not a nightmare.” Poul-Henning
Kamp, 2011-02-15
“It is, bar none, the worst library I have ever
worked with. I can not believe that the internet is
running on such a ridiculous complex and
gratuitously stupid piece of code.” Marco
Peereboom, 2009
“"Catastrophic" is the right word. On the scale of
1 to 10, this is an 11.” Bruce Schneier, 2014-04-09
“OpenSSL is not developed by a responsible
team.” Theo de Raadt, 2014-04-08
OpenSSL's heartbleed (4)

“I'm writing this on the third day after the


"Heartbleed" bug in OpenSSL devasted internet
security, and while I have been very critical of the
OpenSSL source code since I first saw it, I have
nothing but admiration for the OpenSSL crew and
their effort.
In particular considering what they're paid for it.

But software is written by people, real people with
kids, cars, mortgages, leaky roofs, sick pets, infirm
parents and all other kinds of perfectly normal
worries of an adult human being.” Poul-Henning
Kamp, 2014-04-11
test! test! test!

● "Every time I think “this change is so


simple, it doesn't need any tests,” it
breaks in some horrible, unpredictable
way. EVERY. TIME." Mislav Marohnić, 21-12-
2013
Debian Random generator bug,
2008

Know what your code is doing


OpenSSL architecture
OpenSSL command-line interface
generating message digest/HMAC

syrinx:demetra:/openssl dgst -md5 openssl-verify-certs.png


MD5(openssl-verify-certs.png)= 6d3d806d8b178d1a753ed6786fe51ffd

syrinx:demetra:/openssl dgst -sha1 openssl-verify-certs.png


SHA1(openssl-verify-certs.png)=
dbf8ff0ea8f6b41b9022d31b0eb3ce68709b325f

syrinx:demetra:/openssl dgst -sha1 -hmac 'burgaslab' openssl-


verify-certs.png
HMAC-SHA1(openssl-verify-certs.png)=
6eb5396d098a68022d47e18f0a3c153d53847dd2
syrinx:demetra:/
encryption/decryption
syrinx:demetra:/echo "This is plaintext!" > plaintext.txt

syrinx:demetra:/openssl enc -e -aes-256-cbc -in plaintext.txt -out plaintext.bin


enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:

syrinx:demetra:/openssl enc -d -aes-256-cbc -in plaintext.bin -out plaintext2.txt


enter aes-256-cbc decryption password:
syrinx:demetra:/cat plaintext2.txt
This is plaintext!

syrinx:demetra:/openssl enc -d -aes-256-cbc -in plaintext.bin -out plaintext2.txt


enter aes-256-cbc decryption password:
bad decrypt
34379021208:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad
decrypt:/usr/home/syrinx/freebsd-current-20131115-
01/head/secure/lib/libcrypto/../../../crypto/openssl/crypto/evp/evp_enc.c:546:
syrinx:demetra:/

syrinx:demetra:/openssl base64 -e -aes-256-cbc -in plaintext.bin -out plaintext.asc


enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
syrinx:demetra:/cat plaintext.asc
U2FsdGVkX1/Eg+RX++d7VhWEAI8HgyP7WpR341iOnxadwVlSzsvzy4ef2XKydpzU
8SWpieTUOLE7TKJiI3N8ICzlqlh+H6pgK/95KsDPUkU=
OpenSSL programming –
encrypt/decrypt
EVP_CIPHER_CTX ctx;

memcpy(iv, keyb, ENC_AES_IV_SIZ);


if (decrypt == 0) {
if (EVP_EncryptInit(&ctx, EVP_aes_128_cfb128(), keyb, iv) != 1) {
error = EX_DATAERR;
goto cleanup;
}
if (EVP_EncryptUpdate(&ctx, outb, &outl, inb, inl) != 1 ||
EVP_EncryptFinal(&ctx, outb + outl, &outl) != 1)
error = EX_DATAERR;
} else {
if (EVP_DecryptInit(&ctx, EVP_aes_128_cfb128(), keyb, iv) != 1 ||
EVP_CIPHER_CTX_set_padding(&ctx, 0) != 1) {
error = EX_DATAERR;
goto cleanup;
}
if (EVP_DecryptUpdate(&ctx, outb, &outl, inb, inl) != 1 ||
EVP_DecryptFinal(&ctx, outb + outl, &outl) != 1)
error = EX_DATAERR;
}

EVP_CIPHER_CTX_cleanup(&ctx);
OpenSSL programming – create keys

create CA cert, server &client certificate


request/keys, sign csr
OpenSSL – create keys(2)
OpenSSL – test certificates

different Common Names


setting up an unsecured connection
BIO * bio;
int x;

if ((bio = BIO_new_connect("hostname:port")) == NULL ||


BIO_do_connect(bio) <= 0) {
/* Handle failed connection */
}

if ((x = BIO_read(bio, buf, len)) <= 0) {


/* Handle error/closed connection */
}

BIO_reset(bio); /* reuse the connection */


BIO_free_all(bio); /* cleanup */
setting up a secured connection
SSL_CTX * ctx;
SSL * ssl;

if ((ssl = SSL_CTX_new(SSLv23_client_method())) == NULL)


err(1, "SSL_CTX_new());

if (SSL_CTX_load_verify_locations(ctx, "/path/to/TrustStore.pem", NULL) !=


0) {
/* Handle failed load here */
SSL_CTX_free(ctx);
}

if ((bio = BIO_new_ssl_connect(ctx)) == NULL) {


SSL_CTX_free(ctx);
err(1, "BIO_new_ssl_connect());
}
BIO_get_ssl(bio, & ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);

/* Attempt to connect */
BIO_set_conn_hostname(bio, "hostname:port");

/* Verify the connection opened and perform the handshake */


if (BIO_do_connect(bio) <= 0 || SSL_get_verify_result(ssl) != X509_V_OK) {
BIO_free_all(bio);
SSL_CTX_free(ctx);
err(1, "BIO_do_connect()/SSL_get_verify_result()");
}

BIO_free_all(bio);
SSL_CTX_free(ctx);
error detection & reporting

printf("Error: %s\n",
ERR_reason_error_string(ERR_get_error()));

ERR_print_errors_fp(FILE *);

ERR_print_errors(BIO *);

CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); /* XXX: really


needed? */

(void)SSL_library_init();

SSL_load_error_strings();

printf("Error: %s\n",
ERR_error_string(SSL_get_error((ssl),(err)), NULL);
OpenSSL – server example
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();

if ((ctx = SSL_CTX_new(SSLv23_server_method())) == NULL)


fatalx("ctx");
if (!SSL_CTX_load_verify_locations(ctx, SSL_CA_CRT, NULL))
fatalx("verify");
SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(SSL_CA_CRT));
if (!SSL_CTX_use_certificate_file(ctx, SSL_SERVER_CRT, SSL_FILETYPE_PEM))
fatalx("cert");
if (!SSL_CTX_use_PrivateKey_file(ctx, SSL_SERVER_KEY, SSL_FILETYPE_PEM))
fatalx("key");
if (!SSL_CTX_check_private_key(ctx))
fatalx("cert/key");
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
SSL_CTX_set_verify_depth(ctx, 1);

/* setup socket – socket()/bind()/listen() */

for (; work != 0;) {


if ((s = accept(sock, 0, 0)) == -1)
err(EX_OSERR, "accept");
sbio = BIO_new_socket(s, BIO_NOCLOSE);
ssl = SSL_new(ctx);
SSL_set_bio(ssl, sbio, sbio);
if ((r = SSL_accept(ssl)) == -1)
warn("SSL_accept");
}
OpenSSL – client example
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
if ((ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
fatalx("ctx");
if (!SSL_CTX_load_verify_locations(ctx, SSL_CA_CRT, NULL))
fatalx("verify");
if (!SSL_CTX_use_certificate_file(ctx, SSL_CLIENT_CRT, SSL_FILETYPE_PEM))
fatalx("cert");
if (!SSL_CTX_use_PrivateKey_file(ctx, SSL_CLIENT_KEY, SSL_FILETYPE_PEM))
fatalx("key");
if (!SSL_CTX_check_private_key(ctx))
fatalx("cert/key");
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 1);
/* setup connection */
if ((hp = gethostbyname("localhost")) == NULL)
err(EX_OSERR, "gethostbyname");
/* init socket – socket()/connect() */
/* go do ssl magic */
ssl = SSL_new(ctx);
sbio = BIO_new_socket(sock, BIO_NOCLOSE);
SSL_set_bio(ssl, sbio, sbio);
if (SSL_connect(ssl) <= 0)
fatalx("SSL_connect");
if (SSL_get_verify_result(ssl) != X509_V_OK)
fatalx("cert");
printf("connected to server!\n");
SSL_free(ssl);
BIO_free_all(sbio);
SSL_CTX_free(ctx);
compiling and running the code

http://people.freebsd.org/~syrinx/presenta
tions/openssl/
download, untar & make
needs libbsd for Linux/Ubuntu
references

https://www.openssl.org/
http://www.libressl.org/
http://www.ietf.org/rfc/rfc2246.txt
http://www.ietf.org/rfc/rfc3546.txt
http://tools.ietf.org/html/rfc6347
http://tools.ietf.org/html/rfc6083
https://tools.ietf.org/html/rfc6520
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1255.pdf
http://cacr.uwaterloo.ca/hac/
https://www.peereboom.us/assl/assl/html/openssl.html
https://www.owasp.org/index.php/Guide_to_Cryptography
https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf
https://www.ssllabs.com/
https://www.howsmyssl.com/
https://we.riseup.net/riseuplabs+paow/openpgp-best-
practices#openpgp-key-checks
http://www.secureconsulting.net/2008/03/the_key_management_lifec
ycle_1.html
questions?
thank you!

You might also like