没有合适的资源?快使用搜索试试~ 我知道了~
首页openssl-cookbook:全面指南与常见功能实践
openssl-cookbook:全面指南与常见功能实践
需积分: 9 6 下载量 157 浏览量
更新于2024-07-18
收藏 1.72MB PDF 举报
"OpenSSL Cookbook: A Practical Guide to the Most Frequently Used OpenSSL Features and Commands" 本资源是一本全面指南,专门针对OpenSSL——一个功能强大、商业级的工具包,用于Transport Layer Security (TLS) 和 Secure Sockets Layer (SSL) 协议。它不仅提供了加密通信的核心功能,还涵盖了一个通用的密码学库。作者Ivan Ristić以其深厚的专业知识,为读者深入浅出地介绍了OpenSSL的常用特性与命令,使开发者能够有效地部署安全服务器和实现加密网络应用。 第二版的《Bulletproof SSL and TLS》是该Cookbook的重要组成部分,强调了在理论与实践相结合的基础上,确保网络安全和互联网公共密钥基础设施(PKI)的实施。课程设计旨在提供为期两天的实用培训,让学员全面理解SSL/TLS的工作原理和实践操作,包括如何构建高效安全的服务器,创建和部署私有证书权威机构,并通过SSLLabs获得最高评级。 参加者将收获丰富的培训材料、练习题以及一个专属的虚拟服务器,可以在培训期间以及之后的一段时间内进行实际操作。对于有兴趣提升SSL/TLS技能的人来说,这是一次难得的机会。特别优惠,使用特定代码可以享受课程价格的折扣,使这个世界级的培训更具吸引力。 学员们对此次培训给予了高度评价,称其生动有趣、富有热情,内容全面且深入,有助于理解和掌握所需知识。无论是初学者还是经验丰富的开发人员,都能从中受益匪浅,提升他们在保障网络通信安全方面的专业能力。
资源详情
资源推荐
Examine Available Commands 5
Note
When compiling software, it’s important to be familiar with the default configuration
of your compiler. System-provided packages are usually compiled using all the avail-
able hardening options, but if you compile some software yourself there is no guar-
antee that the same options will be used.
6
Examine Available Commands
OpenSSL is a cryptographic toolkit that consists of many different utilities. I counted 46 in
my version. If it were ever appropriate to use the phrase Swiss Army knife of cryptography, this
is it. Even though you’ll use only a handful of the utilities, you should familiarize yourself with
everything that’s available, because you never know what you might need in the future.
There isn’t a specific help keyword, but help text is displayed whenever you type something
OpenSSL does not recognize:
$ openssl help
openssl:Error: 'help' is an invalid command.
Standard commands
asn1parse ca ciphers cms
crl crl2pkcs7 dgst dh
dhparam dsa dsaparam ec
ecparam enc engine errstr
gendh gendsa genpkey genrsa
nseq ocsp passwd pkcs12
pkcs7 pkcs8 pkey pkeyparam
pkeyutl prime rand req
rsa rsautl s_client s_server
s_time sess_id smime speed
spkac srp ts verify
version x509
The first part of the help output lists all available utilities. To get more information about a
particular utility, use the man command followed by the name of the utility. For example, man
ciphers will give you detailed information on how cipher suites are configured.
Help output doesn’t actually end there, but the rest is somewhat less interesting. In the second
part, you get the list of message digest commands:
Message Digest commands (see the `dgst' command for more details)
6
compiler hardening in Ubuntu and Debian (Kees Cook, 3 February 2014)
6 Chapter 1: OpenSSL
md4 md5 rmd160 sha
sha1
And then, in the third part, you’ll see the list of all cipher commands:
Cipher commands (see the `enc' command for more details)
aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb
aes-256-cbc aes-256-ecb base64 bf
bf-cbc bf-cfb bf-ecb bf-ofb
camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb
camellia-256-cbc camellia-256-ecb cast cast-cbc
cast5-cbc cast5-cfb cast5-ecb cast5-ofb
des des-cbc des-cfb des-ecb
des-ede des-ede-cbc des-ede-cfb des-ede-ofb
des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb
des-ofb des3 desx rc2
rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb
rc2-ecb rc2-ofb rc4 rc4-40
seed seed-cbc seed-cfb seed-ecb
seed-ofb zlib
Building a Trust Store
OpenSSL does not come with any trusted root certificates (also known as a trust store), so if
you’re installing from scratch you’ll have to find them somewhere else. One possibility is to
use the trust store built into your operating system. This choice is usually fine, but default
trust stores may not always be up to date. A better choice—but one that involves more work
—is to turn to Mozilla, which is putting a lot of effort into maintaining a robust trust store.
For example, this is what I did for my assessment tool on SSL Labs.
Because it’s open source, Mozilla keeps the trust store in the source code repository:
https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins…
/certdata.txt
Unfortunately, their certificate collection is in a proprietary format, which is not of much
use to others as is. If you don’t mind getting the collection via a third party, the Curl project
provides a regularly-updated conversion in Privacy-Enhanced Mail (PEM) format, which you
can use directly:
http://curl.haxx.se/docs/caextract.html
But you don’t have to write a conversion script if you’d rather download directly from Mozilla.
Conversion scripts are available in Perl or Go. I describe both in the following sections.
Building a Trust Store 7
Note
If you do end up working on your own conversion script, note that Mozilla’s root
certificate file actually contains two types of certificates: those that are trusted and
are part of the store and also those that are explicitly distrusted. They use this
mechanism to ban compromised intermediate CA certificates (e.g., DigiNotar’s old
certificates). Both conversion tools described here are smart enough to exclude dis-
trusted certificates during the conversion process.
Conversion Using Perl
The Curl project makes available a Perl script written by Guenter Knauf that can be used to
convert Mozilla’s trust store:
https://raw.github.com/bagder/curl/master/lib/mk-ca-bundle.pl
After you download and run the script, it will fetch the certificate data from Mozilla and
convert it to the PEM format:
$ ./mk-ca-bundle.pl
Downloading 'certdata.txt' ...
Processing 'certdata.txt' ...
Done (156 CA certs processed, 19 untrusted skipped).
If you keep previously downloaded certificate data around, the script will use it to determine
what changed and process only the updates.
Conversion Using Go
If you prefer the Go programming language, consider Adam Langley’s conversion tool, which
you can get from GitHub:
https://github.com/agl/extract-nss-root-certs
To kick off a conversion process, first download the tool itself:
$ wget https://raw.github.com/agl/extract-nss-root-certs/master/convert_mozilla…
_certdata.go
Then download Mozilla’s certificate data:
$ wget https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw…
/builtins/certdata.txt --output-document certdata.txt
Finally, convert the file with the following command:
$ go run convert_mozilla_certdata.go > ca-certificates
8 Chapter 1: OpenSSL
2012/06/04 09:52:29 Failed to parse certificate starting on line 23068: negative …
serial number
In my case, there was one invalid certificate that the Go X.509 library couldn’t handle, but
otherwise the conversion worked as expected. Go versions from 1.6 onwards shouldn’t pro-
duce this warning because they can handle certificates with negative serial numbers.
Key and Certificate Management
Most users turn to OpenSSL because they wish to configure and run a web server that sup-
ports SSL. That process consists of three steps: (1) generate a strong private key, (2) cre-
ate a Certificate Signing Request (CSR) and send it to a CA, and (3) install the CA-provided
certificate in your web server. These steps (and a few others) are covered in this section.
Key Generation
The first step in preparing for the use of public encryption is to generate a private key. Before
you begin, you must make several decisions:
Key algorithm
OpenSSL supports RSA, DSA, and ECDSA keys, but not all types are practical for use in
all scenarios. For example, for web server keys everyone uses RSA, because DSA keys are
effectively limited to 1,024 bits (Internet Explorer doesn’t support anything stronger)
and ECDSA keys are yet to be widely supported by CAs. For SSH, DSA and RSA are
widely used, whereas ECDSA might not be supported by all clients.
Key size
The default key sizes might not be secure, which is why you should always explicitly
configure key size. For example, the default for RSA keys is only 512 bits, which is simply
insecure. If you used a 512-bit key on your server today, an intruder could take your
certificate and use brute force to recover your private key, after which he or she could
impersonate your web site. Today, 2,048-bit RSA keys are considered secure, and that’s
what you should use. Aim also to use 2,048 bits for DSA keys and at least 256 bits for
ECDSA.
Passphrase
Using a passphrase with a key is optional, but strongly recommended. Protected keys
can be safely stored, transported, and backed up. On the other hand, such keys are
inconvenient, because they can’t be used without their passphrases. For example, you
might be asked to enter the passphrase every time you wish to restart your web server.
Key Generation 9
For most, this is either too inconvenient or has unacceptable availability implications.
In addition, using protected keys in production does not actually increase the security
much, if at all. This is because, once activated, private keys are kept unprotected in
program memory; an attacker who can get to the server can get the keys from there
with just a little more effort. Thus, passphrases should be viewed only as a mechanism
for protecting private keys when they are not installed on production systems. In other
words, it’s all right to keep passphrases on production systems, next to the keys. If you
need better security in production, you should invest in a hardware solution.
7
To generate an RSA key, use the genrsa command:
$ openssl genrsa -aes128 -out fd.key 2048
Generating RSA private key, 2048 bit long modulus
....+++
...................................................................................…
+++
e is 65537 (0x10001)
Enter pass phrase for fd.key: ****************
Verifying - Enter pass phrase for fd.key: ****************
Here, I specified that the key be protected with AES-128. You can also use AES-192 or AES-256
(switches -aes192 and -aes256, respectively), but it’s best to stay away from the other algo-
rithms (DES, 3DES, and SEED).
Warning
The e value that you see in the output refers to the public exponent, which is set to
65,537 by default. This is what’s known as a short public exponent, and it significantly
improves the performance of RSA verification. Using the -3 switch, you can choose 3
as your public exponent and make verification even faster. However, there are some
unpleasant historical weaknesses associated with the use of 3 as a public exponent,
which is why generally everyone recommends that you stick with 65,537. The latter
choice provides a safety margin that’s been proven effective in the past.
Private keys are stored in the so-called PEM format, which is just text:
$ cat fd.key
-----BEGIN RSA PRIVATE KEY-----
7
A small number of organizations will have very strict security requirements that require the private keys to be protected at any cost. For them,
the solution is to invest in a Hardware Security Module (HSM), which is a type of product specifically designed to make key extraction impossi-
ble, even with physical access to the server. To make this work, HSMs not only generate and store keys, but also perform all necessary operations
(e.g., signature generation). HSMs are typically very expensive.
剩余100页未读,继续阅读
有金
- 粉丝: 16
- 资源: 7
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- JDK 17 Linux版本压缩包解压与安装指南
- C++/Qt飞行模拟器教员控制台系统源码发布
- TensorFlow深度学习实践:CNN在MNIST数据集上的应用
- 鸿蒙驱动HCIA资料整理-培训教材与开发者指南
- 凯撒Java版SaaS OA协同办公软件v2.0特性解析
- AutoCAD二次开发中文指南下载 - C#编程深入解析
- C语言冒泡排序算法实现详解
- Pointofix截屏:轻松实现高效截图体验
- Matlab实现SVM数据分类与预测教程
- 基于JSP+SQL的网站流量统计管理系统设计与实现
- C语言实现删除字符中重复项的方法与技巧
- e-sqlcipher.dll动态链接库的作用与应用
- 浙江工业大学自考网站开发与继续教育官网模板设计
- STM32 103C8T6 OLED 显示程序实现指南
- 高效压缩技术:删除重复字符压缩包
- JSP+SQL智能交通管理系统:违章处理与交通效率提升
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功