04/22/23 SSL Proxy by Ganesh Godavari 1

Design Of SSLProxy

Ganesh Kumar GodavariDepartment of Computer Science

Univ. of Colorado, Colorado springs

04/22/23 SSL Proxy by Ganesh Godavari 2

About SSL

• Secure Sockets Layer (SSL) protocol – developed by Netscape Communications to ensure private and

authenticated communications– put into the public domain for the Internet community

04/22/23 SSL Proxy by Ganesh Godavari 3

SSLSession

Please refer to Appendix A

04/22/23 SSL Proxy by Ganesh Godavari 4

SSL HANDSHAKE• Elements of the handshake sequence

– Negotiate the Cipher Suite to be used during data transfer – Establish and share a session key between client and server – Optionally authenticate the server to the client – Optionally authenticate the client to the server

• Components of Cipher Suite– Key Exchange Method

• key exchange method defines how the shared secret symmetric cryptography key used for application data transfer will be agreed upon by client and server.

• SSL 2.0 uses RSA key exchange, while SSL 3.0 supports a choice of key exchange algorithms including the RSA key exchange when certificates are used, and Diffie-Hellman key exchange for exchanging keys without certificates and without prior communication between client and server

– Cipher for Data Transfer • SSL uses the conventional cryptography algorithm (symmetric cryptography) described earlier

for encrypting messages in a session. There are nine choices, including the choice to perform no encryption:

– No encryption – Stream Ciphers – RC4 with 40-bit keys – RC4 with 128-bit keys – CBC Block Ciphers – RC2 with 40 bit key – DES40, DES, 3DES_EDE. – Idea – Fortezza

04/22/23 SSL Proxy by Ganesh Godavari 5

SSL HANDSHAKE Contd..

– Message Digest for creating the Message Authentication Code (MAC)• The choice of digest function determines how a digest is created from a record

unit. SSL supports the following: – No digest (Null choice) – MD5, a 128-bit hash

• Secure Hash Algorithm (SHA), a 160-bit hash designed for use with the Digital Signature Standard (DSS)

• The message digest is used to create a Message Authentication Code (MAC) which is encrypted with the message to provide integrity and to prevent against replay attacks.

04/22/23 SSL Proxy by Ganesh Godavari 6

Handshake Sequence Protocol

The handshake sequence uses three protocols: – The "SSL Handshake Protocol" for performing the client and server

SSL session establishment. – The "SSL Change Cipher Spec protocol" for actually establishing

agreement on the Cipher Suite for the session. – The "SSL Alert Protocol" for conveying SSL error messages

between client and server.

SSL Protocol Stack

04/22/23 SSL Proxy by Ganesh Godavari 7

SSL Record Protocol• SSL Record Protocol is used

– to transfer application and SSL Control data between the client and server, possibly fragmenting this data into smaller units, or combining multiple higher level protocol data messages into single units.

– It may compress, attach digest signatures, and encrypt these units before transmitting them using the underlying reliable transport protocol

04/22/23 SSL Proxy by Ganesh Godavari 8

Session Reusability

04/22/23 SSL Proxy by Ganesh Godavari 9

OpenSSL

• OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson.

• Open Source toolkit implementing the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library

• Important Libraries – SSL

• The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols

– Crypto• The OpenSSL crypto library implements a wide range of cryptographic

algorithms used in various Internet standards. The services provided by this library are used by the OpenSSL implementations of SSL, TLS, and they have also been used to implement SSH, OpenPGP, and other cryptographic standards

04/22/23 SSL Proxy by Ganesh Godavari 10

Command Interface

• The openssl program is a command line tool for using the various cryptography functions of OpenSSL's crypto library from the shell. It can be used for

– Creation of RSA, DH and DSA key parameters – Creation of X.509 certificates, and CRLs– Calculation of Message Digests o Encryption and Decryption with Ciphers – SSL/TLS Client and Server Tests – Handling of S/MIME signed or encrypted mail

04/22/23 SSL Proxy by Ganesh Godavari 11

Working with OpenSSL

• First an SSL_CTX object is created as a framework to establish TLS/SSL enabled connections.

• When a network connection has been created, it can be assigned to an SSL object. After the SSL object has been created using SSL_new, SSL_set_fd or SSL_set_bio can be used to associate the network connection with the object.

• Then the TLS/SSL handshake is performed using SSL_accept or SSL_connect respectively.

• SSL_read and SSL_write are used to read and write data on the TLS/SSL connection.

• SSL_shutdown can be used to shut down the TLS/SSL connection.

04/22/23 SSL Proxy by Ganesh Godavari 12

Sample Code SSL_CTX *ctx; SSL_METHOD *method=SSLv23_server_method(); X509 *ca_cert, *client_cert; FILE *ca_fp=(FILE *) NULL; SSL *ssl=(SSL *) NULL;

SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); ctx=(SSL_CTX *) SSL_CTX_new(method);

if (ctx == (SSL_CTX *) NULL) printf("Unable to create new SSL CTX\n");

if (!SSL_CTX_load_verify_locations(ctx,ca_file,ca_path)) printf("Failed in SSL_CTX_load_verify_locations()!\n");

/*Load Private Key*/ if (SSL_CTX_use_RSAPrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) == -1) printf("Error reading private key\n");

04/22/23 SSL Proxy by Ganesh Godavari 13

Sample Code

/*Load Certificate */if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) == -1)printf("Error reading certificate\n");

/*check if the certificate and private key match*/ if (SSL_CTX_check_private_key(ctx) == -1)printf(“Error cerificate and private key don’t match\n");

/*Load randomness*/if (!RAND_load_file(rand_file,1024*1024)) printf(stderr,"Unable to load Randomness for generating Entropy :-( \n");/*read the ca certificate and save the issuer string, we'll compare the

client's issuer with this one, if they match allow connection or zap him*/

04/22/23 SSL Proxy by Ganesh Godavari 14

Sample Code

if ((ca_fp=fopen(ca_file,"r"))== (FILE *) NULL) printf("Failed to open Trusted CA certificate file: %s\n", ca_file); ca_cert=NULL; ca_cert=X509_new();if (!PEM_read_X509(ca_fp,&ca_cert,NULL,NULL)) printf("Error reading trusted CA certificate file: %s\n",ca_file);

X509_NAME_oneline(X509_get_issuer_name(ca_cert),issuer,256);

if (issuer == (char *) NULL) printf("No issuer for trusted CA certificate file!\n");

if (ca_cert != NULL) X509_free(ca_cert);

04/22/23 SSL Proxy by Ganesh Godavari 15

Sample Code

sock_fd=serverSocket((u_short) SERVER_PORT ,1000);if ((ssl=SSL_new(ctx)) == NULL) printf("Failed in SSL_new()!\n");SSL_set_fd(ssl,sock_fd);/* cleanup the structures */ SSL_clear(ssl); SSL_set_session(ssl,NULL); SSL_set_accept_state(ssl); /*session handling fucntions*/ SSL_CTX_flush_sessions(ctx, SSL_SESSION_CACHE_TIMEOUT); SSL_CTX_sess_set_new_cb(ctx, ssl_callback_NewSessionCacheEntry); SSL_CTX_sess_set_get_cb(ctx,

ssl_callback_GetSessionCacheEntry); SSL_CTX_sess_set_remove_cb(ctx,

ssl_callback_DelSessionCacheEntry);

04/22/23 SSL Proxy by Ganesh Godavari 16

err=SSL_accept(ssl); /* case where the connection was closed before any data was transferred */ if (SSL_get_error(ssl, err) == SSL_ERROR_ZERO_RETURN)printf("SSL handshake stopped: connection was closed"); /*case where OpenSSL has recognized a HTTP request => client speaks

plain HTTP on our HTTPS*/ else if (ERR_GET_REASON(ERR_peek_error()) ==

SSL_R_HTTP_REQUEST) printf("SSL handshake failed: HTTP spoken on HTTPS port; "); else if (SSL_get_error(ssl, err)==SSL_ERROR_SYSCALL){ if (errno > 0) printf("SSL handshake interrupted bysystem\n [Hint: Stop button pressed in browser?!]\n"); else printf("Spurious SSL handshake interrupt [Hint: Usually just one of those

OpenSSL confusions!?]\n");} else if (err == -1)printf("Error : unknown error in SSL_accept()\n");

04/22/23 SSL Proxy by Ganesh Godavari 17

Sample Code

/* not verifying client at thistime ?? */ server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|SSL_VERIFY_CLIENT_ONCE;

(void)SSL_CTX_set_verify(ctx,server_verify,NULL);

if(SSL_get_verify_result(ssl) != X509_V_OK) printf("Client %s certificate does not verify\n",szclient.name);

04/22/23 SSL Proxy by Ganesh Godavari 18

SSL Read

int ireadSSL(SSL *ssl,char *buf,int nbyte){ int ret=0; while (1) { ret=SSL_read(ssl,buf,nbyte); if((ret < 0) && (errno == EINTR)) continue; else return (ret); } return (ret); /* won't be here but for saftey*/}

04/22/23 SSL Proxy by Ganesh Godavari 19

SSL Write int sockWriteSSL(SSL *ssl,char *str,size_t count){ size_t bytesSent=0; int thisWrite; while (bytesSent < count) { do thisWrite=SSL_write(ssl,str,count-bytesSent); while ((thisWrite < 0) && (errno == EINTR)); if (thisWrite <= 0) return (thisWrite); bytesSent += thisWrite; str += thisWrite; } return (count);}

04/22/23 SSL Proxy by Ganesh Godavari 20

What is SSLproxy

• SSLproxy is a transparent proxy that can translate between encrypted and unencrypted data transport on socket connections.

04/22/23 SSL Proxy by Ganesh Godavari 21

Advantages of SSLproxy

• Preferential Treatment– SSLproxy has been developed to handle secure Content based routing of

Requests.• Security

– The proxy establishes the secure connection if the Server doesn't support HTTPS

04/22/23 SSL Proxy by Ganesh Godavari 22

Questions ??

04/22/23 SSL Proxy by Ganesh Godavari 23

References• Introducing SSL and certificates using SSLeay, http://www.

ultrnet.com/~fhirsch/Papers/wwwj/article.html • SSL tunneling and the proxy,

http://developer.netscape.com/docs/manuals/proxy/ProxyUnx/SSL-TUNL.HTM

• SSL and Crypto web pages at http://openssl.org/docs/crypto/crypto.html

• Designing a secured web site; what you need to know about SSL Benchmarking, Intel white paper.http://www.intel.com/network/idc/doc_library/white_papers/ssl_benchmarking/index.htm