Design Of SSLProxy Ganesh Kumar Godavari Department of Computer Science Univ. of Colorado, Colorado springs

1. Design Of SSLProxy Ganesh Kumar GodavariDepartment of Computer Science Univ. of Colorado, Colorado springs SSL Proxy by Ganesh Godavari

2. About SSL • Secure Sockets Layer (SSL) protocol • developed by Netscape Communications to ensure private and authenticated communications • put into the public domain for the Internet community SSL Proxy by Ganesh Godavari

3. SSLSession Please refer to Appendix A SSL Proxy by Ganesh Godavari

4. SSL HANDSHAKE • Elements of the handshake sequence • Negotiate the Cipher Suite to be used during data transfer • Establish and share a session key between client and server • Optionally authenticate the server to the client • Optionally authenticate the client to the server • Components of Cipher Suite • Key Exchange Method • key exchange method defines how the shared secret symmetric cryptography key used for application data transfer will be agreed upon by client and server. • SSL 2.0 uses RSA key exchange, while SSL 3.0 supports a choice of key exchange algorithms including the RSA key exchange when certificates are used, and Diffie-Hellman key exchange for exchanging keys without certificates and without prior communication between client and server • Cipher for Data Transfer • SSL uses the conventional cryptography algorithm (symmetric cryptography) described earlier for encrypting messages in a session. There are nine choices, including the choice to perform no encryption: • No encryption • Stream Ciphers • RC4 with 40-bit keys • RC4 with 128-bit keys • CBC Block Ciphers • RC2 with 40 bit key • DES40, DES, 3DES_EDE. • Idea • Fortezza SSL Proxy by Ganesh Godavari

5. SSL HANDSHAKE Contd.. • Message Digest for creating the Message Authentication Code (MAC) • The choice of digest function determines how a digest is created from a record unit. SSL supports the following: • No digest (Null choice) • MD5, a 128-bit hash • Secure Hash Algorithm (SHA), a 160-bit hash designed for use with the Digital Signature Standard (DSS) • The message digest is used to create a Message Authentication Code (MAC) which is encrypted with the message to provide integrity and to prevent against replay attacks. SSL Proxy by Ganesh Godavari

6. Handshake Sequence Protocol The handshake sequence uses three protocols: • The "SSL Handshake Protocol" for performing the client and server SSL session establishment. • The "SSL Change Cipher Spec protocol" for actually establishing agreement on the Cipher Suite for the session. • The "SSL Alert Protocol" for conveying SSL error messages between client and server. SSL Protocol Stack SSL Proxy by Ganesh Godavari

7. SSL Record Protocol • SSL Record Protocol is used • to transfer application and SSL Control data between the client and server, possibly fragmenting this data into smaller units, or combining multiple higher level protocol data messages into single units. • It may compress, attach digest signatures, and encrypt these units before transmitting them using the underlying reliable transport protocol SSL Proxy by Ganesh Godavari

8. Session Reusability SSL Proxy by Ganesh Godavari

9. OpenSSL • OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. • Open Source toolkit implementing the Secure Socket Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library • Important Libraries • SSL • The OpenSSL ssl library implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols • Crypto • The OpenSSL crypto library implements a wide range of cryptographic algorithms used in various Internet standards. The services provided by this library are used by the OpenSSL implementations of SSL, TLS, and they have also been used to implement SSH, OpenPGP, and other cryptographic standards SSL Proxy by Ganesh Godavari

10. Command Interface • The openssl program is a command line tool for using the various cryptography functions of OpenSSL's crypto library from the shell. It can be used for • Creation of RSA, DH and DSA key parameters • Creation of X.509 certificates, and CRLs • Calculation of Message Digests o Encryption and Decryption with Ciphers • SSL/TLS Client and Server Tests • Handling of S/MIME signed or encrypted mail SSL Proxy by Ganesh Godavari

11. Working with OpenSSL • First an SSL_CTX object is created as a framework to establish TLS/SSL enabled connections. • When a network connection has been created, it can be assigned to an SSL object. After the SSL object has been created using SSL_new, SSL_set_fd or SSL_set_bio can be used to associate the network connection with the object. • Then the TLS/SSL handshake is performed using SSL_accept or SSL_connect respectively. • SSL_read and SSL_write are used to read and write data on the TLS/SSL connection. • SSL_shutdown can be used to shut down the TLS/SSL connection. SSL Proxy by Ganesh Godavari

12. Sample Code SSL_CTX *ctx; SSL_METHOD *method=SSLv23_server_method(); X509 *ca_cert, *client_cert; FILE *ca_fp=(FILE *) NULL; SSL *ssl=(SSL *) NULL; SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); ctx=(SSL_CTX *) SSL_CTX_new(method); if (ctx == (SSL_CTX *) NULL) printf("Unable to create new SSL CTX\n"); if (!SSL_CTX_load_verify_locations(ctx,ca_file,ca_path)) printf("Failed in SSL_CTX_load_verify_locations()!\n"); /*Load Private Key*/ if (SSL_CTX_use_RSAPrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) == -1) printf("Error reading private key\n"); SSL Proxy by Ganesh Godavari

13. Sample Code /*Load Certificate */ if (SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) == -1) printf("Error reading certificate\n"); /*check if the certificate and private key match*/ if (SSL_CTX_check_private_key(ctx) == -1) printf(“Error cerificate and private key don’t match\n"); /*Load randomness*/ if (!RAND_load_file(rand_file,1024*1024)) printf(stderr,"Unable to load Randomness for generating Entropy :-( \n"); /*read the ca certificate and save the issuer string, we'll compare the client's issuer with this one, if they match allow connection or zap him*/ SSL Proxy by Ganesh Godavari

14. Sample Code if ((ca_fp=fopen(ca_file,"r"))== (FILE *) NULL) printf("Failed to open Trusted CA certificate file: %s\n", ca_file); ca_cert=NULL; ca_cert=X509_new(); if (!PEM_read_X509(ca_fp,&ca_cert,NULL,NULL)) printf("Error reading trusted CA certificate file: %s\n",ca_file); X509_NAME_oneline(X509_get_issuer_name(ca_cert),issuer,256); if (issuer == (char *) NULL) printf("No issuer for trusted CA certificate file!\n"); if (ca_cert != NULL) X509_free(ca_cert); SSL Proxy by Ganesh Godavari

15. Sample Code sock_fd=serverSocket((u_short) SERVER_PORT ,1000); if ((ssl=SSL_new(ctx)) == NULL) printf("Failed in SSL_new()!\n"); SSL_set_fd(ssl,sock_fd); /* cleanup the structures */ SSL_clear(ssl); SSL_set_session(ssl,NULL); SSL_set_accept_state(ssl); /*session handling fucntions*/ SSL_CTX_flush_sessions(ctx, SSL_SESSION_CACHE_TIMEOUT); SSL_CTX_sess_set_new_cb(ctx, ssl_callback_NewSessionCacheEntry); SSL_CTX_sess_set_get_cb(ctx, ssl_callback_GetSessionCacheEntry); SSL_CTX_sess_set_remove_cb(ctx, ssl_callback_DelSessionCacheEntry); SSL Proxy by Ganesh Godavari

16. err=SSL_accept(ssl); /* case where the connection was closed before any data was transferred */ if (SSL_get_error(ssl, err) == SSL_ERROR_ZERO_RETURN) printf("SSL handshake stopped: connection was closed"); /*case where OpenSSL has recognized a HTTP request => client speaks plain HTTP on our HTTPS*/ else if (ERR_GET_REASON(ERR_peek_error()) == SSL_R_HTTP_REQUEST) printf("SSL handshake failed: HTTP spoken on HTTPS port; "); else if (SSL_get_error(ssl, err)==SSL_ERROR_SYSCALL){ if (errno > 0) printf("SSL handshake interrupted bysystem\n [Hint: Stop button pressed in browser?!]\n"); else printf("Spurious SSL handshake interrupt [Hint: Usually just one of those OpenSSL confusions!?]\n");} else if (err == -1) printf("Error : unknown error in SSL_accept()\n"); SSL Proxy by Ganesh Godavari

17. Sample Code /* not verifying client at thistime ?? */ server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|SSL_VERIFY_CLIENT_ONCE; (void)SSL_CTX_set_verify(ctx,server_verify,NULL); if(SSL_get_verify_result(ssl) != X509_V_OK) printf("Client %s certificate does not verify\n",szclient.name); SSL Proxy by Ganesh Godavari

18. SSL Read int ireadSSL(SSL *ssl,char *buf,int nbyte) { int ret=0; while (1) { ret=SSL_read(ssl,buf,nbyte); if((ret < 0) && (errno == EINTR)) continue; else return (ret); } return (ret); /* won't be here but for saftey*/ } SSL Proxy by Ganesh Godavari

19. SSL Write int sockWriteSSL(SSL *ssl,char *str,size_t count) { size_t bytesSent=0; int thisWrite; while (bytesSent < count) { do thisWrite=SSL_write(ssl,str,count-bytesSent); while ((thisWrite < 0) && (errno == EINTR)); if (thisWrite <= 0) return (thisWrite); bytesSent += thisWrite; str += thisWrite; } return (count); } SSL Proxy by Ganesh Godavari

20. What is SSLproxy • SSLproxy is a transparent proxy that can translate between encrypted and unencrypted data transport on socket connections. SSL Proxy by Ganesh Godavari

21. Advantages of SSLproxy • Preferential Treatment • SSLproxy has been developed to handle secure Content based routing of Requests. • Security • The proxy establishes the secure connection if the Server doesn't support HTTPS SSL Proxy by Ganesh Godavari

22. Questions ?? SSL Proxy by Ganesh Godavari

23. References • Introducing SSL and certificates using SSLeay, http://www.ultrnet.com/~fhirsch/Papers/wwwj/article.html • SSL tunneling and the proxy, http://developer.netscape.com/docs/manuals/proxy/ProxyUnx/SSL-TUNL.HTM • SSL and Crypto web pages at http://openssl.org/docs/crypto/crypto.html • Designing a secured web site; what you need to know about SSL Benchmarking, Intel white paper.http://www.intel.com/network/idc/doc_library/white_papers/ssl_benchmarking/index.htm SSL Proxy by Ganesh Godavari