Using OpenSSL to Generate Digital Certificates
Added on 2024-06-04
18 Pages4929 Words467 Views
|
|
|
Assignment 3
Using OpenSSL to Generate Digital Certificates
Table of Contents
1
Using OpenSSL to Generate Digital Certificates
Table of Contents
1
Introduction:-........................................................................................................................... 3
Review work:-...........................................................................................................................5
Method of Solution:-................................................................................................................7
Some more methods for the rectification of Vulnerability:-................................................7
Using the Engine Interface:-.................................................................................................8
Experiment results with Cryptography technology for security...............................................8
Now let us take a look at the SSL handshake and how it is done:-.....................................12
How does the encryption process works in SSL communication:-.....................................12
How SSL uses both the methods simultaneously?.............................................................14
Key-Encryption Algorithm:-................................................................................................14
Conclusion:-............................................................................................................................16
References..............................................................................................................................17
List of figure
Figure 1 Engine interface..........................................................................................................8
Figure 2 Generate OpenSSL......................................................................................................9
Figure 3 Create Key................................................................................................................ 10
Figure 4 key............................................................................................................................ 11
Figure 5 Public key exchange................................................................................................. 13
Figure 6 Encrypt-Decrypt........................................................................................................13
2
Review work:-...........................................................................................................................5
Method of Solution:-................................................................................................................7
Some more methods for the rectification of Vulnerability:-................................................7
Using the Engine Interface:-.................................................................................................8
Experiment results with Cryptography technology for security...............................................8
Now let us take a look at the SSL handshake and how it is done:-.....................................12
How does the encryption process works in SSL communication:-.....................................12
How SSL uses both the methods simultaneously?.............................................................14
Key-Encryption Algorithm:-................................................................................................14
Conclusion:-............................................................................................................................16
References..............................................................................................................................17
List of figure
Figure 1 Engine interface..........................................................................................................8
Figure 2 Generate OpenSSL......................................................................................................9
Figure 3 Create Key................................................................................................................ 10
Figure 4 key............................................................................................................................ 11
Figure 5 Public key exchange................................................................................................. 13
Figure 6 Encrypt-Decrypt........................................................................................................13
2
Introduction:-
SSL stands for Secure Socket Layer and OpenSSL is a cryptography library that provides open
source implementation to the SSL layer and Transport Layer Security Protocols. OpenSSL is
licensed under Apache Style license which means one can freely use it for commercial and
non-commercial purposes depending upon the license requirement. As discussed above SSL
is a kind of library, so just like any other library SSL is also supposed to contain one or the
other different types of features. The SSL library includes:-
1. Tools for generating RSA Private Keys.
2. Tools for generating Certificate Signing Requests (CSR’s).
3. Checksums.
4. And they manage Encryption and Decryption of the site.
Commonly the SSL code is written in C language but its wrappers are available in a variety of
other programming languages. From a recent web survey it is evident that SSL is used by
almost 66% of all the web servers. OpenSSL was introduced in 1998, since then it has
involved over various versions. The most recent version of OpenSSL includes version 1.0.1f
which apparently had a bug in the code, and that bug was known as the heart bleed bug,
the bug releases 64kb of memory and it has affected around half a million secure web
servers around the globe. This problem was soon revised and a new version 1.0.1G was
devised which fixed the problem of heart bleed bug (Everhart, 2017).
Let us talk about the licensing of the OpenSSL. Now, OpenSSL is based on two license,
one is apache 1.0 and other is SSLeay license, this means that OpenSSL obeys the terms and
conditions of both these license. As written above, the OpenSSL uses apache 1.0 license
rather than 2.0 it means that whenever there is a need to advertise anything related to
OpenSSL a disclaimer has to be given in the exact format as "this product includes software
developed by the OpenSSL Project for use in the OpenSSL Toolkit”. Because of this restriction
the OpenSSL is incompatible with the general public license or GPL. But in spite of this there
are some software developers that work under the freedom of GPL and have made some
changes in their SSL document which allows them to do it (Xia, 2016). Seeing all the
inconvenience and the compatibility issue with the OpenSSL and apache 1.0 the company
3
SSL stands for Secure Socket Layer and OpenSSL is a cryptography library that provides open
source implementation to the SSL layer and Transport Layer Security Protocols. OpenSSL is
licensed under Apache Style license which means one can freely use it for commercial and
non-commercial purposes depending upon the license requirement. As discussed above SSL
is a kind of library, so just like any other library SSL is also supposed to contain one or the
other different types of features. The SSL library includes:-
1. Tools for generating RSA Private Keys.
2. Tools for generating Certificate Signing Requests (CSR’s).
3. Checksums.
4. And they manage Encryption and Decryption of the site.
Commonly the SSL code is written in C language but its wrappers are available in a variety of
other programming languages. From a recent web survey it is evident that SSL is used by
almost 66% of all the web servers. OpenSSL was introduced in 1998, since then it has
involved over various versions. The most recent version of OpenSSL includes version 1.0.1f
which apparently had a bug in the code, and that bug was known as the heart bleed bug,
the bug releases 64kb of memory and it has affected around half a million secure web
servers around the globe. This problem was soon revised and a new version 1.0.1G was
devised which fixed the problem of heart bleed bug (Everhart, 2017).
Let us talk about the licensing of the OpenSSL. Now, OpenSSL is based on two license,
one is apache 1.0 and other is SSLeay license, this means that OpenSSL obeys the terms and
conditions of both these license. As written above, the OpenSSL uses apache 1.0 license
rather than 2.0 it means that whenever there is a need to advertise anything related to
OpenSSL a disclaimer has to be given in the exact format as "this product includes software
developed by the OpenSSL Project for use in the OpenSSL Toolkit”. Because of this restriction
the OpenSSL is incompatible with the general public license or GPL. But in spite of this there
are some software developers that work under the freedom of GPL and have made some
changes in their SSL document which allows them to do it (Xia, 2016). Seeing all the
inconvenience and the compatibility issue with the OpenSSL and apache 1.0 the company
3
announced in 2015 that it’ll use apache 2.0 and this announcement got implemented in
2017. Let’s have a look at the uses of OpenSSL:-
1. OpenSSL connects our system to the HTTP services.
2. OpenSSL can be used to generate random number or strings by using the keyword
‘rand’.
3. OpenSSL can verify an online certificate using the command line, which is helpful in
authenticating a server.
4. OpenSSL can be used to extract important information for the certificate.
5. OpenSSL has the capability of generating a MD5 hash.
6. OpenSSL includes a feature which lets us benchmark our system.
7. With OpenSSL we can also benchmark remote system/connections.
Seeing the above points and all the discussions it is evident that OpenSSL is extremely useful
and has a variety of uses when it comes to online services (Hao, 2014).
4
2017. Let’s have a look at the uses of OpenSSL:-
1. OpenSSL connects our system to the HTTP services.
2. OpenSSL can be used to generate random number or strings by using the keyword
‘rand’.
3. OpenSSL can verify an online certificate using the command line, which is helpful in
authenticating a server.
4. OpenSSL can be used to extract important information for the certificate.
5. OpenSSL has the capability of generating a MD5 hash.
6. OpenSSL includes a feature which lets us benchmark our system.
7. With OpenSSL we can also benchmark remote system/connections.
Seeing the above points and all the discussions it is evident that OpenSSL is extremely useful
and has a variety of uses when it comes to online services (Hao, 2014).
4
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents