Network Security With OpenSSL (2002).pdf

(2439 KB) Pobierz

Network Security with OpenSSL

Pravir Chandra, Matt Messier, John Viega

Publisher : O'Reilly

Pub Date : June 2002

ISBN : 0-596-00270-X

Table of

Contents

Pages : 384

OpenSSL is a popular and effective open source version of SSL/TLS, the most widely

used protocol for secure network communications. The only guide available on the

subject,

Network Security with OpenSSLdetails

the challenges in securing network

communications, and shows you how to use OpenSSL tools to best meet those

challenges. Focused on the practical, this book provides only the information that is

necessary to use OpenSSL safely and effectively.

Team-Fly

Table of Content

......................................................................................................ii

Dedication .............................................................................................................vi

Preface....................................................................................................................vii

About This Book

.............................................................................................. viii

Conventions Used in This Book........................................................................x

Comments and Questions

................................................................................xi

Acknowledgments

..............................................................................................xi

Chapter 1. Introduction...........................................................................................1

1.1 Cryptography for the Rest of Us.................................................................1

1.2 Overview of SSL

...........................................................................................8

1.3 Problems with SSL

.....................................................................................10

1.4 What SSL Doesn't Do Well

.......................................................................16

1.5 OpenSSL Basics.........................................................................................17

1.6 Securing Third-Party Software

.................................................................18

Chapter 2. Command-Line Interface..................................................................23

2.1 The Basics

...................................................................................................23

2.2 Message Digest Algorithms

......................................................................25

2.3 Symmetric Ciphers

.....................................................................................27

2.4 Public Key Cryptography...........................................................................28

2.5 S/MIME.........................................................................................................32

2.6 Passwords and Passphrases

...................................................................33

2.7 Seeding the Pseudorandom Number Generator...................................35

Chapter 3. Public Key Infrastructure (PKI)........................................................37

3.1 Certificates...................................................................................................37

3.2 Obtaining a Certificate

...............................................................................44

3.3 Setting Up a Certification Authority..........................................................47

Chapter 4. Support Infrastructure

.......................................................................60

4.1 Multithread Support

....................................................................................60

4.2 Internal Error Handling...............................................................................66

4.3 Abstract Input/Output

.................................................................................70

4.4 Random Number Generation

...................................................................80

4.5 Arbitrary Precision Math

............................................................................85

4.6 Using Engines

.............................................................................................91

Chapter 5. SSL/TLS Programming.....................................................................93

5.1 Programming with SSL

..............................................................................93

5.2 Advanced Programming with SSL

.........................................................125

Chapter 6. Symmetric Cryptography................................................................143

6.1 Concepts in Symmetric Cryptography...................................................143

6.2 Encrypting with the EVP API

..................................................................145

6.3 General Recommendations

....................................................................161

Chapter 7. Hashes and MACs

..........................................................................162

7.1 Overview of Hashes and MACs

.............................................................162

7.2 Hashing with the EVP API.......................................................................163

7.3 Using MACs...............................................................................................168

7.4 Secure HTTP Cookies

.............................................................................179

Chapter 8. Public Key Algorithms.....................................................................184

8.1 When to Use Public Key Cryptography.................................................184

8.2 Diffie-Hellman............................................................................................185

8.2 Diffie-Hellman............................................................................................190

8.3 Digital Signature Algorithm (DSA)..........................................................195

8.4 RSA.............................................................................................................200

8.5 The EVP Public Key Interface

................................................................205

8.6 Encoding and Decoding Objects............................................................213

Chapter 9. OpenSSL in Other Languages

......................................................220

9.1 Net::SSLeay for Perl

................................................................................220

9.2 M2Crypto for Python

................................................................................225

9.3 OpenSSL Support in PHP.......................................................................233

Chapter 10. Advanced Programming Topics..................................................241

10.1 Object Stacks

..........................................................................................241

10.2 Configuration Files

.................................................................................242

10.3 X.509

........................................................................................................245

10.4 PKCS#7 and S/MIME

............................................................................259

10.5 PKCS#12

.................................................................................................268

Appendix A. Command-Line Reference..........................................................270

asn1parse............................................................................................................270

ca ........................................................................................................................271

ciphers ................................................................................................................277

crl .......................................................................................................................277

crl2pkcs7 ............................................................................................................279

dgst.....................................................................................................................280

dhparam..............................................................................................................281

dsa ......................................................................................................................282

dsaparam ............................................................................................................284

enc ......................................................................................................................285

errstr ...................................................................................................................287

gendsa ................................................................................................................287

genrsa .................................................................................................................288

nseq ....................................................................................................................289

passwd................................................................................................................289

pkcs7 ..................................................................................................................290

pkcs8 ..................................................................................................................291

pkcs12 ................................................................................................................293

rand ....................................................................................................................296

req ......................................................................................................................296

rsa.......................................................................................................................301

rsautl...................................................................................................................302

s_client ...............................................................................................................304

s_server ..............................................................................................................306

s_time.................................................................................................................309

sess_id ................................................................................................................311

smime.................................................................................................................312

speed ..................................................................................................................316

spkac ..................................................................................................................316

verify..................................................................................................................317

version................................................................................................................318

x509....................................................................................................................319

iii

Colophon

..............................................................................................................326

Printed in the United States of America.

Published by O'Reilly & Associates, Inc., 1005 Gravenstein Highway North, Sebastopol, CA

95472.

O'Reilly & Associates books may be purchased for educational, business, or sales promotional use.

Online editions are also available for most titles (http://safari.oreilly.com). For more information

contact our corporate/institutional sales department: 800-998-9938 or

corporate@oreilly.com.

The O'Reilly logo is a registered trademark of O'Reilly & Associates, Inc. Many of the

designations used by manufacturers and sellers to distinguish their products are claimed as

trademarks. Where those designations appear in this book, and O'Reilly & Associates, Inc. was

aware of a trademark claim, the designations have been printed in caps or initial caps. The

association between the image of a group of sea lions and seals and the topic of network security

with OpenSSL is a trademark of O'Reilly & Associates, Inc.

While every precaution has been taken in the preparation of this book, the publisher and the

author(s) assume no responsibility for errors or omissions, or for damages resulting from the use

of the information contained herein.

Plik z chomika:

darekisap

Inne pliki z tego folderu:

html_biblia.rar (27981 KB)
access_2000_ksiega_eksperta.rar (16770 KB)
borlandc++przyklady.rar (13386 KB)
3d_studio_max.rar (2542 KB)
abc_systemu_windows_xp.rar (4587 KB)

Network Security With OpenSSL (2002).pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: