I'm working on a pet project that will (eventually, when it's done) allow for secure file transfers (there's more to it than just that, but the rest isn't particularly relevant). I'd like to use the OpenSSL library, since it seems to be the most complete free cryptography library (and I need support for basic symmetric encryption and hashing, in addition to SSL/TLS).
I'm looking to implement a security scheme similar to SSH. Basically, a user would connect to my computer with TLSv1 (SSLv3.1). I'd like the connection to succeed regardless of security. Then, I want to be able to inspect the public key (not an entire certificate) that the user used. That key would be compared against known public keys, and if it matched, then the user would be allowed to access a certain set of commands. If it didn't match, the user would have the option to use the connection to apply to have his/her public key added to my collection, but other than that would not be able to access my services.
I don't have any particular need for certificates here. It would be much simpler for me if I could just skip all the certificate details and work only with the raw encryption keys. This is because this model follows a web-of-trust model, not the hierarchical model used by most SSL/TLS connections, so I don't need any CA's or signed certificates.
Unfortunately, the documentation of most of OpenSSL is, well, nonexistent. All the relevant articles I find seem to be occupied with setting up a "standard" SSL/TLS connection, where the server's certificate is verified all the way up to a set of root certificates. This can be useful, but it's hard for me to figure out how to get these non-traditional SSL connections up and running.
Can anyone suggest any articles or documentation that might help me figure out how to accomplish this?
(The use of OpenSSL is not set in stone, and I could switch to another library if it provides a better way of accomplishing this, as well as hashing [SHA-512] and symmetric encryption [AES]. I'm aiming at targeting Linux, but it would be nice if the final product was portable to Windows so my friends could use it too.)
Yes, most websites that conduct business on the internet require a digital TLS/SSL certificate to encrypt and secure private data that is transmitted. TLS/SSL certificates protect your business' and your customers private information.
Without SSL, your site visitors and customers are at higher risk of being having their data stolen. Your site security is also at risk without encryption. SSL protects website from phishing scams, data breaches, and many other threats. Ultimately, It builds a secure environment for both visitors and site owners.
The Transport Layer Security (TLS) is a protocol designed to provide secure communication over the Internet and includes authentication, confidentiality and integrity. When a TLS connection is established the server provides a certificate that the client validates before trusting the server's identity.
An SSL/TLS certificate is a digital object that allows systems to verify the identity & subsequently establish an encrypted network connection to another system using the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol.
To expand on Eugene's answer (I would have put this as a comment, but it's a bit long)...
Having done this sort of things with the FOAF+SSL project (later renamed WebID), sticking with X.509 certificates makes the implementation easier, simply because most SSL/TLS stacks are designed with them in mind (and their API reflect this).
Last time I checked FOAF+SSL, the traditional PKI checks were still in place for the client to check the server certificate. Another option, similar to SSH, would be to accept the public key/certificate the first time you encounter it and warn the user when it changes. That's more or less the way SSH works anyway (in particular, I guess that few people actually check the key's fingerprint out of bands the first time they see it).
Considering just the client-certificate usage (although some of this could apply to server certs in a similar way):
X509TrustManager
in Java).openssl
or keytool
commands. Here is an example service that will issue a certificate with the SAN the user wants (there might be more recent versions if you check with the FOAF+SSL/WebID project). Whichever private key or issuer name such a service uses barely matters, but since browsers are designed around traditional PKIs, it doesn't make it easy to use really self-signed certificates.There are also issues when it comes to asking for a specific client-certificate. The TLS 1.1 specification explicitly allows empty certification authorities
(see RFC 4346), whereas the TLS 1.0 were silent on the subject. In practice, even with TLS 1.0, most client tools seem to be happy with an empty list (they'll just offer more choice). If you want your certificates for your system to be easily identifiable, you could use the same issuer DN for all these certs, even if they're not signed with the same private key in practice (again, since you would ignore the signature).
Use self-signed certificates - this is the same as "raw" keys but easier to manage (see this question regarding how to accept or not accept a self-signed certificate in openssl).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With