Hi,
Firstly I apologise for the length of the mail note and also some of the
questions asked. But I have spent time reading various articles/books
and unfortunately I've become totally confused. So please be gentle
with any replies you send ;-)
I thought I had a reasonable grasp of:
a) how the SSL protocol worked (specifically the exchange of public keys
and the generation/exchange of the symmetric session key)
b) how to use the openssl API set to establish a session and send data.
but after talking to other people I'm now confused and I wonder if any
one on this mail group could help.
SSL Protocol
--------------
I understand that during the initial handshake (if requested) the client
and server public keys are exchanged. This is essentially the mechanism
that is used to determine who each side is talking to - since each
certificate is authorised by bodies (CAs) acceptable to each side.
That the client makes up a secret and encrypts the secret with the
server public key. Is a hash value of the secret (before or after the
encryption created) also sent, and if so how is this protected?
This symmetric secret is then used with the agreed cipher suite to
encrypt the application data that is exchanged between the client and
the server.
Again is a hash value (or message digest) always calculated and sent
with the encrypted data? And if so is this then encrypted prior to
transmission?
I understand the basic premise that the symmetric secret is used to
encrypt the application data because it is not so computationally
expensive compared to using the asymmetric public keys. But someone
else told me that not only is the message encrypted but it CAN ALSO be
digitally signed with the senders private key. Obviously on receipt of
the message the receiver uses the public key of the sender to de-sign
the message before then using the symmetric key to decrypt the data.
This gives the recipient confidence that the message has actually been
sent by the client. But as this adds quite an overhead - why not just
use the asymmetric keys in isolation without exchanging a symmetric key?
Then I started to wonder that if the previous statement was true how
does an application using the openssl API tell the openssl library that
in addition to the encryption using the symmetric key that the message
has to be digitally signed using the senders private key? Obviously the
receiver has to have been told that this is what has been performed on
the message in order to recover the original message. But in all the
example code I looked at I've never spotted a call which specifically
states the security properties that will be used during the connection
establishment phase.
Or is it done implicitly through the selection of the cipher suite by
the server during the handshake phase?
My final question on the basic SSL protocol is... This is an extract
from the SSL v3.0 draft specification:
Following the hello messages, the server will send its
certificate,
if it is to be authenticated. Additionally, a server key
exchange
message may be sent, if it is required (e.g. if their server has
no
certificate, or if its certificate is for signing only). If the
server is authenticated, it may request a certificate from the
client, if that is appropriate to the cipher suite selected. Now
the server will send the server hello done message, indicating
that
the hello-message phase of the handshake is complete. The server
will then wait for a client response. If the server has sent a
certificate request Message, the client must send either the
certificate message or a no_certificate alert. The client key
exchange message is now sent, and the content of that message
will
depend on the public key algorithm selected between the client
hello and the server hello. If the client has sent a certificate
with signing ability, a digitally-signed certificate verify
message
is sent to explicitly verify the certificate.
What does it mean by the statement ..if its certificate is for signing
only..?
I understand that the certificate is used to aid in verifying who I am -
but what is a signing certificate and does it relate to the previous
statements in this mail note.
OPENSSL API
----------------
I have:
1. Complied the openssl library to be able to use all the available
cipher suites.
2. Initialised the openssl library to be able to use all the available
cipher suites.
But can I on a per ssl connection alter the list of available cipher
suites and the order that they are presented to to server?
If there is a combination of encryption and digital signing that can be
applied to a message then what I'd like to do is to dynamically select
the combinations of encryption/signing based on the actual message
content that is going to be exchanged. I realise that the selection
will be per ssl connection, but nevertheless does the openssl API
provide this degree of flexibility. Is this possible?
For those of you that have got to the end of this mail note and reply I
thank you most sincerely.
Regards,
Graeme Cutler
**************************************************************************
Graeme Cutler
Telephone: 00 44 (0)118 92 46673
: 00 44 (0)7899 920946 (Mobile)
Technology Technical Architecture
Currently in TVP 540, second floor
Administrator: Paulette Davenport
Telephone: 00 44 (0)161 493 4850
Facsimile: 00 44 (0)161 493 4909
**************************************************************************
begin:vcard
n:Cutler;Graeme
tel;cell:07899 920946
tel;work:0118 92 46673
x-mozilla-html:TRUE
url:http://www.emea.oracle.com
org:<img src=http://wired.us.oracle.com/images/orc05.gif><br> <b> Oracle Corporation </img>;Technical Architecture
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Principal Consultant
fn:Graeme Cutler
end:vcard
