Recent changes

This is an old revision of the document!

Laboratory 08. Security: PKI, X.509, SSL, TLS

TLS (Transport Layer Security) is a cryptographic protocol that provides communication security between a client and a server. Usually, the identity of the server is verified through a certificate. This certificate contains a public key, the identity of the server and a signature which verifies that the key belongs to the entity in the certificate.

A certificate is valid if it is signed by a Certificate Authority (CA). The CA is considered trustworthy by the communication client. The client has access to the certificate of the CA, with which the signature in the certificate belonging to the server can be verified and, consequently, the identity of the server can be verified.

Lab Setup

  • We will be using a virtual machine in the faculty's cloud.
  • When creating a virtual machine follow the steps in this tutorial.
  • When creating a virtual machine in the Launch Instance window:
    • Select Boot from image in Instance Boot Source section
    • Select SCGC Template in Image Name section
    • Select a flavor that is at least m1.medium.
  • The username for connecting to the VM is student
  • For the following exercises, the resources can be found in the laboratory archive: 
    [student@scgc ~] $ cd
[student@scgc ~] $ wget --user=<username> --ask-password https://repository.grid.pub.ro/cs/scgc/laboratoare/lab-08.zip
[student@scgc ~] $ unzip lab-08.zip

Tasks

1. [20p] Inspecting and Verifying a Certificate

Begin by inspecting the certificate found in the houdini.cs.pub.ro.crt-roedunet file. 

$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -text

In the output you can find information about:

  • the issuer
  • the validity
    • start date
    • end date
  • the public key
    • algorithm
    • modulus
    • exponent
  • certificate extensions
  • signature

Specific information regarding the certificate can be printed by replacing the -text argument with the one or more of the following: 

$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -pubkey
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -startdate
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -enddate
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -dates
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -issuer
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -subject
$ openssl x509 -in houdini.cs.pub.ro.crt-roedunet -noout -modulus

To verify the certificate using a certificate chain, use the following command: 

$ openssl verify -CAfile terena-ca-chain.pem houdini.cs.pub.ro.crt-roedunet
houdini.cs.pub.ro.crt-roedunet: OU = Domain Control Validated, CN = houdini.cs.pub.ro
error 10 at 0 depth lookup:certificate has expired
OK

The certificate is expired, but has otherwise been verified.

Check the information in certificate chain: 

$ cat terena-ca-chain.pem
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

Notice there are multiple certificates in the file. Although openssl does not provide direct support for printing information about each certificate in the chain, the following workaround can be used: 

$ openssl crl2pkcs7 -nocrl -certfile terena-ca-chain.pem | openssl pkcs7 -print_certs -noout
subject=/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL CA 2
issuer=/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority

subject=/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
issuer=/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

subject=/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
issuer=/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root

Verify open-source.cs.pub.ro.crt-roedunet and security.cs.pub.ro.crt-roedunet using the two certificate chains present in the resources archive.

Find the issuer for each of the certificates and use the appropriate certificate chain.

2. [20p] Remotely Inspecting a Certificate

Connect to aero.curs.pub.ro using a secure connection to obtain its certificate. 

$ echo | openssl s_client -connect aero.curs.pub.ro:443
CONNECTED(00000005)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3
verify return:1
depth=0 businessCategory = Government Entity, jurisdictionC = RO, serialNumber = Government Entity, C = RO, L = Bucure\C8\99ti, O = Universitatea POLITEHNICA din Bucuresti, OU = NCIT Cluster, CN = acs.curs.pub.ro
verify return:1
---
Certificate chain
 0 s:businessCategory = Government Entity, jurisdictionC = RO, serialNumber = Government Entity, C = RO, L = Bucure\C8\99ti, O = Universitatea POLITEHNICA din Bucuresti, OU = NCIT Cluster, CN = acs.curs.pub.ro
   i:C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3
 1 s:C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
...

The received certificate appears to be for acs.curs.pub.ro. This is because both servers have same certificate (issued to acs.curs.pub.ro) and aero.cs.pub.ro is a subject alternative name (SAN) for the domain. Let's inspect the certificate: 

$ echo | openssl s_client -connect aero.curs.pub.ro:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:34:0a:2f:41:fa:35:0e:5b:29:85:4c:1e:c1:51:23
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3
        Validity
            Not Before: Sep 17 00:00:00 2019 GMT
            Not After : Sep 21 12:00:00 2020 GMT
        Subject: businessCategory = Government Entity, jurisdictionC = RO, serialNumber = Government Entity, C = RO, L = Bucure\C8\99ti, O = Universitatea POLITEHNICA din Bucuresti, OU = NCIT Cluster, CN = acs.curs.pub.ro
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8f:eb:51:6d:52:af:25:30:c7:d2:92:34:a7:
                    7e:8f:b5:44:9c:4f:2c:0c:71:33:72:83:e9:53:cc:
                    7e:e3:9b:e2:81:95:48:a2:bd:9e:0c:de:d1:e0:56:
                    9f:f5:54:ea:70:9e:be:32:13:8e:6f:59:0b:57:45:
                    c5:ca:f8:4b:5a:66:da:89:48:f2:fb:32:2c:0d:75:
                    76:e1:e7:8b:57:2b:01:61:1c:a8:71:42:a5:6b:35:
                    7f:3e:a5:5b:dd:8d:85:8a:bf:ba:f2:0a:db:ed:eb:
                    c8:2a:9c:af:4b:2b:c2:28:80:3b:38:47:f3:64:80:
                    7f:7d:75:8c:9c:34:d2:63:ef:cd:d9:37:88:57:e0:
                    49:54:df:fc:11:e1:e7:80:3b:74:95:f2:71:05:0d:
                    13:6a:fa:ba:eb:43:62:f9:dd:80:b7:f1:ee:36:5d:
                    8e:9e:f6:7e:5a:cb:da:a0:ad:2b:17:ce:36:70:a1:
                    24:92:e3:60:f4:c5:a4:8d:da:53:e7:42:0a:e0:9d:
                    4b:64:8e:86:37:31:fe:53:b8:23:4b:71:75:48:c6:
                    af:97:fe:e5:26:05:54:5c:6b:b6:40:f2:98:8c:13:
                    05:b4:43:b7:aa:c6:76:06:85:fb:71:73:29:37:2d:
                    00:12:b3:63:5d:13:f1:4a:06:06:c0:6b:e6:d1:01:
                    8d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:C2:B8:85:D7:E1:B9:13:BD:D1:48:BC:FD:5E:DC:7D:90:42:7A:8A:A9

            X509v3 Subject Key Identifier:
                84:AD:71:69:54:FA:D1:44:BC:74:1A:9F:C8:93:25:D7:A3:62:80:9D
            X509v3 Subject Alternative Name:
                DNS:acs.curs.pub.ro, DNS:aero.curs.pub.ro, DNS:aracis.curs.pub.ro, DNS:chim.curs.pub.ro, DNS:cs.curs.pub.ro, DNS:dmkm.curs.pub.ro, DNS:dppd.curs.pub.ro, DNS:electro.curs.pub.ro, DNS:electronica.curs.pub.ro, DNS:energ.curs.pub.ro, DNS:faima.curs.pub.ro, DNS:fils.curs.pub.ro, DNS:fim.curs.pub.ro, DNS:fsa.curs.pub.ro, DNS:hub.curs.pub.ro, DNS:imst.curs.pub.ro, DNS:isb.curs.pub.ro, DNS:mecanica.curs.pub.ro, DNS:nt.curs.pub.ro, DNS:posdru62485.curs.pub.ro, DNS:postdoc.curs.pub.ro, DNS:sas.curs.pub.ro, DNS:sim.curs.pub.ro, DNS:tet.curs.pub.ro, DNS:transporturi.curs.pub.ro, DNS:www.curs.pub.ro, DNS:fiir.curs.pub.ro
...

As we can see, all the Subject Alternative Names (SAN) can be found under in the certificate, under DNS entries.

Within a browser, inspect the certificate for aero.curs.pub.ro and find the field that specifies the Subject Alternative Names for the certificate.

3. [20p] Generating and Inspecting a Certificate

The steps required when generating a certificate are as follows:

  • generate a private key
  • generate a certificate signing request (CSR) with the key and identification data
  • send the CSR to a CA in order to have it signed

We will generate a CSR for server.scgc. First, generate a private key: 

$ openssl genrsa -out server.scgc.key 2048
Generating RSA private key, 2048 bit long modulus
...............................................+++
.....................................................................................+++
e is 65537 (0x10001)

Then, generate the signing request: 

$ openssl req -new -key server.scgc.key -out server.scgc.csr
...

Supply the following information in the request:

  • Organization Name: SCGC
  • Organizational Unit: Development
  • Common Name: server.scgc

The other fields can be completed as desired.

Usually, at this point, the request would be sent to a trusted CA in order to be signed. Instead, we will sign the certificate using the scgc-ca.crt certificate from the resource archive. 

$ openssl ca -config scgc-ca.cnf -policy signing_policy -extensions signing_req -in server.scgc.csr -out server.scgc.crt
Using configuration from scgc-ca.cnf
Check that the request matches the signature
Signature ok
...
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

Inspect the scgc-ca.cnf file, in particular the signing_policy section.

A more complex openssl configuration file can be found at /etc/ssl/openssl.cnf.

Verify that the signed certificate matches the generated key. 

$ openssl x509 -in server.scgc.crt -noout -modulus | md5sum
d80db122c02c6ef6eabb3b4cbd8b8f40  -
$ openssl rsa -in server.scgc.key -noout -modulus | md5sum
d80db122c02c6ef6eabb3b4cbd8b8f40  -

Furthermore, verify the certificate using the scgc-ca.crt certificate. 

$ openssl verify -CAfile scgc-ca/scgc-ca.crt server.scgc.crt
server.scgc.crt: OK

Currently, the scgc-ca.crt certificate is expired, so the last command will fail. If you want to solve this issue, you can regenerate the CA certificate by running the following commands (and resign the newly created CSR): 

$ openssl req -new -key scgc-ca/scgc-ca.key -out scgc-ca/scgc-ca.csr
$ openssl x509 -req -in scgc-ca/scgc-ca.csr -signkey scgc-ca/scgc-ca.key -out scgc-ca/scgc-ca.crt

4. [15p] Unencrypted Client/Server Communication

First, in a separate terminal, start a tcpdump session to dump traffic on the loopback interface. We will also use this for the next exercise. 

$ sudo tcpdump -A -i lo port 12345

Now, start a simple server listening on the port tcpdump is monitoring. 

$ nc -l 12345

To connect to the server, run the following in another terminal. 

$ nc localhost 12345

Notice that any text typed into the client shows in the server and vice-versa. Also, the messages can be seen in plaintext in the tcpdump log.

5. [25p] Client/Server Communication over SSL/TLS

Use openssl s_server to start a server listening on the same port as the previous exercise. Use the server.scgc certificate previously generated. 

$ openssl s_server -key server.scgc.key -cert server.scgc.crt -accept 12345
Using default temp DH parameters
ACCEPT

Connect to the server using openssl s_client. 

$ openssl s_client -connect localhost:12345
CONNECTED(00000003)
depth=0 C = RO, ST = Bucharest, L = Bucharest, O = SCGC, OU = Development, CN = server.scgc
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = RO, ST = Bucharest, L = Bucharest, O = SCGC, OU = Development, CN = server.scgc
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/C=RO/ST=Bucharest/L=Bucharest/O=SCGC/OU=Development/CN=server.scgc
   i:/C=RO/O=SCGC/OU=Development/CN=SCGC CA
---
...
    Verify return code: 21 (unable to verify the first certificate)

The validation of the server certificate has failed.

Attempt the connection again, this time specifying the CA certificate. 

$ openssl s_client -CAfile scgc-ca/scgc-ca.crt -connect localhost:12345
CONNECTED(00000003)
depth=1 C = RO, O = SCGC, OU = Development, CN = SCGC CA
verify return:1
depth=0 C = RO, ST = Bucharest, L = Bucharest, O = SCGC, OU = Development, CN = server.scgc
verify return:1
---
Certificate chain
 0 s:/C=RO/ST=Bucharest/L=Bucharest/O=SCGC/OU=Development/CN=server.scgc
   i:/C=RO/O=SCGC/OU=Development/CN=SCGC CA
---
...
    Verify return code: 0 (ok)

The connection has been successfully established. Verify that messages exchanged between server and client are no longer displayed in the tcpdump log.

Resources

Laboratories

Table of Contents

scgc/laboratoare/08.1606922823.txt.gz ยท Last modified: 2020/12/02 17:27 by darius.mihai
Old revisions
Media ManagerBack to top
CC Attribution-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0