1. Hash
- 生成fingerprint保证integrity,问题是如何保证digest本身的integrity
- To provide data integrity, any message could be simply encrypted. 但是太费CPU,可以通过Hash达到相同效果。
1.1. 常见算法
- MD5 (Message Digest 5)
- SHA1
- SHA2 family: SHA224, SHA256, SHA384 and SHA512
SHA512
|
18.339390993118286
|
18.11187481880188
|
18.085782051086426
|
MD5
|
10.275190830230713
|
10.155328989028931
|
10.250311136245728
|
SHA1
|
11.985718965530396
|
11.976419925689697
|
11.86873197555542
|
SHA256
|
16.662450075149536
|
21.551337003707886
|
17.016510963439941
|
1.2. 流程
2. MAC
- Message Authentication Code
- 保证integerity和authentication
- Digest+key,Digest保证integrity,key保证authentication
有两种
- CMAC(Cipher-based),使用对称加密
- HMAC(hash-based),使用hash(更常用)
2.1. 流程
3. Digital Signature
- 同MAC一样,也是为了保证integerity和authentication
- 先将message digest,再将digest加密
3.1. 常见算法
- RSAMD5,
- RSASHA1
- RSASHA256
- RSASHA384
- DSA (Digital Signature Algorithm: a US Government standard defined in FIPS186 rev 4)
- ECDSA (Elliptic Curve Digital Signature Algorithm defined in FIPS186 rev 4).
3.2. 流程
4. TLS/SSL
4.1. 版本
- openssl支持SSLv3, TLSv1, TLSv1.1, TLSv1.2
- SSLv2和SSLv3已经作废
- TLSv1.3还在Draft
4.2. 协议
- 分为两个阶段
- TLS handshake protocol
- TLS record protocol
- handshake的管理以下内容
- 协商cipher suite
- Session key信息(master secret)
- 认证server,认证client(optional)
- record管理的内容
- 数据的integrity,使用mac
- 数据加密
4.2.1. Cipher suite
一个ciper suite定义:
- key exchange algorithm
- bulk-date encryption algorithm type
- MAC algorithm type
完整的列表参考: TLS Cipher Suites
4.2.2. handshake流程
- ClientHello
- 我支持的版本
- 我支持的Cipher suite
- client的random number
- ServerHello
- 选择的版本
- 选择的Cipher suite
- server的random number
- Certificate
- server的certificate,包含了public key
- client需要验证
- ClientKeyExchange
- Client自己生成pre-master key
- 将pre-master key用server的public key加密
- 这步骤可能随着Cipher suite有所不同(猜的),比如Diffie Hellmen
- server和client各自生存一个master-key
- 生成的是一样的
- 这是个对称密钥,作为后续报文使用
4.2.3. record protocol功能
- Dividing outgoing messages into manageable blocks, and reassembling incoming messages.
- Compressing outgoing blocks and decompressing incoming blocks (optional).
- Applying a Message Authentication Code (MAC) to outgoing messages, and verifying incoming messages using the MAC.
- Encrypting outgoing messages and decrypting incoming messages.
4.3. certificate
4.3.1. 颁发流程
CA颁发流程
4.3.2. Sample
Sample
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bb:7c:54:9b:75:7b:28:9d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=MY, ST=STATE, O=CA COMPANY NAME, L=CITY, OU=X.509, CN=CA ROOT
Validity
Not Before: Apr 15 22:21:10 2008 GMT
Not After : Mar 10 22:21:10 2011 GMT
Subject: C=MY, ST=STATE, L=CITY, O=ONE INC, OU=IT, CN=www.example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ae:19:86:44:3c:dd...
...
99:20:b8:f7:c0:9c:e8...
38:c8:52:97:cc:76:c9...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
EE:D9:4A:74:03:AC:FB...
X509v3 Authority Key Identifier:
keyid:54:0D:DE:E3:37...
Signature Algorithm: sha1WithRSAEncryption
52:3d:bc:bd:3f:50:92...
...
51:35:49:8d:c3:9a:bb...
b8:74
几个需要注意的
- Issuer,是CA (root 或 intermediate)的DN (LDAP的Distinguished Name)
- Subject, 证书的DN,DN中的CN一般是DNS
0 评论:
Post a Comment