[Presentation]

http://www.nyphp.org/content/presentations/SSL/[9/12/2009 6:56:15 PM]

SSL Presentation1. Practical SSL With Apache and PHP

2. Part I: The Players

3. Basics: Hashing

4. Basics: Symmetric Encryption

5. Basics: Asymmetric Encryption

6. Certificates

7. Certificate Authorities

8. Transport Layer Security

9. TLS: What It Does

10. TLS: The Handshake Protocol

11. TLS: Server Handshake Response

12. TLS: Server Certificate

13. TLS: Server Certificate Verification

14. TLS: Root Certificates

15. TLS: Failed Verification

16. TLS: Client Handshake Response

17. TLS: Handshake Wrapup

18. TLS: Record Protocol

[Presentation]

http://www.nyphp.org/content/presentations/SSL/[9/12/2009 6:56:15 PM]

19. TLS: Record Protocol (cont'd)

20. Apache's mod_ssl

21. OpenSSL

22. PHP's OpenSSL Support

23. The Big Picture

24. Part II: SSL-enabled Webservers

25. HTTPS Requirements

26. Using PHP to simplify PKI

27. A Local Certificate Authority

28. A New Server Certificate

29. Global SSL Directives

30. A Passphrase Dialog

31. Apache Per-host SSL Directives

32. Cipher Suite

33. Cross Your Fingers

34. Revoking A Server Certificate

35. Part III: Application Level SSL

36. Example: Stored Secrets

37. Class openSSL

38. Signing

39. Encrypting

[Presentation]

http://www.nyphp.org/content/presentations/SSL/[9/12/2009 6:56:15 PM]

40. Decrypting

41. Verifying

42. Checking The Key Passphrase

43. Parsing X.509 Data

44. Discussion

45. Thank You!

46. Resources

47. Download

[Presentation] Practical SSL With Apache and PHP

http://www.nyphp.org/content/presentations/SSL/welcome.html[9/12/2009 6:56:20 PM]

Contents | Next

Practical SSL With Apacheand PHP... and OpenSSL, mod_ssl, X.509 Certificates.

Chris Snyder and Mike SouthwellNew York PHP22 November 2005

[Presentation] Part I: The Players

http://www.nyphp.org/content/presentations/SSL/part1intro.html[9/12/2009 6:56:27 PM]

Contents | Previous | Next

Part I: The PlayersCryptography basics

Certificates

Transport Layer Security

What you need:

mod_SSLOpenSSL toolkitPHP --with-openssl

[Presentation] Basics: Hashing

http://www.nyphp.org/content/presentations/SSL/hashing.html[9/12/2009 6:56:30 PM]

Contents | Previous | Next

Basics: Hashingnot reversiblehas native PHP support

md5( 'hello' ) : 5d41402abc4b2a76b9719d911017c592sha1( 'hello' ) : aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d

[Presentation] Basics: Symmetric Encryption

http://www.nyphp.org/content/presentations/SSL/symmetric.html[9/12/2009 6:56:34 PM]

Contents | Previous | Next

Basics: SymmetricEncryptionSymmetric: both sides use the same key

ReversibleRequires out-of-band key exchange.PHP needs mcrypt extension

3DESAESBlowfishRC4

We each have the same secret key.You encrypt a value with this key, and send it to me.The only way to decrypt it is with our shared secret key.

[Presentation] Basics: Asymmetric Encryption

http://www.nyphp.org/content/presentations/SSL/asymmetric.html[9/12/2009 6:56:43 PM]

Contents | Previous | Next

Basics: AsymmetricEncryptionAsymmetric: encryption and decryption use different keys

ReversibleAllows public knowledge of encryption keyPHP needs OpenSSL extension

RSA

I give you my public key.You encrypt a value with my public key, and send it to me.The only way to decrypt it is with my private key (which only Ihave).

[Presentation] Certificates

http://www.nyphp.org/content/presentations/SSL/x509pki.html[9/12/2009 6:56:48 PM]

Contents | Previous | Next

CertificatesX509 Public Key Infrastructure

RFC3280 defines Certificates and Certificate Revocation Lists.

http://rfc.net/rfc3280.html

[Presentation] Certificate Authorities

http://www.nyphp.org/content/presentations/SSL/cas.html[9/12/2009 6:56:52 PM]

Contents | Previous | Next

Certificate AuthoritiesCertificate Authorities provide secured identification of a server,and enable asymmetric encryption of messages between clientand server.

[Presentation] Transport Layer Security

http://www.nyphp.org/content/presentations/SSL/tls.html[9/12/2009 6:56:58 PM]

Contents | Previous | Next

Transport Layer SecurityA 30-second history

Secure Sockets Layer was developed by Netscape in 1994 as aprotocol which permitted persistent and secure transactions. In1997 an Open Source version of Netscape’s patented versionwas created, which is now OpenSSL. In 1999 the existingprotocol was extended by a version now known as TransportLayer Security (TLS). By convention, the term "SSL" is usedeven when technically the TLS protocol is being used.

[Presentation] TLS: What It Does

http://www.nyphp.org/content/presentations/SSL/tlsfeatures.html[9/12/2009 6:57:02 PM]

Contents | Previous | Next

TLS: What It DoesTLS encrypts messages.

TLS makes message alteration detectable.

TLS authenticates message senders/receivers.

[Presentation] TLS: The Handshake Protocol

http://www.nyphp.org/content/presentations/SSL/tlshandshake1.html[9/12/2009 6:57:07 PM]

Contents | Previous | Next

TLS: The Handshake ProtocolSSL encrypts every transaction between the client browser and theserver, which makes it possible to send sensitive information backand forth without fear that it will be readable by anybody who mightintercept it. It can do this because, before it begins transferringencrypted information, the server engages in an elaborate negotiationwith the client, called the Handshake Protocol. This negotiation hasthe following parts:

The client sends a request to the server which, because ituses the https (as opposed to http) schema, initiates thenegotiation.

[Presentation] TLS: The Handshake Protocol

http://www.nyphp.org/content/presentations/SSL/tlshandshake1.html[9/12/2009 6:57:07 PM]

[Presentation] TLS: Server Handshake Response

http://www.nyphp.org/content/presentations/SSL/tlshandshake2.html[9/12/2009 6:57:11 PM]

Contents | Previous | Next

TLS: Server HandshakeResponseThe server responds with a plain-text message consisting of thefollowing parts:

1. An exchange method to be used for passing back and forththe keys to be used for encrypting information. This istypically either RSA or Diffie-Hellman-Merkle. If it is RSA, theserver must send along also a Certificate (discussed below).

2. The type of encryption to be used (RC4 or preferably 3DES).

3. The technique to be used for calculating the MessageAuthentication Code, a checksum appended to messages andused to verify that the message contents haven’t beentampered with. Typically MD5 or SHA-1.

[Presentation] TLS: Server Handshake Response

http://www.nyphp.org/content/presentations/SSL/tlshandshake2.html[9/12/2009 6:57:11 PM]

[Presentation] TLS: Server Certificate

http://www.nyphp.org/content/presentations/SSL/tlshandshake3.html[9/12/2009 6:57:25 PM]

Contents | Previous | Next

TLS: Server CertificateRSA key exchange enhances security by requiring the server to senda Certificate to the client. This Certificate is a binary collection of thefollowing information:

1. Its identity

2. Its own attestation that it really is who it has said

3. A Certificate Authority’s attestation that the server’sattestation is true

4. Its public key, which may be used to encrypt the messageencryption key, randomly generated by the client

[Presentation] TLS: Server Certificate

http://www.nyphp.org/content/presentations/SSL/tlshandshake3.html[9/12/2009 6:57:25 PM]

[Presentation] TLS: Server Certificate Verification

http://www.nyphp.org/content/presentations/SSL/tlshandshake4.html[9/12/2009 6:57:35 PM]

Contents | Previous | Next

TLS: Server CertificateVerification

The client browser recognizes the Certificate Authorityand thus verifies the authenticity of the connection.

[Presentation] TLS: Root Certificates

http://www.nyphp.org/content/presentations/SSL/tlshandshake5.html[9/12/2009 6:57:43 PM]

Contents | Previous | Next

TLS: Root CertificatesIt can do this because it has pre-installed certificates from manyAuthorities.

[Presentation] TLS: Failed Verification

http://www.nyphp.org/content/presentations/SSL/tlshandshake6.html[9/12/2009 6:57:49 PM]

Contents | Previous | Next

TLS: Failed VerificationIf there is a conflict between the name on the certificate and thename of the server, the browser pops up a “Domain NameMismatch†notice, allowing the user to decide whether tocontinue.

[Presentation] TLS: Client Handshake Response

http://www.nyphp.org/content/presentations/SSL/tlshandshake7.html[9/12/2009 6:57:58 PM]

Contents | Previous | Next

TLS: Client HandshakeResponse

Assuming the client does trust the server, it generates arandom key to be used by the server for messageencryption. It then encrypts that key with the server’spublic key, and sends it back to the server.

[Presentation] TLS: Handshake Wrapup

http://www.nyphp.org/content/presentations/SSL/tlshandshake8.html[9/12/2009 6:58:19 PM]

Contents | Previous | Next

TLS: Handshake WrapupAt this point, the Handshake Protocol is finished. Both the serverand the client know the following:

1. What key and encryption method to use for messageencryption

2. What key and hashing method to use for messagesigning

There is, then, a great deal going on behind the scenes, whichexplains why SSL connections are sometimes slower thaninsecure ones.

[Presentation] TLS: Record Protocol

http://www.nyphp.org/content/presentations/SSL/tlsrecord1.html[9/12/2009 6:58:31 PM]

Contents | Previous | Next

TLS: Record ProtocolNow the Record Protocol starts to manage all futurecommunication. The server finally is ready to respond to theoriginal request, as follows:

1. It encrypts its http response.

2. It calculates a hash of its response

3. It appends that hash as a signature.

[Presentation] TLS: Record Protocol (cont'd)

http://www.nyphp.org/content/presentations/SSL/tlsrecord2.html[9/12/2009 6:59:08 PM]

Contents | Previous | Next

TLS: Record Protocol(cont'd)Upon receiving the server’s response, the client does thefollowing:

1. It detaches the signature.

2. It calculates a new hash of the response, and comparesthat to the detached signature.

3. (Assuming they match,) it decrypts the response.

4. It displays the requested html.

[Presentation] Apache's mod_ssl

http://www.nyphp.org/content/presentations/SSL/modssl.html[9/12/2009 6:59:29 PM]

Contents | Previous | Next

Apache's mod_sslInstalled by default in Apache 2, and available for Apache 1.3,mod_ssl provides cryptography so that Apache can interact withthe OpenSSL toolkit.

http://www.modssl.org/

[Presentation] OpenSSL

http://www.nyphp.org/content/presentations/SSL/openssl.html[9/12/2009 6:59:33 PM]

Contents | Previous | Next

OpenSSLThe OpenSSL project provides a toolkit and cryptography libraryfor implementing the TLS protocol.

http://www.openssl.org/

[Presentation] PHP's OpenSSL Support

http://www.nyphp.org/content/presentations/SSL/php.html[9/12/2009 6:59:37 PM]

Contents | Previous | Next

PHP's OpenSSL SupportPHP reports that it must be compiled --with-openssl in order touse its wrapper support for OpenSSL, although that appears notto be completely true.

http://www.php.net/openssl

[Presentation] The Big Picture

http://www.nyphp.org/content/presentations/SSL/bigpicture.html[9/12/2009 6:59:44 PM]

Contents | Previous | Next

The Big PictureGreen parts are created by local CA, pink parts by third-partyCA.

[Presentation] Part II: SSL-enabled Webservers

http://www.nyphp.org/content/presentations/SSL/part2_webservers.html[9/12/2009 6:59:53 PM]

Contents | Previous | Next

Part II: SSL-enabledWebserversHTTPS Requests and Responses are:

Encrypted

Tamper-proof

Authenticated (Server, anyway)

[Presentation] HTTPS Requirements

http://www.nyphp.org/content/presentations/SSL/requirements.html[9/12/2009 7:00:00 PM]

Contents | Previous | Next

HTTPS RequirementsApache with mod_ssl

An IP Address

Private server key (passphrase encrypted)

Signed Server Certificate

(optional) Certificate Authority Certificate(s)

(optional) PassphraseDialog script

[Presentation] Using PHP to simplify PKI

http://www.nyphp.org/content/presentations/SSL/phpca_intro.html[9/12/2009 7:00:05 PM]

Contents | Previous | Next

Using PHP to simplify PKIphpca is a command line utility to create and manage a simpleCertificate Authority for use with Apache's mod_ssl.

./phpca <command> [<server> | "ca"]

[Presentation] A Local Certificate Authority

http://www.nyphp.org/content/presentations/SSL/cagen.html[9/12/2009 7:00:10 PM]

Contents | Previous | Next

A Local Certificate Authority

./phpca cagen

[Presentation] A New Server Certificate

http://www.nyphp.org/content/presentations/SSL/newserver.html[9/12/2009 7:00:21 PM]

Contents | Previous | Next

A New Server Certificate

./phpca newserver ssl.example.org

[Presentation] Global SSL Directives

http://www.nyphp.org/content/presentations/SSL/mod_ssl_global.html[9/12/2009 7:00:32 PM]

Contents | Previous | Next

Global SSL Directives#### Global SSL Directives##

#LoadModule ssl_module modules/mod_ssl.soListen 443

# Random number generationSSLRandomSeed startup file:/dev/urandom 512SSLRandomSeed connect file:/dev/urandom 512

# Session CacheSSLSessionCache noneSSLSessionCacheTimeout 600SSLPassphraseDialog builtinSSLMutex file:/Applications/xampp/xamppfiles/logs/ssl_mutex

AddType application/x-x509-ca-cert .crtAddType application/x-pkcs7-crl .crl

[Presentation] A Passphrase Dialog

http://www.nyphp.org/content/presentations/SSL/passphrase.html[9/12/2009 7:00:51 PM]

Contents | Previous | Next

A Passphrase DialogCreate /root/httpdkey:

#!/bin/sh echo 'my secret password'

Make sure only root has access:

chmod 700 /root/httpdkey

Use an external SSLPassphraseDialog:

SSLPassphraseDialog exec:/root/httpdkey

Manual

[Presentation] Apache Per-host SSL Directives

http://www.nyphp.org/content/presentations/SSL/mod_ssl_perhost.html[9/12/2009 7:00:58 PM]

Contents | Previous | Next

Apache Per-host SSLDirectives#### SSL Virtual Host Context##<VirtualHost _default_:443> # General setup for the virtual host DocumentRoot "/Users/csnyder/Sites/https" ServerName localhost ServerAdmin csnyder@chxo.com ErrorLog logs/sslerror.log

# SSL Configuration SSLEngine on SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /etc/httpd/ssl/localhost.cert SSLCertificateKeyFile /etc/httpd/ssl/localhost.key SSLCertificateChainFile /etc/httpd/ssl/ca.cert SSLCARevocationFile /etc/httpd/ssl/ca.crl

# Client Authentication (Type): #SSLVerifyClient require #SSLVerifyDepth 10

# SSL Engine Options: <Files ~ "\.(cgi|shtml|phtml|php?)$"> SSLOptions +StdEnvVars </Files>

# SSL Protocol Adjustments: SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0

# Per-Server Logging: CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

[Presentation] Apache Per-host SSL Directives

http://www.nyphp.org/content/presentations/SSL/mod_ssl_perhost.html[9/12/2009 7:00:58 PM]

</VirtualHost>

[Presentation] Cipher Suite

http://www.nyphp.org/content/presentations/SSL/mod_ssl_ciphersuite.html[9/12/2009 7:01:03 PM]

Contents | Previous | Next

Cipher SuiteDIY suite-ness!

openssl ciphers -v 'HIGH:MEDIUM'

Manual

[Presentation] Cross Your Fingers

http://www.nyphp.org/content/presentations/SSL/testing.html[9/12/2009 7:01:24 PM]

Contents | Previous | Next

Cross Your Fingers

[Presentation] Revoking A Server Certificate

http://www.nyphp.org/content/presentations/SSL/revoke.html[9/12/2009 7:01:33 PM]

Contents | Previous | Next

Revoking A ServerCertificate

./phpca revoke ssl.example.org

[Presentation] Part III: Application Level SSL

http://www.nyphp.org/content/presentations/SSL/part3_applevel.html[9/12/2009 7:01:40 PM]

Contents | Previous | Next

Part III: Application LevelSSLA PHP application can use OpenSSL's RSA support to:

Sign values to prevent tampering

Encrypt values to keep them private

[Presentation] Example: Stored Secrets

http://www.nyphp.org/content/presentations/SSL/page43839f1e73b16.html[9/12/2009 7:01:47 PM]

Contents | Previous | Next

Example: Stored SecretsOn storage, application needs:

Application Certificate (Public Key) to encrypt values

On retrieval, application needs:

Application Private Key to decrypt values

...and Private Key passphrase

[Presentation] Class openSSL

http://www.nyphp.org/content/presentations/SSL/init.html[9/12/2009 7:01:59 PM]

Contents | Previous | Next

Class openSSLinclude_once( './openSSL.php' ); $server = new openSSL(); $server->privateKey( file_get_contents( $server_key ) );

$server->certificate( file_get_contents( $server_cert ) );

[Presentation] Signing

http://www.nyphp.org/content/presentations/SSL/sign.html[9/12/2009 7:02:09 PM]

Contents | Previous | Next

Signing

$value_signed = $ssl->sign( $value , $passphrase );

Looks like:

So long, and thanks for all the fish.-----BEGIN openSSL.php SIGNATURE-----e35fbZmTXYbVP33HY1CX31hxirAiENmEY4A0JHiGqPDfS87BmDQszGHP

CSvnMAyyqF7OuwRYnRS+VdiDNy2y3Uh2gqB7SNGXgWZnRNsMTeGX4OKX

NB5uwUQ+zNu7QjYfapQyliYoOWS5L+GcmFRHveTwAgw=-----END openSSL.php SIGNATURE-----

[Presentation] Encrypting

http://www.nyphp.org/content/presentations/SSL/encrypt.html[9/12/2009 7:02:15 PM]

Contents | Previous | Next

EncryptingShort values only! (56 chars max)

$secret = $ssl->encrypt( $value, $client_certificate );

Looks like:

Nlmc97wDavLSF7R078NcluVX8SrYMXdDFu9otugP5LDIPTW++VUQ5DOs

Z9qVS9+AL01gv1H2Ub8eNRcV67WgQw/5lMA92+T5KprSqV+CP/FXfcNC

nd3pq/H6TkP0LTF7zX9Q7GZg/4UuMHmc9EcGHhoOxBM=

[Presentation] Decrypting

http://www.nyphp.org/content/presentations/SSL/decrypt.html[9/12/2009 7:02:31 PM]

Contents | Previous | Next

Decrypting

$value = $ssl->decrypt( $secret, $passphrase );

[Presentation] Verifying

http://www.nyphp.org/content/presentations/SSL/verify.html[9/12/2009 7:02:38 PM]

Contents | Previous | Next

Verifying

$verified = $ssl->verify( $signed_value,$client_certificate );

[Presentation] Checking The Key Passphrase

http://www.nyphp.org/content/presentations/SSL/checkkey.html[9/12/2009 7:02:44 PM]

Contents | Previous | Next

Checking The KeyPassphrase

$success = $ssl->checkKey( $passphrase );

[Presentation] Parsing X.509 Data

http://www.nyphp.org/content/presentations/SSL/x509parse.html[9/12/2009 7:02:56 PM]

Contents | Previous | Next

Parsing X.509 Data$ssl->certificate( $certificate_data ); $dn = $ssl->getDN(); print_r( $dn );

Looks like:

( [C] => US [ST] => New York [L] => New York City [O] => CHXO Internet [OU] => Certificate Authority [CN] => ca.chxo.com [emailAddress] => csnyder@chxo.com)

[Presentation] Discussion

http://www.nyphp.org/content/presentations/SSL/discussion.html[9/12/2009 7:03:03 PM]

Contents | Previous | Next

DiscussionHow do you use SSL?

[Presentation] Thank You!

http://www.nyphp.org/content/presentations/SSL/thankyou.html[9/12/2009 7:03:10 PM]

Contents | Previous | Next

Thank You!For many many more details, please consult "Pro PHP Security",published in September by Apress.

[Presentation] Resources

http://www.nyphp.org/content/presentations/SSL/links.html[9/12/2009 7:03:20 PM]

Contents | Previous | Next

ResourcesSome of the many resources used in the making of thispresentation.

Cryptography

Diffie-Hellman-Merkle Key Exchange

PKCS #7: Cryptographic Message Syntax Standard

PKCS #12: Personal Information Exchange SyntaxStandard

RSA Cryptosystem

S/MIME Specification 3.1 (RFC 3851)

Legal

CNET: Netscape Patents Crypto Protocol (Sept. 16,1997)

United States Patent: 4,405,829 (RSA)

United States Patent: 5,657,390 (SSL)

Manuals

mod_ssl Directives

OpenSSL Manuals

PHP OpenSSL Functions

[Presentation] Resources

http://www.nyphp.org/content/presentations/SSL/links.html[9/12/2009 7:03:20 PM]

Other How-Tos

Certificate Management and Generation with OpenSSL

Generating an SSL Certificate with Apache+mod_ssl

SSL/TLS Protocol

The SSLv2 Protocol

The SSLv3 Protocol

The TLS Protocol v1.0

X.509 Public Key Infrastructure Spec (RFC 3280)

[Presentation] Download

http://www.nyphp.org/content/presentations/SSL/download.html[9/12/2009 7:03:26 PM]

Contents | Previous | *End*

DownloadPresentation files as a ZIP archive.

Contents:

psslwap/FCNYLicense.txt psslwap/README psslwap/cnf_template.php psslwap/config-dist.php psslwap/configure psslwap/fcnyCLI.php psslwap/gpl.txt psslwap/openSSL.php psslwap/openSSLDemo.php psslwap/openssl.cnf psslwap/phpca psslwap/players.png