2019-2020-1 20,175,302 201,752,314 20,175,316 Experiment 5 protocol design
A task
Task details
Completed in Ubuntu http://www.cnblogs.com/rocedu/p/5087623.html the job
About OpenSSL
Background technique
- SSL is an abbreviation of Secure Sockets Layer (Secure Sockets Layer) may be provided secrecy transmission over the Internet. The goal is to ensure that the application between the two communication security and reliability, can be achieved simultaneously supports both the server and the client. Internet has become the industry standard on confidentiality of communications.
SSL enables communication between a user / server application attacker eavesdropping, and always authenticate the server, authenticates the user may select. SSL protocol requires built on a reliable transport layer protocol (TCP). SSL-advantage is that it is independent of the application layer protocol-independent, high-level application layer protocol (e.g.: HTTP, FTP, TELNET, etc.) can be built on top of a transparent SSL protocol. SSL protocol prior to application layer protocol for communication and consultation has been completed certification server encryption algorithms, communication key. After the application layer protocol data transmitted will be encrypted to ensure privacy of communications.
work process
Server authentication phase:
- The client sends a start message "Hello" to start a new session connection to the server;
- The server determines whether the customer's information need to generate a new master key, as needed in response to the server of the client "Hello" message will contain the master key generation information required;
- The server receives the client response message, and generates a master key, and the server using the public key encrypted to the server;
Server reply to the master key, and returned to the customer a certified master key information used in order to allow customers to authentication server.
User authentication phase:
Prior to this, the server has been certified by the client, this stage mainly to complete the certification to customers. Certified server to send a question to the customer, the customer is to ask questions and post their public key (digital) signature returns, thus providing authentication to the server.
Experimental procedure and steps
OpenSSL installation under Linux
- Extract the source:
unzip openssl-master.zip
- Into the source directory:
cd openssl-master
Compile and install:
./config
make
sudo make install
Usemake test
test
Linux下OpenSSL的使用
通过
man openssl
查看帮助文档
- 编写测试代码
test_openssl.c
#include <stdio.h>
#include <openssl/evp.h>
int main(){
OpenSSL_add_all_algorithms();
return 0;
}
- 编译:
gcc -o test_openssl test_openssl.c -L/usr/local/ssl/lib -lcrypto -ldl -lpthread
,生成可执行文件test_openssl
- 执行
echo $?
,结果打印0