2019-2020-1 20,175,302 201,752,314 20,175,316 Experiment 5 protocol design

2019-2020-1 20,175,302 201,752,314 20,175,316 Experiment 5 protocol design

A task

Task details

• Completed in Ubuntu http://www.cnblogs.com/rocedu/p/5087623.html the job

  About OpenSSL

  Background technique

• SSL is an abbreviation of Secure Sockets Layer (Secure Sockets Layer) may be provided secrecy transmission over the Internet. The goal is to ensure that the application between the two communication security and reliability, can be achieved simultaneously supports both the server and the client. Internet has become the industry standard on confidentiality of communications.

• SSL enables communication between a user / server application attacker eavesdropping, and always authenticate the server, authenticates the user may select. SSL protocol requires built on a reliable transport layer protocol (TCP). SSL-advantage is that it is independent of the application layer protocol-independent, high-level application layer protocol (e.g.: HTTP, FTP, TELNET, etc.) can be built on top of a transparent SSL protocol. SSL protocol prior to application layer protocol for communication and consultation has been completed certification server encryption algorithms, communication key. After the application layer protocol data transmitted will be encrypted to ensure privacy of communications.

  work process

  Server authentication phase:

• The client sends a start message "Hello" to start a new session connection to the server;
• The server determines whether the customer's information need to generate a new master key, as needed in response to the server of the client "Hello" message will contain the master key generation information required;
• The server receives the client response message, and generates a master key, and the server using the public key encrypted to the server;

• Server reply to the master key, and returned to the customer a certified master key information used in order to allow customers to authentication server.

  User authentication phase:

• Prior to this, the server has been certified by the client, this stage mainly to complete the certification to customers. Certified server to send a question to the customer, the customer is to ask questions and post their public key (digital) signature returns, thus providing authentication to the server.

Experimental procedure and steps

OpenSSL installation under Linux

• Extract the source:unzip openssl-master.zip
• Into the source directory:cd openssl-master

• Compile and install:
  ./config
make
sudo make install
  Use make testtest
  

  Linux下OpenSSL的使用

• 通过man openssl查看帮助文档
  

• 编写测试代码test_openssl.c

      #include <stdio.h>
      #include <openssl/evp.h>
      int main(){
         OpenSSL_add_all_algorithms();
         return 0;
      }

• 编译：gcc -o test_openssl test_openssl.c -L/usr/local/ssl/lib -lcrypto -ldl -lpthread,生成可执行文件test_openssl
• 执行echo $?，结果打印0