Tls

TLS under hoood

Based on articles from Linux Journal

LJ

Takeaways:

• CA - certificate authority
• RFC 5280 - X.509
• certificate - binary record of key:values
• format DER, PEM, PFX
• the most important part of certificate:
  • server’s public key
  • digital signature to confirm authenticity using CA cert (hash over DER encoded public key of certificate)
• TLS uses asymmetric encryption during handshake, symmetric during transfer
• Cert, CSR > CA, CA returns signature
• CA public key added to trusted store
• canonical name CN = *.google.com. - wildcard cert
• alternate subject name
• intermediate CAs

$ openssl s_client -showcerts -connect google.com:443 </dev/null
CONNECTED(00000003)
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = *.google.com. #### LDAP naming standard
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=*.google.com
   i:/C=US/O=Google Trust Services/CN=GTS CA 1O1
... actual cert goes here, and more

take cert from above, but into google_com.crt and decode it:

$ openssl x509 -in google_com.crt -noout -text
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 5500042407018834932 (0x4c54136dbff12bf4)
   Signature Algorithm: sha256WithRSAEncryption
       Issuer: C = US, O = Google Trust Services, CN = Google
 ↪Internet Authority G3
       Validity
           Not Before: Oct 30 13:15:05 2018 GMT
           Not After : Jan 22 13:15:00 2019 GMT
       Subject: C = US, ST = California, L = Mountain View,
 ↪O = Google LLC, CN = *.google.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Extended Key Usage:
               TLS Web Server Authentication
           X509v3 Subject Alternative Name:
               DNS:*.google.com, DNS:*.android.com,
 ↪<... content omitted ...>
           X509v3 CRL Distribution Points:
               Full Name:
                 URI:http://crl.pki.goog/GTSGIAG3.crl

   Signature Algorithm: sha256WithRSAEncryption
...

• CA issued serial number
• CRL - certificate revocation list
• Cool Extended Key Usage:
  • Subject Alternative Name - cert can be used for on servers with different names
  • Web Server Authentication - the certificate may be used to identify a web server positively.

SSH and TLS hardening LJ

negotiation

(this is from wireshark perspective)

• client hello - version, client random, session id, supported cipher suites, extensions
• server hello - version, server random, selected cipher suite
• server certificate(s), cert status, elliptic curves?!
• server - done hello
• client verifies server cert sig
• client - key exchange, premaster secret (encrypted with server pub key), pubkey, elliptic curves!?
• server and client generate session keys from
  • client random,
  • server random,
  • premaster secret.
• server - session ticket. Client
• client verifies session ticket, should arrive at the same results.
• client sends message finished encrypted with session ticket
• server sends message finished

articles

• wikipedia
• cloudflare - whathappens in a tls handshake
• cloudflare - how dows ssl work