Network security with OpenSSL
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications....
| Autor principal: | |
|---|---|
| Otros Autores: | , |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, California :
O'Reilly
2002.
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627237506719 |
Tabla de Contenidos:
- Network Security with OpenSSL; Conventions Used in This Book; Comments and Questions; Acknowledgments; 1. Introduction; 1.1.2. Cryptographic Algorithms; 1.1.2.2. Public key encryption; 1.1.2.3. Cryptographic hash functions and Message Authentication Codes; 1.1.2.4. Digital signatures; 1.2. Overview of SSL; 1.3. Problems with SSL; 1.3.1.2. Load balancing; 1.3.2. Keys in the Clear; 1.3.3. Bad Server Credentials; 1.3.4. Certificate Validation; 1.3.5. Poor Entropy; 1.3.6. Insecure Cryptography; 1.4. What SSL Doesn&t Do Well; 1.4.2. Non-Repudiation; 1.4.3. Protection Against Software Flaws
- 1.4.4. General-Purpose Data Security1.5. OpenSSL Basics; 1.6. Securing Third-Party Software; 1.6.2. Client-Side Proxies; 2. Command-Line Interface; 2.2. Message Digest Algorithms; 2.3. Symmetric Ciphers; 2.4. Public Key Cryptography; 2.4.2. Digital Signature Algorithm; 2.4.3. RSA; 2.5. S/MIME; 2.6. Passwords and Passphrases; 2.7. Seeding the Pseudorandom Number Generator; 3. Public Key Infrastructure (PKI); 3.1.1.2. Public Certification Authorities; 3.1.2. Certificate Hierarchies; 3.1.3. Certificate Extensions; 3.1.4. Certificate Revocation Lists; 3.1.5. Online Certificate Status Protocol
- 3.2. Obtaining a Certificate3.2.2. Code-Signing Certificates; 3.2.3. Web Site Certificates; 3.3. Setting Up a Certification Authority; 3.3.2. Building an OpenSSL Configuration File; 3.3.3. Creating a Self-Signed Root Certificate; 3.3.4. Issuing Certificates; 3.3.5. Revoking Certificates; 4. Support Infrastructure; 4.1.2. Dynamic Locking Callbacks; 4.2. Internal Error Handling; 4.2.2. Human-Readable Error Messages; 4.2.3. Threading and Practical Applications; 4.3. Abstract Input/Output; 4.3.1.2. File sources/sinks; 4.3.1.3. Socket sources/sinks; 4.3.1.4. BIO pairs; 4.3.2. Filter BIOs
- 4.4. Random Number Generation4.4.2. Using an Alternate Entropy Source; 4.5. Arbitrary Precision Math; 4.5.2. Mathematical Operations; 4.5.3. Generating Prime Numbers; 4.6. Using Engines; 5. SSL/TLS Programming; 5.1.2. Step 1: SSL Version Selection and Certificate Preparation; 5.1.2.2. Certificate preparation; 5.1.2.3. Our example extended; 5.1.3. Step 2: Peer Authentication; 5.1.3.2. Incorporating trusted certificates; 5.1.3.3. Certificate verification; 5.1.3.4. Incorporating certificate revocation lists; 5.1.3.5. Post-connection assertions; 5.1.3.6. Further extension of the examples
- 5.1.4. Step 3: SSL Options and Cipher Suites5.1.4.2. Ephemeral keying; 5.1.4.3. Cipher suite selection; 5.1.4.4. The final product; 5.1.4.5. Beyond the example; 5.2. Advanced Programming with SSL; 5.2.1.2. Server-side SSL sessions; 5.2.1.3. An on-disk, session caching framework; 5.2.2. I/O on SSL Connections; 5.2.2.2. Blocking I/O; 5.2.2.3. Non-blocking I/O; 5.2.3. SSL Renegotiations; 5.2.3.2. Renegotiations in 0.9.7; 5.2.3.3. Further notes; 6. Symmetric Cryptography; 6.1.2. Basic Block Cipher Modes; 6.2. Encrypting with the EVP API; 6.2.1.2. Blowfish; 6.2.1.3. CAST5; 6.2.1.4. DES
- 6.2.1.5. DESX
