Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Network Security with OpenSSL
SPECIAL OFFER: Upgrade this ebook with O’Reilly A Note Regarding Supplemental Files Preface
About This Book Conventions Used in This Book Comments and Questions Acknowledgments
1. Introduction
1.1. Cryptography for the Rest of Us
1.1.1. Goals of Cryptography 1.1.2. Cryptographic Algorithms
1.1.2.1. Symmetric key encryption 1.1.2.2. Public key encryption 1.1.2.3. Cryptographic hash functions and Message Authentication Codes 1.1.2.4. Digital signatures
1.2. Overview of SSL 1.3. Problems with SSL
1.3.1. Efficiency
1.3.1.1. Cryptographic acceleration hardware 1.3.1.2. Load balancing
1.3.2. Keys in the Clear 1.3.3. Bad Server Credentials 1.3.4. Certificate Validation 1.3.5. Poor Entropy 1.3.6. Insecure Cryptography
1.4. What SSL Doesn't Do Well
1.4.1. Other Transport Layer Protocols 1.4.2. Non-Repudiation 1.4.3. Protection Against Software Flaws 1.4.4. General-Purpose Data Security
1.5. OpenSSL Basics 1.6. Securing Third-Party Software
1.6.1. Server-Side Proxies 1.6.2. Client-Side Proxies
2. Command-Line Interface
2.1. The Basics
2.1.1. Configuration Files
2.2. Message Digest Algorithms
2.2.1. Examples
2.3. Symmetric Ciphers
2.3.1. Examples
2.4. Public Key Cryptography
2.4.1. Diffie-Hellman
2.4.1.1. Examples
2.4.2. Digital Signature Algorithm
2.4.2.1. Examples
2.4.3. RSA
2.4.3.1. Examples
2.5. S/MIME
2.5.1. Examples
2.6. Passwords and Passphrases 2.7. Seeding the Pseudorandom Number Generator
3. Public Key Infrastructure (PKI)
3.1. Certificates
3.1.1. Certification Authorities
3.1.1.1. Private Certification Authorities 3.1.1.2. Public Certification Authorities
3.1.2. Certificate Hierarchies 3.1.3. Certificate Extensions 3.1.4. Certificate Revocation Lists 3.1.5. Online Certificate Status Protocol
3.2. Obtaining a Certificate
3.2.1. Personal Certificates 3.2.2. Code-Signing Certificates 3.2.3. Web Site Certificates
3.3. Setting Up a Certification Authority
3.3.1. Creating an Environment for Your Certification Authority 3.3.2. Building an OpenSSL Configuration File 3.3.3. Creating a Self-Signed Root Certificate 3.3.4. Issuing Certificates 3.3.5. Revoking Certificates
4. Support Infrastructure
4.1. Multithread Support
4.1.1. Static Locking Callbacks 4.1.2. Dynamic Locking Callbacks
4.2. Internal Error Handling
4.2.1. Manipulating Error Queues 4.2.2. Human-Readable Error Messages 4.2.3. Threading and Practical Applications
4.3. Abstract Input/Output
4.3.1. Source/Sink BIOs
4.3.1.1. Memory sources/sinks 4.3.1.2. File sources/sinks 4.3.1.3. Socket sources/sinks 4.3.1.4. BIO pairs
4.3.2. Filter BIOs
4.4. Random Number Generation
4.4.1. Seeding the PRNG 4.4.2. Using an Alternate Entropy Source
4.5. Arbitrary Precision Math
4.5.1. The Basics 4.5.2. Mathematical Operations 4.5.3. Generating Prime Numbers
4.6. Using Engines
5. SSL/TLS Programming
5.1. Programming with SSL
5.1.1. The Application(s) to Secure 5.1.2. Step 1: SSL Version Selection and Certificate Preparation
5.1.2.1. Background 5.1.2.2. Certificate preparation 5.1.2.3. Our example extended
5.1.3. Step 2: Peer Authentication
5.1.3.1. Background 5.1.3.2. Incorporating trusted certificates 5.1.3.3. Certificate verification 5.1.3.4. Incorporating certificate revocation lists 5.1.3.5. Post-connection assertions 5.1.3.6. Further extension of the examples
5.1.4. Step 3: SSL Options and Cipher Suites
5.1.4.1. Setting SSL options 5.1.4.2. Ephemeral keying 5.1.4.3. Cipher suite selection 5.1.4.4. The final product 5.1.4.5. Beyond the example
5.2. Advanced Programming with SSL
5.2.1. SSL Session Caching
5.2.1.1. Client-side SSL sessions 5.2.1.2. Server-side SSL sessions 5.2.1.3. An on-disk, session caching framework
5.2.2. I/O on SSL Connections
5.2.2.1. Reading and writing functions 5.2.2.2. Blocking I/O 5.2.2.3. Non-blocking I/O
5.2.3. SSL Renegotiations
5.2.3.1. Implementing renegotiations 5.2.3.2. Renegotiations in 0.9.7 5.2.3.3. Further notes
6. Symmetric Cryptography
6.1. Concepts in Symmetric Cryptography
6.1.1. Block Ciphers and Stream Ciphers 6.1.2. Basic Block Cipher Modes
6.2. Encrypting with the EVP API
6.2.1. Available Ciphers
6.2.1.1. AES 6.2.1.2. Blowfish 6.2.1.3. CAST5 6.2.1.4. DES 6.2.1.5. DESX 6.2.1.6. Triple DES 6.2.1.7. IDEA 6.2.1.8. RC2™ 6.2.1.9. RC4™ 6.2.1.10. RC5™
6.2.2. Initializing Symmetric Ciphers 6.2.3. Specifying Key Length and Other Options 6.2.4. Encryption 6.2.5. Decryption 6.2.6. Handling UDP Traffic with Counter Mode
6.3. General Recommendations
7. Hashes and MACs
7.1. Overview of Hashes and MACs 7.2. Hashing with the EVP API 7.3. Using MACs
7.3.1. Other MACs
7.3.1.1. CBC-MAC 7.3.1.2. XCBC-MAC 7.3.1.3. XOR-MAC 7.3.1.4. UMAC
7.4. Secure HTTP Cookies
8. Public Key Algorithms
8.1. When to Use Public Key Cryptography 8.2. Diffie-Hellman
8.2.1. The Basics 8.2.2. Generating and Exchanging Parameters 8.2.3. Computing Shared Secrets 8.2.4. Practical Applications
8.3. Digital Signature Algorithm (DSA)
8.3.1. The Basics 8.3.2. Generating Parameters and Keys 8.3.3. Signing and Verifying 8.3.4. Practical Applications
8.4. RSA
8.4.1. The Basics 8.4.2. Generating Keys 8.4.3. Data Encryption, Key Agreement, and Key Transport 8.4.4. Signing and Verifying 8.4.5. Practical Applications
8.5. The EVP Public Key Interface
8.5.1. Signing and Verifying 8.5.2. Encrypting and Decrypting
8.6. Encoding and Decoding Objects
8.6.1. Writing and Reading DER-Encoded Objects 8.6.2. Writing and Reading PEM-Encoded Objects
9. OpenSSL in Other Languages
9.1. Net::SSLeay for Perl
9.1.1. Net::SSLeay Variables 9.1.2. Net::SSLeay Error Handling 9.1.3. Net::SSLeay Utility Functions 9.1.4. Net::SSLeay Low-Level Bindings
9.2. M2Crypto for Python
9.2.1. Low-Level Bindings 9.2.2. High-Level Classes
9.2.2.1. M2Crypto.SSL 9.2.2.2. M2Crypto.BIO 9.2.2.3. M2Crypto.EVP 9.2.2.4. Miscellaneous crypto
9.2.3. Python Module Extensions
9.2.3.1. Extensions to httplib: httpslib 9.2.3.2. Extensions to urllib: m2urllib 9.2.3.3. Extensions to xmlrpclib: m2xmlrpclib
9.3. OpenSSL Support in PHP
9.3.1. General Functions 9.3.2. Certificate Functions 9.3.3. Encryption and Signing Functions 9.3.4. PKCS#7 (S/MIME) Functions
10. Advanced Programming Topics
10.1. Object Stacks 10.2. Configuration Files 10.3. X.509
10.3.1. Generating Requests
10.3.1.1. Subject name 10.3.1.2. X.509 Version 3 extensions 10.3.1.3. Putting it all together
10.3.2. Making Certificates 10.3.3. X.509 Certificate Checking
10.4. PKCS#7 and S/MIME
10.4.1. Signing and Verifying 10.4.2. Encrypting and Decrypting 10.4.3. Combined Operations 10.4.4. PKCS#7 Flags
10.5. PKCS#12
10.5.1. Wrapping Information into a PKCS#12 Object 10.5.2. Importing Objects from PKCS#12 Data
A. Command-Line Reference
asn1parse ca ciphers crl crl2pkcs7 dgst dhparam dsa dsaparam enc errstr gendsa genrsa nseq passwd pkcs7 pkcs8 pkcs12 rand req rsa rsautl s_client s_server s_time sess_id smime speed spkac verify version x509
Index About the Authors Colophon SPECIAL OFFER: Upgrade this ebook with O’Reilly
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion