LP TRNH AN TON

Secure Programming

Lng nh Hong
hoangla@soict.hut.edu.vn

Mc ch
Cung cp cc kin thc, k thut c bn xy dng cc ng dng an ton.

Yu cu
Yu cu v kin thc:
An ninh mng Ngn ng lp trnh C/C++.

Ln lp y

Thi lng mn hc
Thi lng: 45 tit
L thuyt: 30 tit Bi tp:15 tit

Ti liu
Secure Program Cookbook for C and C++, Matt Messier, John Viega, O'Reilly 2003.

Ni dung
Chng 1. Kim tra u vo Chng 2. Kim sot truy nhp Chng 3. M ha i xng Chng 4. Hm bm v xc thc thng ip Chng 5. M ha cng khai Chng 6. Anti-Tampering Chng 7. Cc vn khc

nh gi
Bi tp ln: 70% Qu trnh: 30%

Chng 1. Kim tra u vo

Input Validation

Lng nh Hong
hoangla@soict.hut.edu.vn

Ni dung
1.1 Nguyn tc kim tra. 1.2 Cc hm nh dng xu (string formatting) . 1.3 Trn b m. 1.4 Trn s hc. 1.5 Kim tra tn file v ng dn. 1.6 Gii m URL 1.7 Cross-Site Scripting 1.8 SQL Injection

1.1 Cc nguyn tc kim tra

Lun lun gi nh d liu u vo l khng ng tin cy
D liu t mng trong m hnh client-server D liu t ngi dng D liu t tp tin

u tin loi b d liu hn l c gng sa cha d liu. Thc hin kim tra u vo ti nhiu cp, nhiu im
Kim tra u vo cc hm Kim tra u vo gia cc module.

Khng tip nhn lnh trc tip t ngi dng nu cha qua kim tra. Kim tra cc k t c bit, du nhy. Tm hiu v s dng c ch trch dn (quoting mechanism) nu cn. Cng hiu v d liu bao nhiu cng lc c tt by nhiu.
10

1.2 Cc hm nh dng xu
H cc hm printf() , syslog() cho php nh dng d liu rt mm do v mnh m tuy nhin cng cc k nguy him. Thn trng khi s dng %n
Tham s %n cho php ghi ra s lng k t kt xut c ra mt a ch bt k ch ra trong tham s tng ng. Nu khng tn ti tham s no th printf s ghi ln mt vng no thuc stack ca lung ang thc thi. VD. int counter = 0; printf(Hello%n,&counter); // OK, counter = 5 printf(Hello%n); // Nguy him !!! Xu nh dng c ngun gc t ngoi chng trnh c th c mt vi k t c bit m chng trnh cha lng trc c, hoc khng c tham s thay th tng ng. VD. char str[1024]; gets(str); printf(str); // Nguy him !!! printf(%s,str); // OK 11

Khng s dng trc tip xu nh dng t ngun bn ngoi

1.2 Cc hm nh dng xu
Thn trng khi s dng sprintf, vsprintf vi %s
Cc hm trn u gi nh kch thc b m cho xu ch l v hn. Nn ch r s lng k t ti a s s dng khi dng vi %s. Nn s dng snprintf, vsnprintf nu c th. VD char str[1024]; char dst[32]; gets(str); sprintf(dst,Xau vua nhap vao la %s,str); // Nguy him sprintf(dst,Xau vua nhap vao la %.16s,str); // OK snprintf(dst,32,Xau vua nhap vao la %s,str);// OK

12

1.3 Trn b m
Trn b m: copy d liu vt qu bin ca mt b m no => ln vng nh ca bin (cu trc) khc. Phn ln cc hm x l xu trong C u khng thc hin kim tra bin ca b m: gets, strcpy, VD1: D liu b hng
int x = 0; char buff[8]; strcpy(buff,Hello AAAAAAAAAAAAAAAAAAAAAAAAAAAAA); printf(%d,x);

VD2: Stack b hng

char name[8]; gets(name); printf(name);

13

1.3 Trn b m
VD3: Khng tr v c t chng trnh con
void Hello() { char name[8]; printf(What is your name ?); gets(name); printf(Hello %s !, name); } void main() { Hello(); printf(Bye); }

14

1.3 Trn b m
VD4: Tn cng c ch trn b m
void Bye() { } void Hello() { void (*p)() = Bye; char name[8]; printf(What is your name ?); gets(name); printf(Hello %s !, name); p(); } void main() { Hello(); } printf(Bye);

15

1.3 Trn b m
Gii php:
S dng cc hm strncpy, memcpyv nhng hm c kim sot kch thc b m mt cch tng minh. S dng Stack Guard trong cc trnh bin dch h tr. S dng DEP (Data Execution Preventation) trn h iu hnh h tr. S dng ASLR (Address Space Layout Randomization) trn trnh bin dch v h iu hnh h tr.

16

1.4 Trn s hc
D liu nhn v c th c sai st trong trng lin quan n kch thc. Cc thao tc lin quan n s nguyn ln c th b trn, ln ln gia s nguyn khng du v c du VD1: Trn s VD2: Dng sai kiu c/khng du
unsigned int x = 0xFFFFFFFF; // MAX_INT if ( x+5 > 5 ) printf (X > 0 ) else printf(X < 0);

if (x < MAX_SIZE) { // x, s byte cn cp pht ty theo gii thut tnh c if (!(ptr = (unsigned char *)malloc(x))) abort( ); } else { /* Handle the error condition ... */ }

17

1.5 Kim tra tn file v ng dn

D liu nhn v c th l tn file, ng dng cn xc nh ng dn tuyt i nu cn thit. Dng hm realpath() trn Unix/Linux v GetFullPathName trn Windows. S dng realpath()
Nguyn mu:
char *realpath(const char *pathname, char resolved_path[MAXPATHLEN]);

Thn trng: C th trn resolved_path v khng thread-safe. Th vin: stdlih.h VD

char resolved[1024]; char * result = realpath("printf.c",resolved); printf("%s",result);

18

1.5 Kim tra tn file v ng dn

S dng GetFullPathName()
Th vin: windows.h Nguyn mu: VD:
DWORD GetFullPathName(LPCTSTR lpFileName, DWORD nBufferLength, LPTSTR lpBuffer, LPTSTR *lpFilePath); int LPTSTR nBufferLen = 0; lpBuffer;

nBufferLen = GetFullPathName(L"test.c",0,0,0); if (nBufferLen>0) { lpBuffer = new TCHAR[nBufferLen+1]; GetFullPathName(L"test.c",nBufferLen,lpBuffer,0); wprintf(L"%s",lpBuffer); }

19

1.6 Gii m URL

RFC 1738 quy nh cch m ha cc k t khng nhn thy c trong URL di dng %<M hexa>. VD: http://m%61il.google.com
http://m%25%36%31il.google.com

Cch gii m: duyt t u n cui , tm cc k t % v thay th bng m ASCII tng ng. Khng s dng cc hm x l xu chun v c th c k t NULL trong URL.

20

1.7 Cross-Site Scripting

Cross-Site Scripting (XSS) l hnh thc tn cng vo trnh duyt ngi dng bt ngun t vic kim tra lng lo t server. C th dn n tht thot thng tin nhy cm: mt khu, session, cookie Thc hin bng cch chn m HTML/JAVASCRIPT vo d liu s hin th ra trnh duyt => on m s chy trn trnh duyt ca nn nhn. VD. Mt ng dng web c hai trang
Hello.php: Hin th form v nhn tn ca ngi dng. Chao.php: hin th tn nhn c li cho ngi dng.

21

1.7 Cross-Site Scripting

File Hello.php
<HTML> Xin cho, vui lng nhp tn bn <FORM action="chao.php" method=POST"> <input type="text" name="name"/><br/> <input type="submit" value="Submit"> </FORM> </HTML> <?PHP echo "Xin chao ".$_POST['name']; ?> Vi tn l : Secure Vi tn l: Secure <script>alert('XSS was found !');</script> Vi tn l: Secure <s%63ript>alert(Hacked);</s%63ript>

File Chao.php

Demo

Gii php: Lc b cc th HTML khi d liu t ngi dng. Mi ngn ng lp trnh c mt cch ring.
22

1.8 SQL Injection

SQL Injection: Tn cng vo CSDL thng qua d liu nhp t trnh duyt. Li dng vic kim tra lng lo t u vo, chn m lnh SQL vo cc truy vn n CSDL ca ng dng web. Thng li dng du nhy kt thc cu truy vn SQL hoc thm cc cu truy vn khc. VD: Lnh so snh tn v mt khu trong SQL
select * from users where username = $user and password = $pass Nu $user hoc $pass cha du th SQL s hiu nhm ni dung truy vn

Cc k thut khai thc: An ninh mng VD: Mt ng dng web mun kim tra tn v mt khu gm hai trang
ask.php: Hin form ng nhp v thu nhn tn, mt khu login.php: Kt ni n CSDL v kim tra
23

1.8 SQL Injection

VD (tip
File ask.php
<HTML> Vui long nhap ten va mat khau <FORM action="login.php" method="GET"> Ten: <INPUT type="text" name="user"/><BR/> Mat khau:<INPUT type="text" name="pass"/><BR/> <INPUT type="submit" name="Submit"> </FORM>

24

1.8 SQL Injection

VD (tip)
File login.php
<?PHP $db_server = "localhost"; $db_username= "root"; $db_password= "123456"; $db = "test"; $table = "users"; $conn = mysql_connect($server,$db_username,$db_password); if (!$conn) { echo "Khong ket noi dc den CSDL"; return; } $ret = mysql_select_db($db,$conn);

25

1.8 SQL Injection

{ echo "Khong ton tai CSLD tuong ung"; return; } $user = $_GET['name']; $pass = $_GET['pass']; $sql = "select * from $table where username='$user' and password='$pass'"; echo $sql; $ret =mysql_query($sql,$conn); if (mysql_num_rows($ret)>0) echo "Dang nhap thanh cong"; else echo "Sai ten hoac mat khau"; ?> if (!$ret)

26

1.8 SQL Injection

Tn cng
username = a or 1=1 password = b or 1=1

Phng chng
Loi b tt c cc du v cc k t c bit nu cn. S dng escaped string Vi php/mysql: mysql_real_escape_string, hoc thm \. Vi SQL server: thm k t trc k t c bit. Vi Oracle DB: thm k t \ trc k t c bit.

27

Chng 2. Kim sot truy nhp

Access Control

Lng nh Hong
hoangla@soict.hut.edu.vn

Ni dung
2.1 C ch kim sot truy nhp trn Unix/Linux 2.2 C ch kim sot truy nhp trn Windows 2.3 H thp quyn truy nhp ca tin trnh 2.4 Xa file an ton 2.5 Hn ch quyn truy nhp trn file 2.6 Kha file 2.7 To file tm 2.8 Hn ch truy nhp n h thng file

29

2.1 C ch kim sot truy nhp trn Unix/Linux

Trn Unix/Linux tt c cc ti nguyn u c coi l file: tp tin, a, b nh, thit b. Mi file kim sot bi user id v group id. Mi tin trnh c ba quyn: effective user id, real user id, saved user id. Effective user id c s dng trong phn ln cc kim tra. Mi tin trnh cng thuc v ba nhm: effective group id, real group id, saved group id. C ba loi quyn
c (read) Ghi (write) Thc thi (execute)

30

2.1 C ch kim sot truy nhp trn Unix/Linux

Mi file s c ba nhm quyn tng ng vi: user id, group id, v other.
-rwxr-xr-x 1 Luong Anh Hoang None 17964 Aug 28 23:45 test.exe

Khi tin trnh to mt file hoc ti nguyn, h thng s gn user id v group id cho file mi bng effective user id v effective group id ca tin trnh. Khi tin trnh truy nhp mt file hoc ti nguyn, h thng s ln lt so snh user id, group id ca tin trnh v file v chn ra tp quyn tng ng. Nu khng khp th lp quyn th 3 s c s dng.

31

2.1 C ch kim sot truy nhp trn Unix/Linux

Mi file cng c th c 3 bit c bit
Sticky. Nu bit ny c thit lp, ngi dng s khng th xa hay i tn file ca ngi khc nm trong thc mc m ngi dng qun l. Mc nh l khng c thit lp. Setuid: Bit ny lin quan n qu trnh to mt tin trnh mi. Nu bit ny c thit lp, tin trnh c to t file ny s khng k tha quyn t tin trnh cha, m s c quyn t user id ca chnh file . Setgid: i vi file thc thi, nu bit ny c thit lp th mt tin trnh mi c to s c quyn t groupd id ca file ch khng k tha t tin trnh cha (tng t Setuid). i vi thc mc, nu bit ny c thit lp th cc file to trong th mc ny s c groupd id ca th mc cha, ch khng k tha t tin trnh to ra file .

32

2.2 C ch kim sot truy nhp trn Windows

Windows s dng ACL: Access Control List phn quyn ti nguyn. Cc ti nguyn ca Windows: file, registry, mutex, event, IPC c kim sot thng qua DACL v SACL. DACL l danh sch cc ACE, mi ACE l mt lut quy nh mt quyn hn c th. DACL rng tng ng vi vic tt c mi ngi c ton quyn truy nhp ti i tng. Mi ACE bao gm 3 thng tin:
SID: i din cho mt user hay mt group trong h thng Quyn truy nhp Gi tr boolean tng ng vi cho php hay khng cho php.

33

2.2 C ch kim sot truy nhp trn Windows

Cc quyn truy nhp
TN DELETE READ_CONTROL SYNCHRONIZE WRITE_DAC WRITE_OWNER GENERIC_READ GENERIC_WRITE GENERIC_EXECUTE GENERIC_ALL Din gii The ability to delete the object The ability to read the object's security descriptor, not including its SACL The ability for a thread to wait for the object to be put into the signaled state; not all objects support this functionality The ability to modify the object's DACL The ability to set the object's owner The ability to read from or query the object The ability to write to or modify the object The ability to execute the object (applies primarily to files) Full control

34

2.2 C ch kim sot truy nhp trn Windows

V d ACE
DENY GENERIC_ALL Everyone: Cm mi quyn vi group Everyone ALLOW GENERIC_WRITE Marketing: Cho php nhm group Marketing c quyn ghi

Mi i tng u c mt Owner, chnh l ngi to ra i tng. Owner c ton quyn vi i tng bt k trong DACL c cm hay khng. Owner c th b chim bi user khc.

35

2.3 H thp quyn truy nhp ca tin trnh

Nu mt tin trnh c c quyn cao, thc hin cc thao tc nguy him => cn h thp quyn trc khi thc hin. Tin trnh c th kim tra real user id, real group id bng lnh getuid (), getgid(). y l cc c quyn k tha t tin trnh cha. Tin trnh c th kim tra effective user id v effective group id bng lnh geteuid() v getegid(). y thng l user id c c quyn cao hn (do c khi chy t super user, hoc cc bit setuid c bt). Tin trnh t b c quyn bng vic thit lp group mi chnh l real user id qua lnh
setgroups(): Thit lp li nhm ca tin trnh. setegid(): Thit lp li effective group id ca tin trnh. seteuid(): Thit lp li effective user id ca tin trnh.

36

2.4 Xa file an ton

Thng thng, mt file sau khi xa s c h iu hnh nh du l xa, ni dung cha hon ton b loi b trn a. Gii php
Ghi thng tin khc nhiu ln ln a. Ghi d liu ngu nhin nhiu ln ln a. Ghi s dng mu nh sn ln a. Sau mi chu k ghi, s dng fsync ng b vi a, v hiu ha c ch cache. Hoc lnh fflush() nu s dng th vin C.

Mt vi mu c s dng
static unsigned char single_pats[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }; static unsigned char triple_pats[6][3] = { { 0x92, 0x49, 0x24 }, { 0x49, 0x24, 0x92 }, { 0x24, 0x92, 0x49 }, { 0x6d, 0xb6, 0xdb }, { 0xb6, 0xdb, 0x6d }, { 0xdb, 0x6d, 0xb6 } };

37

2.5 Hn ch quyn truy nhp trn file

Unix/Linux s dng umask cho mi tin trnh v hiu ha mt vi bit khi tin trnh to file. Hm fopen, open lun lun to file vi quyn 666. Gi s tin trnh mun to file vi quyn 666:
requested_permissions = 0666; actual_permissions = requested_permissions & ~umask( );

ng dng thay i umask bng hm umask() trc khi thc hin li gi to file.
#include <sys/types.h> #include <sys/stat.h> mode_t umask(mode_t mask);

38

2.6 Kha file

Tin trnh mun kim sot truy nhp trn mt phn ca file hay ton b file trnh xung t khi c nhiu tin trnh cng truy nhp trn file. Unix/Linux cung cp c ch kha mm: Mi tin trnh u c quyn ginh c kha v thao tc trn file, tuy nhin khng phi tin trnh no cng tun th theo kha v c th ph hng d liu ca tin trnh khc. Windows thc hin vn ny tt hn bng kha cng. C hai loi kha:
Shared Lock: Cho php cc tin trnh khc (k c tin trnh ginh c kha) c nhng khng c ghi vo mt phn kha ca file. Exclusive Lock : Cm tt c cc tin trnh khc khng c c hay ghi vo phn kha ca file. Tin trnh ginh c kha c quyn c hoc ghi vo file.
39

2.6 Kha file

Cc hm kha file trn Windows
LockFile, UnlockFile: Kha v m kha ng b, s khng tr v n khi ginh c kha hoc m c kha. LockFileEx, UnlockFileEx: Kha v m kha ng b hoc bt ng b.

Kha file cng c th xc nh lc to lp/truy nhp file thng qua hm CreateFile. on chng trnh sau s m mt file c vi ch Shared Lock.
char buff[1024]; DWORD bytesRead = 0; HANDLE fileHandle = NULL; fileHandle = CreateFile(L"C:\\SecureProgramming\\Test.txt", GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, 0, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0); 40

2.6 Kha file

VD (tip)
ReadFile(fileHandle,buff,128,&bytesRead,0); buff[bytesRead] = 0; printf("File content:%s\n",buff); LockFile(fileHandle,0,0,100,0); // Exclusive Lock printf("File is locked, press any key to unlock...\n"); getch(); UnlockFile(fileHandle,0,0,100,0); printf("File is unlocked\n"); getch(); CloseHandle(fileHandle);

41

2.7 To file tm
ng dng to file tm lu tr thng tin tm thi ca chng trnh. File tm nn c to lp mt cch an ton, v xa khi kt thc chng trnh. Trn unix/linux:
Hm mkstemp() c th s dng to file tm vi tn ngu nhin. ng dng cn xa file theo tn, ngay sau li gi mkstemp m bo khng tin trnh no truy nhp c. Sau khi tin trnh kt thc mt cch bnh thng/khng bnh thng, file tm s khng th truy nhp c na. VD char szPath[] = fileXXXXXX"; int fd; fd = mkstemp(szPath); unlink(szPath); printf("Temperary file created, press any key to continue..."); write(fd,"Hello",5); close(fd); 42

2.7 To file tm
Trn Windows:
Khng c hm tng ng mkstemp() GetTempFileName() sinh tn file ngu nhin nhng d on. GetTempPath() ly ng dn n th mc tm ca ngi dng hin ti. To file bng hm CreateFile vi hai thuc tnh FILE_ATTRIBUTE_TEMPORARY v FILE_FLAG_DELETE_ON_CLOSE VD HANDLE fileHandle = NULL; fileHandle = CreateFile(L"C:\\SecureProgramming\\Tmp.txt", GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, 0, OPEN_ALWAYS, FILE_ATTRIBUTE_TEMPORARY| FILE_FLAG_DELETE_ON_CLOSE, 0);

43

2.8 Hn ch truy nhp n h thng file

Trn Unix/Linux, ng dng c th t gii hn phm vi truy nhp h thng tp tin ca mnh bng lnh chroot() Sau khi gi chroot():
Tin trnh khng th m rng phm vi truy nhp bng lnh chroot ln na.. Tin trnh ch c th thu hp hn na phm vi truy nhp ca mnh. Tin trnh phi ch ng gi thm chdir() lnh chroot c hiu lc.

VD:
#include <unistd.h> chroot("/new/root/directory"); chdir("/");

44

Chng 3. M ha i xng
Symmetric Crytography

Lng nh Hong
hoangla@soict.hut.edu.vn

Ni dung
3.1 Biu din kha 3.2 Chuyn i chui hexa v kha nh phn. 3.3 M ha v gii m Base64 3.4 Cc phng php m ha i xng 3.5 M ha i xng vi OpenSSL 3.6 M ha i xng vi Microsoft Crypto API

46

3.1 Biu din kha

Kha i xng: Mt s rt ln s dng m ha v gii m thng ip. Biu din kha:
Phn tch thnh cc byte v lu di dng mt mng. unsigned char key[KEYLEN_BYTES] Biu din di dng s nguyn ln nu kha c chiu di 64-bit long long key Biu din di dng chui ch s hexa char key[]=AF12B5C7E0 Biu din di dng xu ASCII (mt khu). char key[]=secret!!! Lu v tnh endian ca my thc hin m ha.

47

3.2 Chuyn i chui hexa v kha nh phn

Chuyn i kha nh phn sang dng chui ch s hexa
#define MAX_KEY_LEN 32 unsigned char key[MAX_KEY_LEN]; char result[MAX_KEY_LEN*2+1]; for (int i=0;i<MAX_KEY_LEN;i++) sprintf(result+i*2,"%2X",key[i]); printf("Key:%s",result);

48

3.2 Chuyn i chui hexa v kha nh phn

Chuyn i chui hexa sang kha nh phn
char Hex2Dec(char c) { if (('a'<=c)&&(c<='z')) return c - 'a'+10; if (('A'<=c)&&(c<='Z')) return c - 'A'+10; if (('0'<=c)&&(c<='9')) return c - '0'; return -1; }
#define MAX_KEY_LENGTH 32 char hexa[]="AF125C4D8E"; unsigned char key[MAX_KEY_LENGTH]; int keylen = strlen(hexa); char c1,c2; if ((keylen%2!=0)||(keylen/2 > MAX_KEY_LENGTH)) printf("Invalid key length"); keylen = keylen/2; for (int i=0;i<keylen;i++) { c1 = Hex2Dec(hexa[i*2]); c2 = Hex2Dec(hexa[i*2+1]); if ((c1==-1)||(c2==-1)) { printf("Invalid character !!!"); break; }; key[i] = (c1<<4)|c2; };

49

3.3 M ha v gii m Base64

M ha Base64
S dng 6-bit m ha d liu v biu din di dng cc ch ci ASCII. C 3 byte d liu vo s c biu din thnh 4 byte d liu ra. Cc k t ra nm trong khong: A Z tng ng cc gi tr ca t m t 0-25. a z tng ng cc gi tr ca t m t 26-51. 0- 9 tng ng cc gi tr t m t 52-61. + , - tng ng vi cc gi tr m 62,63. Nu d liu vo c kch thc khng chia ht cho 3 s th c thm vo bng k t =. VD D liu gc: A 0100.0001 D liu m ha dng Base64: 010000.010000.000000.000000 ~ QQ== D liu gc: AA 0100.0001.0100.0001 D liu m ha dng Base64: 010000.010100.000100.000000 ~ QUE= D liu gc: AAA 0100.0001.0100.0001.0100.0001 D liu dng m ha Base64: 010000.010100.000101.000001 ~ QUFB

50

3.3 M ha v gii m Base64

M ha Base64
Value 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Char A B C D E F G H I J K L M N O P Value 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Char Q R S T U V W X Y Z a b c d e f Value 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 Char g h i j k l m n o p q r s t u v Value 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 Char w x y z 0 1 2 3 4 5 6 7 8 9 + /

51

3.3 M ha v gii m Base64

on chng trnh m ha Base64: P4.5 Secure C Programming Cookbook on chng trnh gii m Base64: P4.6 Secure C Programming Cookbook

52

3.4 Cc phng php m ha i xng

AES AES Triple DES SNOW 2.0 RC4 Serpent Blowfish

M ha i xng: S dng chung mt kha cho m ha v gii m C hai loi: M khi v m dng C nhiu ch m ha: ECB, CBC, CFB, OFB, CTR, CWC C nhiu gii thut:
Cipher Key size 128 bits[5] 128 bits 192 bits[7] 128 or 256 bits Up to 256 bits (usually 128 bits) 128, 192, or 256 bits Up to 256 bits (usually 128 bits) Speed[4] 14.1 cpb in asm, 22.6 cpb in C 41.3 cpb 108.2 cpb 6.4 cpb 10.7 cpb 35.6 cpb 23.2 cpb Implementation Brian Gladman's[6] OpenSSL OpenSSL Fast reference implementation[8] OpenSSL Fast reference implementation OpenSSL It gets a lot faster on 64-bit platforms and is at least as fast as AES in hardware. This implementation is written in C. Notes The assembly version currently works only on Windows.

53

3.5 M ha i xng vi OpenSSL

Th vin OpenSSL: Th vin m ngun m, mnh m v d s dng. OpenSSL h tr:
Nhiu thut ton m ha: AES, DES , 3DES, Blowfish, CAST, Idea, RC2, RC5. Nhiu ch m ha: ECB, CBC, CFB, OFB, CTR M ha dng: RC4. Cc gii thut bm: MD2, MD4, MD5,SHA-1,SHA-224,SHA-256 MAC: HMAC. MDC2 Cc gii thut m ha cng khai: DH, DSA, RSA, ECC

S dng th vin:
Trn Unix/Linux: Ti source v v bin dch. Kt qu l file libcrypto.[so/a], libssl.[so/a] v cc file .h include vo chng trnh. Trn Windows: Ti bn binary bin dch sn: libeay32.dll, ssleay32.dll, tp tiu (.h) v tp th vin (.lib). Link http://www.ie7pro.com/openssl.html

54

3.5 M ha i xng vi OpenSSL

Giao din OpenSSL EVP
L API mc cao ca OpenSSL, cho php truy nhp n cc thut ton mc thp mt cch tp trung, d dng. Tp tiu <openssl/evp.h>. Tp th vin: libeay32.lib, ssleay32.lib

M ha AES vi OpenSSL EVP.

Khi to kha, vector khi to, salt vi EVP_BytesToKey hoc t chn mt b Key, IV no . Khi to ng cnh m ha vi hm EVP_EncryptInit_ex. Khi to ng cnh gii m vi hm EVP_DecryptInit_ex. M ha d liu bng vic lin tc gi hm EVP_EncryptUpdate, kt thc qu trnh m ha bng hm EVP_EncryptFinal_ex. Gii m d liu bng vic lin tc gi hm EVP_DecryptUpdate, kt thc qu trnh gii m bng hm EVP_DecryptFinal_ex.

55

3.5 M ha i xng vi OpenSSL

VD
Sinh key v iv bng hm EVP_BytesToKey char key[32]; char iv[32]; char * key_data = nopass; unsigned int salt[] = {12345, 54321}; EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt, key_data, 6, 1, key, iv); Khi to ng cnh m ha vi key v iv chn EVP_CIPHER_CTX e_ctx; EVP_CIPHER_CTX_init(&e_ctx); EVP_EncryptInit_ex(&e_ctx, EVP_aes_256_cbc(),NULL, key, iv); Khi to ng cnh gii m vi key v iv chn EVP_CIPHER_CTX d_ctx; EVP_CIPHER_CTX_init(&d_ctx); EVP_DecryptInit_ex(&d_ctx, EVP_aes_256_cbc(),NULL, key, iv);
56

3.5 M ha i xng vi OpenSSL

VD (tip)
M ha vi ng cnh c khi to char * plaintext=Hello; int len = strlen(plaintext); char ciphertext[1024]; int c_len = 0, f_len = 0; /* Gi li hm ny cho php OpenSSL s dng li ng cnh phin m ha trc */ EVP_EncryptInit_ex(e, NULL, NULL, NULL, NULL); // Mi chu k Update, c_len s cha s byte ca xu m c EVP_EncryptUpdate(e, ciphertext, &c_len, plaintext, len); // Cui chu k Update, f_len s cha s byte cn li ca xu m EVP_EncryptFinal_ex(e, ciphertext+c_len, &f_len);
57

3.5 M ha i xng vi OpenSSL

VD (tip)
Gii m vi ng cnh c khi to char plaintext[1024]; int p_len = 0; /* Gi li hm ny cho php OpenSSL s dng li ng cnh phin gii m ha trc */ EVP_DecryptInit_ex(e, NULL, NULL, NULL, NULL); // Gii m vi ciphertext v len c cung cp trc EVP_DecryptUpdate(e, plaintext, &p_len, ciphertext, *len); // Kt thc qu trnh gii m, cp nht d liu cn li vo plaintext. EVP_DecryptFinal_ex(e, plaintext+p_len, &f_len);

58

3.6 Microsoft Crypto API

Th vin CryptoAPI
Cung cp cc hm mt m hc c bn thng qua cc Cryptographic Service Providers (CSP). Microsoft Base Cryptographic Service Provider: RC2, RC4, DES Microsoft Enhanced Cryptographic Service Provider: Triple-DES Microsoft AES Cryptographic Service Provider: AES Cung cp cc hm m ha v gii m chng th s, v ng thi b sung cc hm bm. Cung cp cc hm qun l v lu tr chng th s. Cc hm m thng ip ha mc cao (Simplified Message Functions). Cc hm m ha thng ip mc thp (Low-Level Message Functions).

59

3.6 Microsoft Crypto API

Th vin CryptoAPI

60

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
Tp tiu wincript.h Th vin Crypt32.lib Trnh t s dng
Khi to Provider To kha
Ngu nhin T mt khu T bn ngoi

t ch m
CBC ECB

Thc hin M ha/Gii m

Thit lp vector khi to

61

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
Khi to ng cnh Provider thng qua hm CryptAcquireContext BOOL WINAPI CryptAcquireContext(__out HCRYPTPROV* phProv, __in LPCTSTR pszContainer, __in LPCTSTR pszProvider, __in DWORD dwProvType, __in DWORD dwFlags ); VD: HCRYPTPROV hProvider; if (!CryptAcquireContext(&hProvider, 0, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) return 0;

62

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
S dng Key thng qua mt trong ba hm. Kt qu tr v l i tng HCRYPTKEY CryptGenKey( ): Sinh kha ngu nhin. CryptDeriveKey( ): Sinh kha t mt khu. CryptImportKey( ) : Sinh kha t mt i tng trong b nh. VD1. Sinh kha ngu nhin
DWORD dwFlags; HCRYPTKEY hKey; DWORD dwSize = 256; dwFlags = ((dwSize << 16) & 0xFFFF0000) | CRYPT_EXPORTABLE; if (!CryptGenKey(hProvider, CALG_AES_256, dwFlags, &hKey)) return 0;

63

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
VD2. Sinh kha t mt khu: Cn phi bm mt khu v truyn vo hm CryptDeriveKey char * password = nopass; BOOL bResult; DWORD cbData; HCRYPTKEY hKey; // Lu Key HCRYPTHASH hHash; // Lu gi tr bm ca mt khu if (!CryptCreateHash(hProvider, CALG_SHA1, 0, 0, &hHash)) // Khi to hm bm return 0; cbData = lstrlen(password) * sizeof(TCHAR); if (!CryptHashData(hHash, (BYTE *)password, cbData, 0)) // Bm mt khu { CryptDestroyHash(hHash); return 0; } // To key t gi tr bm ca mt khu bResult = CryptDeriveKey(hProvider, CALG_AES_256, hHash, CRYPT_EXPORTABLE, &hKey); 64 CryptDestroyHash(hHash);

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
Thit lp ch m ha CBC vi hm CryptSetKeyParam DWORD dwMode = CRYPT_MODE_CBC; CryptSetKeyParam(hKey, KP_MODE, (BYTE *)&dwMode, 0); Sinh ngu nhin vector khi to (IV) BOOL bResult; // Lu kt qu BYTE *pbTemp; // Lu vector khi to DWORD dwBlockLen, dwDataLen; dwDataLen = sizeof(dwBlockLen); // Ly kch thc block ca thut ton m ha if (!CryptGetKeyParam(hKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwDataLen, 0)) return 0; dwBlockLen /= 8; if (!(pbTemp = (BYTE *)LocalAlloc(LMEM_FIXED, dwBlockLen))) return FALSE; // Sinh ngu nhin IV bResult = CryptGenRandom(hProvider, dwBlockLen, pbTemp); // Thit lp IV bResult = CryptSetKeyParam(hKey, KP_IV, pbTemp, 0); 65 LocalFree(pbTemp);

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
M ha vi CryptEncrypt Vi cc gii thut m ha dng th kch thc d liu ra = kch thc d liu vo. Vi cc gii thut m ha khi th kch thc d liu ra <= kch thc d liu vo + kch thc khi. Hm CryptEncrypt s ghi d liu m ha c vo b m cha d liu vo. on chng trnh thc hin m ha chung cho c hai loi. ALG_ID char char DWORD Algid; // Gii thut m * pbData = "Hello CryptAPI"; // Xu ngun cn m * pbResult = 0; // Xu kt qu dwDataLen = 0,dwBlockLen = 0; cbData = strlen(pbData); // Chiu di xu ngun dwDataLen = sizeof(ALG_ID); // Ly thng tin v gii thut m ha vi key cho trc if (!CryptGetKeyParam(hKey, KP_ALGID, (BYTE *)&Algid, &dwDataLen, 0)) return 0; 66

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
M ha vi CryptEncrypt if (GET_ALG_TYPE(Algid) != ALG_TYPE_STREAM) // M ha khi { dwDataLen = sizeof(DWORD); ret = CryptGetKeyParam(hKey, KP_BLOCKLEN, (BYTE*)&dwBlockLen, &dwDataLen, 0); // Ly kch thc block theo bit dwBlockLen = dwBlockLen/8; // i kch thc block ra n v byte // Cp pht b nh cha kt qu pbResult = (char*)malloc(cbData+dwBlockLen); memcpy(pbResult,pbData,cbData); // Thc hin m ha, kt qu l dwDataLen byte lu trong pbResult dwDataLen = cbData; CryptEncrypt(hKey, 0, TRUE, 0, (BYTE*)pbResult, &dwDataLen, cbData+16)) ; } 67

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
M ha vi CryptEncrypt (tip) else // M ha dng { // Cp pht b nh lu kt qu pbResult = (char*)malloc(cbData); // Bo ton d liu ngun memcpy(pbResult,pbData,cbData); // Thc hin m ha CryptEncrypt(hKey,0,TRUE,0,pbResult,&dwDataLen,cbData); }

68

3.6 Microsoft Crypto API

S dng th vin CryptoAPI thc hin m ha i xng thng ip vi thut ton AES.
Gii m vi CryptDecrypt Kch thc d liu ch <= kch thc d liu ngun Thc hin n gin hn so vi CryptEncrypt V d char * pbData ; // D liu ngun DWORD cbData; // Kch thc ngun char * pbResult; // D liu ch DWORD dwDataLen; // Kch thc ch // Cp pht b nh v sao chp d liu ngun vo ch pbResult = (char*)malloc(cbData); memcpy(pbResult, pbData, cbData); dwDataLen = cbDataLen; // Gii m, kt qu l dwDataLen byte lu trong pbResult CryptDecrypt(hKey,0,TRUE,0,pbResult,&dwDataLen); 69

3.6 Microsoft Crypto API

Trao i kha vi OpenSSL
CryptoAPI khng cho php nhp v xut kha dng th nh OpenSSL. trao i kha vi th vin khc, cn m ha kha theo gii thut AT_KEYEXCHANGE, v thc hin nhp xut di dng cu trc BLOB. Hm CryptImportKeyv CryptExportKey dng thc hin nhp xut kha. Xem thm phn 5.26, 5.27 trong Secure Programming Cookbook.

70

Chng 4. Hm bm v xc thc thng ip

Hashes and Message Authentication

Lng nh Hong
hoangla@soict.hut.edu.vn

Ni dung
4.1 Cc loi hm bm v MAC thng dng 4.2 Bm vi OpenSSL 4.3 Bm d liu vi CryptoAPI 4.4 Xc thc thng ip vi HMAC 4.5 Salt

72

4.1 Cc hm bm v MAC thng dng

Hm bm (hashes)
Nhn u vo l mt xu v u ra l mt chui bit c chiu di xc nh. T l ng rt nh. Dng kim tra tnh ton vn ca d liu nhng khng m bo tnh xc thc ca d liu. Thng kt hp vi m hnh m ha cng khai ch khng s dng mt mnh. Cc gii thut bm thng dng: MD5, SHA1

73

4.1 Cc hm bm v MAC thng dng

Hm bm (hashes)
Algorithm Davies-Meyer-AES128 MD2 MD4 MD5 MDC-2-AES-128 MDC-2-DES RIPEMD-160 SHA1 SHA-256 SHA-384 SHA-512 Digest size Small message Security confidence speed (64 bytes), in cycles per byte[2] 46.7 cpb 392 cpb 32 cpb 40.9 cpb 93 cpb 444 cpb 62.2 cpb 53 cpb 119 cpb 171 cpb 171 cpb Large message speed (8K), in cycles per byte 57.8 cpb 184 cpb 5.8 cpb 7.7 cpb 116 cpb 444 cpb 20.6 cpb 15.9 cpb 116 cpb 166 cpb 166 cpb Uses block cipher

128 bits (same length Good as cipher block size) 128 bits 128 bits 128 bits 256 bits 128 bits 160 bits 160 bits 256 bits 384 bits 512 bits Good to low Insecure Very low, may be insecure Very high Good High High Very high Very high Very high

Yes No No No Yes Yes No No No No No

74

4.1 Cc hm bm v MAC thng dng

Xc thc thng ip (Message Authentication Code)
Nhn u vo l mt xu v mt kha b mt, u ra l mt m c chiu di xc nh. Dng kim tra tnh ton vn v xc thc ca d liu. Cc gii thut thng dng: OMAC, CMAC, HMAC

75

4.1 Cc hm bm v MAC thng dng

Xc thc thng ip (Message Authentication Code)
MAC Built upon Small message Large message speed (64 speed (8K) bytes)[4] ~18 cpb 20 cpb ~6 cpb 37 cpb 37 cpb 70 cpb 80 cpb cpb 29 cpb Appropriate for hardware Yes Yes Yes Yes Yes Yes Yes No Yes Patent restrictions No No No No No Yes No No Yes Parallel-izable

CMAC HMAC-SHA1 MAC127 OMAC1 OMAC2 PMAC-AES RMAC UMAC32 XMACC-SHA1

A universal hash ~18 cpb and AES Message digest function hash127 + AES AES AES Block cipher Block cipher 90 cpb ~6 cpb 29.5 cpb 29.5 cpb 72 cpb 89 cpb

Yes No Yes No No Yes No Yes Yes

UHASH and AES 19 cpb Any cipher or MD function 162 cpb

76

4.2 Bm d liu vi OpenSSL

OpenSSL cung cp hai loi giao din vi cc hm bm
Giao din ring r vi mi gii thut bm c th. Mi gii thut bm c tp tiu ring Tn gi cc hm l khc nhau cho cc gii thut bm. Giao din chung EVP cho mi loi hm bm. Tp tiu chung: <openssl/evp.h> Trnh t s dng nh nhau: Khi to ng cnh: EVP_DigestInit Cp nht d liu bm: EVP_DigestUpdate Ly kt qu: EVP_DigestFinal.

77

4.2 Bm d liu vi OpenSSL

VD: Bm vi SHA1
#include <openssl/sha.h> int i; SHA_CTX ctx; unsigned char result[SHA_DIGEST_LENGTH]; /* SHA1 has a 20-byte digest. */ unsigned char *s1 = (unsigned char*)"Testing"; unsigned char *s2 = (unsigned char*)"...1...2...3..."; SHA1_Init(&ctx); SHA1_Update(&ctx, s1, strlen((char*)s1)); SHA1_Update(&ctx, s2, strlen((char*)s2)); /* Yes, the context object is last. */ SHA1_Final(result, &ctx); printf("SHA1(\"%s%s\") = ", s1, s2); for (i = 0; i < SHA_DIGEST_LENGTH; i++) printf("%02x", result[i]); printf("\n"); 78

4.2 Bm d liu vi OpenSSL

VD: Bm vi giao din EVP
#include <openssl/evp.h> #include <stdio.h> #include <string.h> int i , ol; EVP_MD_CTX ctx; unsigned char *result; unsigned char *s1 = (unsigned char*)"Testing"; unsigned char *s2 = (unsigned char*)"...1...2...3..."; EVP_DigestInit(&ctx, EVP_sha1()); EVP_DigestUpdate(&ctx, s1, strlen((char*)s1)); EVP_DigestUpdate(&ctx, s2, strlen((char*)s2)); if (!(result = (unsigned char *)malloc(EVP_MD_CTX_block_size(&ctx))))abort(); EVP_DigestFinal(&ctx, result, &ol); printf("SHA1(\"%s%s\") = ", s1, s2); for (i = 0; i < ol; i++) printf("%02x", result[i]); printf("\n"); free(result); 79

4.3 Bm d liu vi CryptoAPI

Trnh t bm vi CryptoAPI
Tp tiu : Wincrypt.h Khi to ng cnh Provider: CryptAcquireContext To i tng hash: CryptCreateHash Bm lin tip vi: CryptHashData Ly kt qu: CryptGetHashParam Gii phng i tng hash: CryptDestroyHash

80

4.3 Bm d liu vi CryptoAPI

V d: Bm d liu vi thut ton SHA-256
BYTE *pbData; DWORD cbData = sizeof(DWORD), cbHashSize, i; HCRYPTHASH hSHA256; HCRYPTPROV hProvider; unsigned char *s1 = (unsigned char*)"Testing"; unsigned char *s2 = (unsigned char*)"...1...2...3..."; // Khi to ng cnh Provider CryptAcquireContext(&hProvider, 0, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, 0); // To i tng hm bm CryptCreateHash(hProvider, CALG_SHA_256, 0, 0, &hSHA256); // Thc hin bm CryptHashData(hSHA256, s1, strlen((char*)s1), 0); CryptHashData(hSHA256, s2, strlen((char*)s2), 0); // Thc hin bm

81

4.3 Bm d liu vi CryptoAPI

V d: Bm d liu vi thut ton SHA-256 (tip)
// Ly kch thc d liu bm c CryptGetHashParam(hSHA256, HP_HASHSIZE, (BYTE *)&cbHashSize, &cbData, 0); pbData = (BYTE *)LocalAlloc(LMEM_FIXED, cbHashSize); // Ly d liu bm c CryptGetHashParam(hSHA256, HP_HASHVAL, pbData, &cbHashSize, 0); // Gii phng i tng bm v ng cnh Provider CryptDestroyHash(hSHA256); CryptReleaseContext(hProvider, 0); printf("SHA256(\"%s%s\") = ", s1, s2); for (i = 0; i < cbHashSize; i++) printf("%02x", pbData[i]); printf("\n"); LocalFree(pbData);

82

4.4 Xc thc thng ip vi HMAC

Vi OpenSSL
Tp tiu u <openssl/hmac.h> Gi hm HMAC_Init khi to ng cnh v key s s dng Lin tc gi hm HMAC_Update cp nht d liu. Gi hm HMAC_Final kt thc qu trnh bm Gi hm HMAC_cleanup xa key khi b nh. C th gi hm All-in-one HMAC Bn nhn kim tra li bng cch thc hin bm vi vi cng mt key v gii thut v so snh kt qu

83

4.4 Xc thc thng ip vi HMAC

Vi OpenSSL
int i; HMAC_CTX ctx; unsigned int len; unsigned char out[20]; unsigned char * key = (unsigned char*)"secret"; int keylen = strlen((char*)key); // Khi to HMAC vi key l secret HMAC_Init(&ctx, key, keylen, EVP_sha1( )); // Thc hin bm xu "fr HMAC_Update(&ctx, (unsigned char*)"hash me pls", 11); // Ly kt qu HMAC_Final(&ctx, out, &len); for (i = 0; i < len; i++) printf("%02x", out[i]); printf("\n");

84

4.4 Xc thc thng ip vi HMAC

Vi CryptAPI
To i tng Hash vi hm CryptCreateHash, trong tham s hKey l mt key c to trc. Thit lp thng tin v gii thut bm vi hm CryptSetHashParam. Thc hin bm vi hm CryptHashData Ly kch thc, ni ca d liu bm c vi hm CryptGetHashParam. Gii phng i tng Hash v Key

85

4.4 Xc thc thng ip vi HMAC

Vi CryptAPI
BYTE out[20]; DWORD cbData = sizeof(out), i; HCRYPTKEY hKey; HMAC_INFO HMACInfo; HCRYPTHASH hHash; HCRYPTPROV hProvider; // Ly ng cnh provider CryptAcquireContext(&hProvider,0,MS_ENH_RSA_AES_PROV,PROV_RSA_AES,CRYPT_VE RIFYCONTEXT); // Sinh key t mt khu hKey = CreateKeyFromPassword(hProvider,"secret"); // To i tng bm CryptCreateHash(hProvider, CALG_HMAC, hKey, 0, &hHash);

86

4.4 Xc thc thng ip vi HMAC

Vi CryptAPI
// Thit lp gii thut bm HMACInfo.HashAlgid = CALG_SHA1; HMACInfo.pbInnerString = HMACInfo.pbOuterString = 0; HMACInfo.cbInnerString = HMACInfo.cbOuterString = 0; CryptSetHashParam(hHash, HP_HMAC_INFO, (BYTE *)&HMACInfo, 0); // Thc hin bm CryptHashData(hHash, (BYTE *)"Hash me plz", 11, 0); // Ly kt qu CryptGetHashParam(hHash, HP_HASHVAL, out, &cbData, 0); for (i = 0; i < cbData; i++) printf("%02x", out[i]); printf("\n"); CryptDestroyHash(hHash); CryptDestroyKey(hKey); CryptReleaseContext(hProvider, 0);

87

4.5 S dng Salt

Salt
Chui d liu thm vo tng khng gian kha v chng li hnh thc replay-attack. Hai bn c th tha thun chung mt salt no thay i theo thi gian. Salt thng c thm vo u thng ip gc, sau thc hin bm c salt c thng ip.

88

Bi tp
1. Vit chng trnh m ha v gii m tp tin bng gii thut AES-256 bit. Mt khu nhp t bn phm. Kim tra tnh ng n ca kt qu bng gii thut SHA-256. S dng th vin OpenSSL. Khun dng d liu ca tp tin sau khi m ha c th nh sau: <Kch thc><Ni dung tp tin m><Gi tr bm SHA-256> 2. Vit chng trnh chat client-server n gin trong knh truyn c m ha theo gii thut AES-256. Key c sinh ra t mt khu tha thun trc v khng truyn qua mng, Vector khi to l m BCD c thit lp t ngy v gi hin ti ca h thng (Hm API GetSystemTime). V d: Nu hin ti l 07h ngy 10/10/2011 th gi tr di dng hexa ca vector khi to l 2011101007000.00

89

Bi tp
3. Vit chng trnh bm ni dung mt file bng gii thut HMAC-AES256, s dng th vin OpenSSL. Mt khu bm nhp t bn phm. 4. Vit chng trnh kim tra tnh ton vn ca mt file bng gii thut HMAC-AES256. Mt khu kim tra nhp t bn phm.

90

Chng 5. M ha cng khai

Public Key Cryptography

Lng nh Hong
hoangla@soict.hut.edu.vn

Ni dung
5.1 M ha vi OpenSSL RSA 5.2 K s d liu 5.3 Biu din kha di dng DER/PEM 5.4 Kt ni SSL 5.5 H tng kha cng khai

92

5.1 M ha vi OpenSSL RSA

M ha bt i xng
L cc gii thut s dng mt cp kha cho vic m ha v gii m D liu c m ha bng kha cng khai s c gii m bng kha b mt v ngc li. Cc gii thut thng dng: RSA, DSA, Diffie-Hellman. Khng s dng trc tip m ha d liu v tc rt chm. Thng c s dng Trao i kha i xng trong phin truyn mt Ch k s Xc nhn danh tnh

93

5.1 M ha vi OpenSSL RSA

OpenSSL RSA Thng c s dng trao i kha Lu tr tt c thng tin v mt kha di cu trc RSA. Tp tiu rsa.h Sinh cp kha i xng bng hm RSA *RSA_generate_key(int bits, // Kch thc kha: 1024,2048 unsigned long exp,// S m: 3, 17, 65537 void (*cb)(int, int, void), // Callback void *cb_arg);

94

5.1 M ha vi OpenSSL RSA

M ha vi kha cng khai S dng hm RSA_public_encrypt: int RSA_public_encrypt(int l, // Chiu di d liu unsigned char *pt, // Xu/s cn m unsigned char *ct, // Kt qu RSA *r, // Cu trc RSA int p); // Kiu padding Kt qu tr v: chiu di xu m c.

95

5.1 M ha vi OpenSSL RSA

Gii m vi kha b mt S dng hm RSA_private_decrypt: int RSA_private_decrypt(int l, unsigned char *ct, unsigned char *pt, RSA *r, int p); Kt qu tr v: chiu di xu gii m c

96

5.1 M ha vi OpenSSL RSA

Bi tp Vit chng trnh chat console client-server s dng gii thut RSA. Ch chia s public key trn ng truyn.

97