How to setup a self-signed CA certificate and a server certificate signed by the CA

tl;dr

Password-protected-folder Living in a secure world!

$ cd pki/
# create CA certificate / private key
$ openssl req -x509 -newkey rsa:4096 -keyout ca.key.pem -out ca.cert.pem -days 1095 -nodes
# create server CSR / private key
$ openssl req -newkey rsa:4096 -keyout server.key.pem -out server.cert.csr -days 1095 -nodes
# sign and create server certificate
$ openssl x509 -req -days 1095 -in server.cert.csr -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -out server.cert.pem

Why do I need to do that?

Generating a self-signed Certificate Authority (CA) and an associated server certificate may be useful in different scenarios:

  • Securing SSL communications with its own SSL server (Web server, IRC server, etc.)
  • Configuring a VPN with certificate authentication (eg: strongSwan)
  • Testing purpose when auditing a client application and realizing a man-in-the-middle attack between the application and a remote server

Some explanation on the commands above

CA certificate

First, we generate our CA certificate:

  • -x509 specifies to create the X.509 certificate (instead of a Certificate Signing Request, a.k.a. CSR)
  • -newkey rsa:4096 specifies to generate a 4096-bit RSA key
  • -keyout and -out are respectively used to specify the CA key and CA certificate file names
  • -days 1095 specifies a validity of 3 years (3*365=1095 days) for the certificate / key
  • -nodes specifies not to encrypt the private key

We use the “My CA” name for our “Common Name” (CN) here but it does not really matter. We will see later the CN that matters is the server one.
~$ cd pki/
~/pki$ openssl req -x509 -newkey rsa:4096 -keyout ca.key.pem -out ca.cert.pem -days 1095 -nodes
Generating a 4096 bit RSA private key
.............................................++
...............................................................................................................................................................................................++
writing new private key to 'ca.key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:France
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:My CA
Email Address []:

Server CSR

The next step is to generate our server Certificate Signing Request (CSR). We cannot directly create our server certificate using a one-line command because we need to create a request that will later be signed with the CA private key.

  • We omit -x509 here because we create a Certificate Signing Request, a.k.a CSR (and not directly a X.509 certificate)

Everything else has already been commented. Let’s just notice that the -out option is followed by a .csr filename because, again, we are creating a CSR and not (yet) a server certificate.

Here, we need to specify a “Common Name” that matches what the client uses when connecting to our server. For example, we use:

  • 192.168.100.18 if our server is in a LAN
  • 123.456.789.10 if our server is publicly available on the Internet and no DNS is configured
  • myserver.com if our server has a configured DNS (and the client is using it!)

Important note: The “common name” is really important if we need to secure the communications, which is basically what we are trying to do since we are using SSL/TLS.

~/pki$ openssl req -newkey rsa:4096 -keyout server.key.pem -out server.cert.csr -days 1095 -nodes
Generating a 4096 bit RSA private key
..................................................................................................................................................................................................................................................................................................++
............................................................................................++
writing new private key to 'server.key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:France
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:192.168.100.18
Email Address []:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Signing the server certificate

Finally, we sign the server Certificate Signing Request with our CA and create the server certificate:

  • -x509 specifies to create the X.509 certificate
  • -in specifies the CSR filename used as input and -out specifies the output server certificate filename
  • -CA specifies CA certificate and -CAkey specifies CA private key
  • -CAcreateserial specifies to generate a serial for this certificate

This is what it looks like:

~/pki$ openssl x509 -req -days 1095 -in server.cert.csr -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -out server.cert.pem
Signature ok
subject=/C=FR/ST=France/O=Internet Widgits Pty Ltd/CN=192.168.100.18
Getting CA Private Key

So what do we have now?

We remove the CA private key because we do not want another server certificate to be signed by it. It is indeed the case because we need to add the CA certificate to our trusted certificates key store (eg: certmgr.msc under Windows).

~/pki$ rm ca.srl ca.key.pem server.cert.csr
~/pki$ ls
ca.cert.pem server.cert.pem server.key.pem

  • ca.cert.pem is the self-signed CA certificate
  • server.cert.pem is the server certificate with correct Common Name (CN) field and signed the the CA
  • server.key.pem is the server private key

We append all these files, in one file, (in that order, from the “most private” to the “most public” key). It is ready to be used by our server.

~/pki$ cat server.key.pem server.cert.pem ca.cert.pem > mytrustedchain.pem

Advertisements
Posted in Beginners, Security, Web | Leave a comment

How to manage multiple passwords

Why do you need to have multiple passwords in your life?

Password-protected-folder To reduce risks!

  • Let’s assume a website does no store passwords in a secure manner. Let’s assume it is hacked in some way. Hackers can get your login and password, and then reuse these on an other website.
  • Let’s assume a website transfers passwords in clear text in the HTTP protocol. In such a scenario, if you are connected to an insecure Wireless network, people can sniff your password, and again reuse this on another website.

Some examples :

  • If you use the same password for Facebook and your Gmail account and your facebook account gets hacked, you do not want hackers to be able to access all your emails.
  • If you use the same 6-digit password for a random board on the Internet and your bank, you do not want hackers to be able to access your money if the Internet board gets pirated.

What goes wrong in storing passwords insecurely?

This section is for websites/servers that store our passwords in an insecure manner :

  • Storing passwords in clear text in the database is bad for users.
  • Storing encrypted passwords in the database with a unique key that is in your website code is bad for users

But both are good for hackers that get access to your websites.

The good way for websites is NOT to store users’ passwords. I know, programmers, you want to have their passwords, but it is BAD. At the end of the day, it will become BAD if hackers publish they have hacked your website and got lots of passwords. But how to do that? There are lots of ways to do it securely, and still asking for users passwords. If you want more technical details on the subject, go on the OWASP wiki.

How to remember multiple passwords?

keepass_256x256Do not!

Use a tool such as Keepass. You have it for Windows, Linux, etc. as well as Android or the iPhone. It is like a safe box where you define a UNIQUE strong password and it will keep encrypted all your other passwords. Moreover, it will generate random passwords for all your websites.

How to improve security with two-factor authentication?

To get a little further, you can use what we call “two-factor” authentication. What does it mean? When using a password to authenticate to a website, you use a single factor to authenticate. This factor is the fact that you remember this password. It is “something you know”. Would it be nice if we could add to this “something we have” in our possession such as something related to our phone?

It exists. Basically, what you can do is use Google Authenticator. For example, you can use that with Gmail or a SSH server. You setup that on your server side (e.g.: Gmail account or SSH server) and then install the Google Authenticator application on your phone such as Android or the iPhone.

When logging to your Gmail account, it will first ask for your password, and then for a 6-digit code that only your phone is able to generate.

Posted in Beginners | Tagged , , | Leave a comment

Quand une vérification JavaScript (inutile) me sauva la vie…

Le site “La dépêche” est un site d’information du “Grand Sud”. Histoire d’être au courant de ce qui se passe au pays du soleil, je décidais il y a peu de m’abonner à leur newsletter.

Inscription

Pour cela, leur page principale contient un champ à remplir avec son adresse e-mail. J’utilise régulièrement le signe “+” dans les e-mails que je donne sur Internet afin de créer des filtres ou afin de déterminer si mes adresses sont utilisées de manière automatique en dehors du périmètre que je souhaite, par exemple en étant “revendu” à des tiers. Pour une adresse du type “nickname@gmail.com”, j’utiliserais “nickname+ladepeche@gmail.com” pour “La dépêche“, “nickname+monde@gmail.com” pour “Le Monde“, etc. Toutes ces adresses sont valides et pointent vers l’adresse “nickname@gmail.com”. Si vous souhaitez plus de détails là-dessus, vous pouvez lire l’excellent article de Stéphane Bortzmeyer.

ladepeche_inscriptionladepeche_inscription_ok

Ma boîte e-mail se remplit alors de plusieurs e-mails par jour (que je ne lisais jamais). Je décidais donc de me désabonner, en cliquant sur le lien présent dans chaque newsletter.

Désinscription

J’arrivais donc sur une page où mon adresse e-mail était pré-remplie.

ladepeche_desinscription2

Lorsque je cliquais sur “Cliquez ici pour confirmer”, j’obtenais le message d’erreur suivant.

ladepeche_adresse_email_invalide

En regardant le code de plus près, on pouvait voir qu’il s’agissait (classiquement) d’un code JavaScript qui vérifiait “localement dans le navigateur” le format de l’email avant de l’envoyer au serveur.

//contrôle de validité de l’adresse email
if (!(/^[A-Za-z0-9_\-]+([.][A-Za-z0-9_\-]+)*[@][A-Za-z0-9_\-]+([.][A-Za-z0-9_\-]+)+$/.test($(‘EMAIL’).value)) && $Len(‘EMAIL’) > 0 ) {
msg += “L’adresse email saisie n’est pas valide, merci de corriger.\n”;
}

Il suffisait donc de désactiver le JavaScript dans son navigateur, et hop, nous pouvions nous désinscrire de la liste de diffusion.

ladepeche_desincription_ok

Notons tout de même que cela est d’autant plus gênant que personne ne semble se préoccuper des e-mails qui sont envoyés sur Webmaster, Henri Amar, Dépêche Abos ou Rédaction, pour ne citer que quelques adresses récupérées sur la page de Contacts.

Bien cordialement, au revoir.

Posted in Beginners, Français, My life, Web | Tagged , , , | Leave a comment

How to compile Android native code with regular makefile

Those of you that have been compiling native code using the Android NDK know that it is not that difficult. You need to install the Android NDK, then you have samples in the “sample directory“. You basically go through the project directory and issue a the “ndk-build” command and here you get your binary (executable or library).

$ export PATH=$PATH:~/android-ndk-r8b
$ cd ~/android-ndk-r8b/samples/hello-jni
$ ls jni
$ ndk-build
$ file libs/libhello-jni.so

Under the hood, “ndk-build” will use your “Android.mk” file to get all the configuration it needs (from other .mk files) and build the appropriate binary.

This post deals with compiling native C code for Android devices still using the toolchain from the Android NDK but with regular “Makefile”, not the “Android.mk”. It will allows us to have full control on all the gcc parameters.

TL;DR

What you basically need is to:

  1. Install the Android NDK to get the appropriate gcc and co binaries
  2. Download this sample
  3. Unzip it and change the path to your Android NDK in the “Makefile”
  4. Run “make”
  5. Deploy to your Android device and enjoy

Why for? What for?

When trying to compile a native binary to test on an Android device, I wanted to have full control over the GCC options in order to remove all the optimization it adds and test different scenarios. The “Android.mk” allows you to do so:

# disable “–noexecstack” and “-z noexecstack”
LOCAL_DISABLE_NO_EXECUTE=true

# disable “-z relro” and “-z now”
DISABLE_RELRO=true

But in some scenarios what you add into this file is just ignored because other options that are in other .mk files just overlap. So if you want to have full control over what you are doing, you basically need to get back to original “Makefile” that are hidden under the hood of the “Android.mk” magic.

How?

What I did is to use strace to get the command lines that were executed using the ndk-build process with the “Android.mk” files. So you just need to replace the “ndk-build” step above by:

$ strace -f -s 9999 -o android_mk.log ndk-build

What do you get?

The sample contains two projects:

  • hello-jni: Useful to build a dynamic library for Android using a regular makefile that will be used in a regular Android application (.apk). Adapted from android-ndk-r8b/samples/hello-jni sample.
  • hello-ndk: Useful to build a binary for Android using a regular makefile.
Posted in Android, Tools | 2 Comments

Hi!

This blog is what needs to be said but has not being said… I will try to do my best to do so 🙂

Enjoy and see ya!

Posted in General | Leave a comment