TLS Certificates

Discussion to talk about software related topics only.
SeeCwriter
Posts: 606
Joined: Mon May 12, 2008 10:55 am

TLS Certificates

Post by SeeCwriter »

Example program HttpsUploadCert suggests that multiple certificates can be uploaded to a module. Is that correct?

I ask because the example program builds a list of certificates by searching for files named "CACert*.crt". But the function that saves the certificate doesn't take a file name as one of the parameters.
I created a self-generated certificate and key, and it works. But when I display the contents of the file system, there are no certificate or key files. So I'm confused.

Using v2.9.5 on a MOD5441X.
User avatar
Jon
Posts: 79
Joined: Mon Feb 05, 2018 10:54 am

Re: TLS Certificates

Post by Jon »

Hi SeeCwriter,

Any files that are uploaded via the example are renamed to CACert<num>.crt. That way the application knows what to look for without having to to go through the extra step of storing a list of the filenames to search for. When you list the contents of the filesystem, do the files named CACert*.crt not show up?

The self-generated cert and key are not stored in the file system, but directly in flash memory, so those won't show up at all.

Kind Regards,
Jon
SeeCwriter
Posts: 606
Joined: Mon May 12, 2008 10:55 am

Re: TLS Certificates

Post by SeeCwriter »

That explains it. In the case of multiple certificates, how do functions HalGetDeviceCert(), HalGetDeviceCertLen(), HalGetDeviceFormat() work?
User avatar
pbreed
Posts: 1080
Joined: Thu Apr 24, 2008 3:58 pm

Re: TLS Certificates

Post by pbreed »

2 Kinds of certs, list of CA certs, ie what you are allowed to connect to...with device being a client.
These certs contain public keys(names, dates and permissions and other things also), but no private keys.

Server cert (and associated private key): what is presented when something external tries to connect to this device, with the device being a server. Usually only ONE server cert, though one can create a hierarchy so you can have an uploaded cert/key and a self generated cert/key to act as backup if no valid cert/key is uploaded.

The Hal cert functions are platform specific and in general retrieve a (some times self generated) server certificate AND key stored in flash.

These functions are defined in nburn\nbrtos\include\hal.h

General background:
Every public key has an associated private ie secret key.
Every certificate has as part of its structure a public key and a signature signed by a private key.
(Note that the cert is usually signed by a differnt key pair than the public key it contains)

The public/private keys and certificates:
Signing:
Private key+ Data -> signed thing
signed thing +Public Key -> Data

If this Data is a hash of something, it is effectively a signature, ie
I have a cert... hash the cert apply the private key generate a signed thing.
Add it to the cert publish the result...
It proves that whomever signed this thing had access to the private key....

The other operation:
Public Key + Data -> Encoded thing
Private Key + Encoded thing -> Data....

Thus when an TLS (or SSL) connection is established....
The server sends its certificate public key in the open/clear.

The Client looks to see if the Certicate is signed by someone it trusts... then
The Client generates a cryptographically random number.
Random + Public Key -> Encrypted random.
Encrypted Random is sent back to the server....
The Server then Decodes this...
Encrypted Random+Private Key -> Random.

Now both sides know the random the client generated.
They both derive a symetical key from this random and use that to encode the rest of the conversation.
Using a symmetrical cipher like DES AES etc...

From that point on the TLS co
SeeCwriter
Posts: 606
Joined: Mon May 12, 2008 10:55 am

Re: TLS Certificates

Post by SeeCwriter »

I'm still confused. Our device is a server. It never initiates a connection. Since the device supports both IPv4 & IPv6, it will have at least two IP addresses. I need a certificate and key for each IP address. Plus, it can generate a self-signed certificate.
When I use any of the Hal functions, which certificate is accessed?
For example, this is the main loop of a task to reprogram the module via a secure link. If the module has multiple certificates, which one do the Hal functions access?

Code: Select all

  static IPADDR address;
  static int listen_repro = listen( INADDR_ANY, (WORD) SSL_REPRO_PORT, 1 );

  while ( true )   //lint !e716
    {
    if ( HalGetDeviceCert() != NULL )
      {
      // This blocks until a connection request is received.
      int fd = SSL_accept( listen_repro, &address, NULL, 0, true, false,
                           HalGetDeviceCert(), HalGetDeviceCertLen(), HalGetDeviceFormat(), nullptr );
      if ( fd > 0 )
        {
        if ( ReadS19ApplicationCodeFromStream( fd ) == STREAM_UP_OK )
          {
          ForceReboot();
          }
        else
          {
          close( fd );
          }
        }
      }
    OSTimeDly( TICKS_PER_SECOND * 15 );
    }
User avatar
pbreed
Posts: 1080
Joined: Thu Apr 24, 2008 3:58 pm

Re: TLS Certificates

Post by pbreed »

The name needs to match. (IE whatever the name is in the browser used to connect.....)
The cert can have multiple names.(Subject Alternate Name(s))

So if there is a DNS entry for the device MyDevice.someplace.com
Or an Ipaddress

1.2.3.4

or an IPV6 address...

Then the cert needs to have a name that matches whichever of these you used to access it.

If your a server the CA Certs do nothing.

I believe the selfsigned cert uses the IPV4 address.
User avatar
pbreed
Posts: 1080
Joined: Thu Apr 24, 2008 3:58 pm

Re: TLS Certificates

Post by pbreed »

If your connecting via some sort of TLS client(Not a browser) , then you need to pass in a name to that client and that name needs to match the cert. (Many simple clients have an option to just ignore the name, in which case the cert name will be ignored)
User avatar
Jon
Posts: 79
Joined: Mon Feb 05, 2018 10:54 am

Re: TLS Certificates

Post by Jon »

Hi SeeCwriter,

I can see where the confusion is here, and our documentation can certainly use some help in this regard. A couple of things that will hopefully help with getting you on the right track:

- The certBuff and certBuffLen parameters for SSL_accept() are for peer verification only and have nothing to do with the certs that are used by the server as part of the handshake. If you set the verifyPeer parameter to false, these can be set to nullptr.
- When the server is initialized (which happens automatically during a handshake), the following takes place:
1) A non-self generated cert (which includes certs stored in flash on the file system, on an SD card, or compiled in) is checked for by calling GetCertificatePEM() and GetPrivateKeyPEM()
2) If these return nothing (meaning a cert doesn't exist), then the Hal functions are used to check for an autogenerated cert. The Hal functions will only look for the auto-generated certs stored at a specific spot in flash. If there is no cert, or it's expired, a new one will be generated.

If you use a compiled cert, then GetPrivateKeyPEM() and GetCertificatePEM() will just return the array comp_key and comp_cert (see nburn\libraries\crypto\NetBurner\CompiledCertKey.cpp) by default. However, you can override these functions to return whatever you need them to. The example HttpsDualCert is a good demonstration of this. In this example it will try to look at the files on the flash card to see if there is a valid cert/key pair. If not, it will default to the compiled in version.

In your use case, with multiple IP address, you'll want to make sure that the certificate specifies both IP addresses as alternate names. This will allow you to use the same certificate for both interfaces. The advanced self-signed certificate example (nburn\examples\SSL\SslOnboardCertGeneration\Adavanced) demonstrates how to do this for the self-signed certificates.

I believe this is enough to get you going, but please feel free to follow up with any additional questions.

Kind Regards,
Jon
SeeCwriter
Posts: 606
Joined: Mon May 12, 2008 10:55 am

Re: TLS Certificates

Post by SeeCwriter »

Jon - That was very helpful. Thank you.

Therefore, we don't need to create a self-signed certificate in advance, or have a special command to instruct the module to create a cert prior to attempting a secure connection, that it will be done automatically if no appropriate certificate is found when accepting an SSL connection.

A co-worker was using v2.9.3 of the tools and running some of the SSL example programs and ran into an issue with checking a certificate's expiration date in function SSL_IsCertExpired(). He was told how to modify the function to correct it. The issue is that, apparently, there are two different date formats that are used in certs and the function was only checking for one of the formats. I'm using v2.9.5 and it appears the same issue is still present.
User avatar
Jon
Posts: 79
Joined: Mon Feb 05, 2018 10:54 am

Re: TLS Certificates

Post by Jon »

Hi SeeCwriter,

You're very welcome, and that is correct.

For your question about the dates, did your co-worker get that fix through support? Do you have any info I can use to help look it up? You can message me directly on the forum jcox(at)netburner.com to avoid posting personal info.

Kind Regards,
Jon
Post Reply