Zilog EZ80F91AZA User Manual Page 53
- Page / 79
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
UM020107-1211 SSL Configuration
ZTP Network Security SSL Plug-In
User Manual
47
{NULLPTR, 0},
{NULLPTR, 0} }
};
5. Lastly, to initialize the SSL server, use the certificate chain created in Step 4. For
example, to use this certificate chain with the TLSv1 handshake protocol, use the fol-
lowing function call:
TLS1_ServerInit( &CertChain, &DheParams );
Certificate Creation Issues
Consider the following points when creating your own certificates and private keys to be
used with the SSL:
•
The SSLv2 protocol always uses the RSA algorithm to exchange the Master Key dur-
ing the establishment of a session. Therefore, X.509 certificates created for use with
the SSLv2 protocol must contain an RSA Public Key, and the corresponding private
key must be an RSA Private Key. Similarly, the constructed SSLv2 certificate chain
must contain only one X.509 certificate.
•
It is important to choose a key length that is appropriate for the importance of the data
being exchanged. The sample certificates in the
Certificate directory of the
SSLDemo folder use a 512-bit public key. The longer the key, the less likely an
attacker is to discover or hack the key. However, as key size increases, the SSL layer
takes more time to complete the key exchange algorithm during the establishment of a
session.
•
The SSL layer in ZTP requires the private key to be in clear text format. Be sure that
the utility used to generate the private key does not encrypt the output. To prevent
encrypting of the private key, the
–nodes option is used in the OpenSSL example,
discussed earlier in this chapter. If the Private Key is encrypted, then the SSL layer
will be unable to complete the key exchange, and it will not establish an SSL session.
•
The X.509 certificate and Private Key must be encoded in the same manner. The SSL
layer in ZTP cannot process these parameters if one is
DER_ENCODED_DATA and the
other is
BASE64_DER_ENCODED_DATA.
•
If the SSL server’s Private Key and X.509 certificate are in the PEM format
(
BASE64_DER_ENCODED_DATA), they must be stored in RAM because the algorithm
which converts PEM-formatted data into DER-formatted data (
DER_ENCODED_DATA)
performs the conversion in place (i.e., Base64 decoding overwrites the encoded data).
•
Because private keys are stored in memory and must be transferred to the CPU over
the system data bus, some form of physical security is required to prevent an attacker
from analyzing the system memory or snooping the data bus and obtaining the private
key.
- ZTP Network Security SSL 1
- UM020107-1211 2
- Revision History 3
- Table of Contents 5
- Introduction 7
- Architecture 8
- Handshake Protocol 9
- How to Use SSL 10
- SSL Version 2 12
- UM020107-1211 Introduction 13
- User Manual 13
- HMAC_MD5 and 13
- SSL Handshake Protocols 14
- Security Concepts 15
- Getting Started 19
- Getting Started 21
- → Rebuild All menu option 23
- Send an Encrypted Message 24
- SSL Configuration 25
- ZDS II Project Settings 26
- SSL Initialization 27
- Digest Algorithm Selection 30
- Cipher Algorithm Selection 32
- PKI Algorithm Selection 34
- Cipher Suite Configuration 37
- Cipher Suite Tables 40
- EDH Parameters 43
- Modulus Length 45
- Certificates 46
- Certificate Chains 47
- Generating Certificates 48
- SSL Configuration 52
- Certificate Creation Issues 53
- Certificate Verification 54
- Verifying All Certificates 56
- Signature Verification 56
- Limitations 57
- Session Cache 58
- Session Cache Operation 59
- Diagnostic Messages 59
- How to Use the HTTPS Server 60
- Figure 7. Security Alert 62
- Creating SSL Applications 63
- Client Applications 66
- SSL Version 2 Cipher Suites 69
- SSL Version 3 Cipher Suites 70
- TLS Version 1 Cipher Suites 71
- AES Extensions 73
- UM020107-1211 74
- Private Cipher Suites 75
- Customer Support 79
Related products and manuals for Sensors Zilog EZ80F91AZA
Sensors Zilog Z8F0130 User Manual
(214 pages)
(214 pages)
Sensors Zilog EZ80F916 User Manual
(0 pages)
(0 pages)
Sensors Zilog EZ80F916 User Manual
(0 pages)
(0 pages)
Sensors Zilog EZ80190 User Manual
(10 pages)
(10 pages)
Sensors Zilog EZ80F91AZA User Manual
(34 pages)
(34 pages)
Sensors Zilog EZ80190 User Manual
(87 pages)
(87 pages)
Sensors Zilog EZ80F91 User Manual
(78 pages)
(78 pages)
Sensors Zilog Z02215 User Manual
(2 pages)
(2 pages)
Sensors Zilog eZ80F92 User Manual
(87 pages)
(87 pages)
Sensors Zilog EZ80L92 User Manual
(86 pages)
(86 pages)
Sensors Zilog Z16C30 User Manual
(208 pages)
(208 pages)
Sensors Zilog Z16C35 User Manual
(322 pages)
(322 pages)
Sensors Zilog Z80380 User Manual
(268 pages)
(268 pages)
Sensors Zilog Z80380 User Manual
(116 pages)
(116 pages)
Sensors Zilog Z80195 User Manual
(47 pages)
(47 pages)
Sensors Zilog Z80180 User Manual
(326 pages)
(326 pages)
Sensors Zilog Z86193 User Manual
(260 pages)
(260 pages)
Sensors Zilog Z86C36 User Manual
(64 pages)
(64 pages)
Sensors Zilog Z86E07 User Manual
(43 pages)
(43 pages)
Sensors Zilog Z08470 User Manual
(326 pages)
(326 pages)
© 2020, manymanuals.com. All rights reserved. | 1.449 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals