Upgrade to Pro — share decks privately, control downloads, hide ads and more …

My TLS was broken

My TLS was broken

Piyush Verma

January 19, 2019
Tweet

More Decks by Piyush Verma

Other Decks in Technology

Transcript

  1. My TLS is broken
    and probably yours too.

    View Slide

  2. My TLS was broken
    My TLS is broken
    My TLS was broken
    My TLS is broken
    My TLS was broken
    My TLS will be broken

    View Slide

  3. Part 1: The GreenLock

    View Slide

  4. HTTPS
    func main() {
    http.ListenAndServeTLS(":443",
    "server.crt", "server.key", nil)
    }

    View Slide

  5. Picture or it didn’t happen

    View Slide

  6. HTTPS Server

    View Slide

  7. Part 2: TCP TLS

    View Slide

  8. TCP TLS Server
    func main() {
    cer, err := tls.LoadX509KeyPair("server.crt", "server.key")
    config := &tls.Config{Certificates: []tls.Certificate{cer}}
    ln , err := tls.Listen("tcp", ":443", config)
    conn, err := ln.Accept()
    go handleConnection(conn)
    }

    View Slide

  9. TLS Client
    func main() {
    conf := &tls.Config{//InsecureSkipVerify: true}
    conn, err := tls.Dial("tcp", "ldap.ha.tsengine.io:847", conf)
    n, err := conn.Write([]byte("hello\n"))
    buf := make([]byte, 100)
    n, err = conn.Read(buf)
    log.Println(n, err)
    }

    View Slide

  10. Server Client TCP

    View Slide

  11. Part 3: Opportunistic TLS

    View Slide

  12. func main() {
    listener, _ := net.Listen("tcp", "127.0.0.1:8000")
    conn, err := listener.Accept()
    bytesRead, err := conn.Read(...)
    if string(buffer[0:bytesRead]) == STARTTLS {
    conn := tls.Server(unenc_conn, &config)
    var buffer = make([]byte, 1024)
    conn.Handshake()
    ...
    }
    }
    TLS Client

    View Slide

  13. Part 4

    View Slide

  14. TLS Client Auth Handshake

    View Slide

  15. TLS Exchange

    View Slide

  16. Certificates

    View Slide

  17. [email protected]:~$ openssl x509 -in <(openssl s_client -connect
    wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45
    Validity
    Not Before: Dec 21 00:00:00 2017 GMT
    Not After : Jan 24 12:00:00 2019 GMT
    X509v3 CRL Distribution Points:
    Full Name:
    URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
    Full Name:
    URI:http://crl4.digicert.com/sha2-ha-server-g6.crl
    Authority Information Access:
    OCSP - URI:http://ocsp.digicert.com

    View Slide

  18. Sharing is not Caring,
    Your parents have been lying.

    View Slide

  19. Part 5: Client Authentication

    View Slide

  20. Client Authentication

    View Slide

  21. Why is Client Auth needed?

    View Slide

  22. But we use API Keys

    View Slide

  23. Client Certificate
    Certificate:
    Issuer: C = IN, ST = MH, L = Pune, OU = TS Sre Certificate
    Authority, CN = TS Sre CA
    Validity
    Not Before: Jan 18 06:53:00 2019 GMT
    Not After : Jan 17 06:53:00 2024 GMT
    Subject: C = IN, ST = MH, L = Pune, OU = TrustingSocial, CN =
    tls_demo_client
    Authority Information Access:
    OCSP - URI:http://ca.ha.tsengine.io:7889
    CA Issuers -
    URI:http://ca.ha.tsengine.io:1500/intermediate/intermediate.crt
    X509v3 CRL Distribution Points:
    Full Name:
    URI:http://ca.ha.tsengine.io:6688/api/v1/cfssl/crl

    View Slide

  24. certificate, err := tls.LoadX509KeyPair(cert, key)
    tlsConfig := &tls.Config{
    ServerName: "my-server",
    ClientAuth: tls.RequireAndVerifyClientCert,
    Certificates: []tls.Certificate{certificate},
    }
    ln, err := tls.Listen("tcp", ":443", config)
    conn, err := ln.Accept()
    go handleConnection(conn)
    Accepting Client Certs

    View Slide

  25. Deprecation of Internal &
    Reserved IP Addresses
    Circa 2012

    View Slide

  26. Part 6: PKI

    View Slide

  27. PKI Infrastructure

    View Slide

  28. certPool := x509.NewCertPool()
    b, err := ioutil.ReadFile(rootPath)
    certPool.AppendCertsFromPEM(bs)
    tlsConfig := &tls.Config{
    ServerName: "my-server",
    ClientAuth: tls.RequireAndVerifyClientCert,
    Certificates: []tls.Certificate{certificate},
    ClientCAs: certPool,
    }
    Accepting Client Certs

    View Slide

  29. certificate, err := tls.LoadX509KeyPair(cert, key)
    certPool := x509.NewCertPool()
    b, err := ioutil.ReadFile(rootPath)
    certPool.AppendCertsFromPEM(bs)
    tlsConfig := &tls.Config{
    Certificates: []tls.Certificate{certificate},
    RootCAs: certPool,
    }
    Accepting Server Certs

    View Slide

  30. Part 7: Take it Back

    View Slide

  31. How do you take-back a Cert?

    View Slide

  32. CRL

    View Slide

  33. [email protected]:~$ openssl x509 -in <(openssl s_client -connect
    wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45
    Validity
    Not Before: Dec 21 00:00:00 2017 GMT
    Not After : Jan 24 12:00:00 2019 GMT
    X509v3 CRL Distribution Points:
    Full Name:
    URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
    Authority Information Access:
    OCSP - URI:http://ocsp.digicert.com

    View Slide

  34. CRL

    View Slide

  35. CRL

    View Slide

  36. Problems with CRL

    View Slide

  37. OCSP

    View Slide

  38. [email protected]:~$ openssl x509 -in <(openssl s_client -connect
    wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text
    Certificate:
    Data:
    Version: 3 (0x2)
    Serial Number:
    08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45
    Validity
    Not Before: Dec 21 00:00:00 2017 GMT
    Not After : Jan 24 12:00:00 2019 GMT
    X509v3 CRL Distribution Points:
    Full Name:
    URI:http://crl3.digicert.com/sha2-ha-server-g6.crl
    Authority Information Access:
    OCSP - URI:http://ocsp.digicert.com

    View Slide

  39. OCSP Flow

    View Slide

  40. - Server Down?
    - DDOS CA
    - Privacy Compromise
    OCSP Challenges

    View Slide

  41. Soft Fail

    View Slide

  42. Soft Fail: Firefox

    View Slide

  43. Soft Fail: Chrome

    View Slide

  44. Hard Fail?

    View Slide

  45. What’s the most
    fragile thing in
    the Universe?
    a) Silence
    b) Taylor Swift’s heart.
    c) Neymar’s Shin
    d) Internet Security

    View Slide

  46. Part 7

    View Slide

  47. Why do you revoke keys?

    View Slide

  48. https://github.com/indutny/heartbleed

    View Slide

  49. cert, err := x509.ParseCertificate(cert)
    // ok := callOCSPServer(cert)
    if !ok {
    // Certificate is revoked
    }
    tlsConfig := &tls.Config{
    ServerName: "my-server",
    ClientAuth: tls.RequireAndVerifyClientCert,
    Certificates: []tls.Certificate{certificate},
    ClientCAs: certPool,
    VerifyPeerCertificate: certValidator,
    }
    Accepting Client Certs

    View Slide

  50. Part 8

    View Slide

  51. CAtoolkit
    http:/
    /github.com/tsocial/ca
    toolkit

    View Slide

  52. Maybe, Security is just a
    feeling?

    View Slide

  53. xps:~$ whoami
    Piyush Verma
    Site Reliability Engineering
    Trusting Social
    Twitter: meson10

    View Slide