As this ebook edition doesn't have fixed pagination, the page numbers below are hyperlinked for reference only, based on the printed edition of this book.
Symbols
3DES ciphers
reviewing 21
A
Abstract Syntax Notation One (ASN.1) 6, 103, 139
Advanced Encryption Standard (AES) 5, 17, 61
decrypting with, on command line 37-41
encrypting with, on command line 37-41
Advanced Encryption Standard in Galois/Counter Mode (AES-GCM) 9
Advanced Encryption Standard in Galois/Counter Mode with a Synthetic Initialization Vector (AES-GCM-SIV) mode 32
reviewing 32
Advanced Encryption Standard New Instructions (AES-NIs) 21
AES programmatically
used, for decrypting openssl enc file 49, 50
used, for encrypting openssl enc file 44, 45
Application Programming Interface (API) 4, 37, 78, 174
bindings 7
compatibility 11
instability 11
Application-Specific Integration Circuits (ASICs) 86
ARIA algorithm 23
ARIA cipher 24
ARM 4
ARMv8.2-SHA 62
ARMv8 Cryptographic Extension 21, 61, 62
asymmetric cryptography algorithms 4, 120
asymmetric encryption algorithms 4, 16, 96, 120
need for 96
private key 96
public key 96
authenticated encryption (AE) 30, 76, 164
Authenticated Encryption with Associated Data (AEAD) 30, 166
authentication tags 71
avalanche effect 56
B
base CRL 281
Basic Input/Output (BIO) 254
bit rotations 17
BLAKE2 64
BLAKE2 family
reviewing, of hash functions 64, 65
BLAKE3 65
blockchain 58
block cipher
padding for 33
block cipher operation modes 17, 25, 32
AES-GCM-SIV mode, reviewing 32
Cipher Block Chaining (CBC) mode, reviewing 27, 28
Counter (CTR) mode, reviewing 28, 29
Electronic Code Book (ECB) mode, reviewing 25, 26
Galois/Counter Mode (GCM) mode, reviewing 30-32
selecting 32
block counter 23
blocking sockets 253
Blowfish cipher 23
BoringSSL 10
OpenSSL, comparing with 10, 11
Botan 7
Browser Exploit Against SSL/TLS (BEAST) 22, 169
brute force 19
brute-force resistant 85
BSD systems 9
C
C 7
C++ 7
C++11 7
C++17 7
Camellia algorithm 23
Camellia cipher 24
Carter-Wegman + CTR (CWC) mode 32
CAST5 cipher 23
CAST-128 23
Central Processing Unit (CPU) 19
certificate
generating, for web and email client 294-296
generating, for web server 292-294
Certificate Authority (CA) 125, 141, 166, 172, 202, 244
certificate depth 195
certificate pinning 244
Certificate Revocation List (CRL) 140, 202, 203, 245, 281
Certificate Revocation List (CRL), using in C programs 203-205
CRL lookup callback, implementing 206, 207
CRL lookup callback, registering 205
function, implementing for downloading CRL from distribution point 208, 209
function, implementing for downloading CRL from HTTP URL 210, 211
certificate revocation status
certificate signing chain 140-144
Certificate Signing Request (CSR) 144, 145, 172, 245, 283
Certificate Status Request 213
Certificate Transparency (CT) 280
certificate verification chain 140
ChaCha20 8
ChaCha20 cipher 22
reviewing 22
ChaCha-Poly1305 9
ChaCha stream cipher 65
chain of trust 140
chosen-plaintext attack 28
cipher 16
Cipher Block Chaining (CBC) mode
cipher feedback (CFB) mode 32
ciphertext 16
client certificate
packaging, into PKCS #12 container files 226-228
collision 56
command line
leaf certificate, verifying 154
message digest, calculating 67
symmetric encryption key, deriving from password 87, 88
TLS client connection, establishing on 170-172
TLS server connection. accepting on 173, 174
Common Name (CN) 179
Compression Ratio Info-Leak Made Easy (CRIME) 169
Context (CTX) 47
Continuous Integration 43
Counter (CTR) mode
Counter with CBC-MAC (CCM) mode 32
C programs
custom verification, of peer certificates 194-196
CRL number 281
CRYPTO_BUFFER functionality 10
cryptocurrencies 58
cryptographically secure pseudo random generator (CSPRNG) 35
Cryptographic Doom Principle 76
cryptographic hash functions 56, 66
MDC-2 66
properties 56
RIPEMD-160 66
selecting 66
Whirlpool 66
cryptography 3
custom verification of peer certificates, in C programs 194-196
verification callback, implementing 198-200
verification callback, registering 197
D
Data Encryption Standard (DES) 21
ciphers, reviewing 21
Datagram Transport Layer Security (DTLS) 165
data integrity verification 56, 57
delta CRL 281
denial-of-service 59
deterministic 85
Diffie-Hellman (DH) key exchange method 29, 88, 98, 164
digest program
running 69
Digital Signature Algorithm (DSA) 63, 98
reviewing 122
selecting 125
Digital Signature Algorithm (DSA), supported by OpenSSL
reviewing 122
ECDSA, reviewing 123
overview 121
SMA, reviewing 125
digital signatures 4, 57, 72, 120
ec-sign program, implementing 130
ec-verify program, implementing 134
features 120
using programmatically 129, 130
verifying programmatically 133
versus MACs 121
Distinguished Encoding Rules (DER) 103, 139, 202, 300
Distinguished Name (DN) format 139
DNS poisoning 140
Domain Validated (DV) certificates 145
DTLS protocol 4
dynamic linking 6
E
ec-sign program
ec-verify program
running 135
Electronic Code Book (ECB) mode 25
ElGamal algorithm 99
Elliptic Curve Cryptography (ECC) 101
Elliptic Curve Diffie-Hellman (ECDH) 98
Elliptic Curve Digital Signature Algorithm (ECDSA) 98
elliptic curve keypair
Encrypt-and-MAC (E&M) scheme 75
encryption modes 25
encrypt-then-authenticate-then-translate (EAX) mode 32
Encrypt-then-MAC (EtM) scheme 75
ENGINE API 5
engines 5
Envelope API 46
disadvantages 46
Envelope (EVP) 46
Ephemeral Diffie-Hellman (DHE) 164
Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) 164
Ethereum 63
EtM TLS protocol extension 76
EVP API 68
exhaustive search 19
existential forgery attack 72
existential forgery under a chosen-message attack 73
Extendable Output Functions (XOFs) 62
Extended Validation (EV) certificates 145, 146
extra data 197
F
Field-Programmable Gate Arrays (FPGAs) 86
file descriptor (fd) 174
filter BIOs 174
free and open source software (FOSS) projects 6
G
Galois/Counter Mode (GCM) mode
Git 58
GMP 6
GNU ecosystem 6
GnuPG 63
GNU Privacy Guard (GnuPG) 23
GNU Project 6
GnuTLS 6
GOST12 65
GOST89 65
GOST94 65
GOST2012 65
GOST2015 cipher 24
GOvernment STandard (GOST) 24
Graphical Processing Units (GPUs) 86
H
handshake secret 167
handshaking operation 99
Hard Core Library (HCL) 7
hash-and-sign paradigm 120
Hash-based Message Authentication Code (HMAC) 57, 73-75, 166, 225
calculating, on command line 77, 78
calculating, programmatically 78
Hash-based Message Authentication Code (HMAC) program
running 81
hash collision 56
HashEdDSA 124
HMAC-based key derivation function (HKDF) 167
HMAC function 73
HMAC-SHA-256 function 74
hybrid encryption scheme 99
Hybrid Public Key Encryption (HPKE) 99
Hypertext Transfer Protocol (HTTP) 165
I
IDEA cipher 23
Individual Validation (IV) certificates 146
initialization vector (IV) 167
Input Key Material (IKM) 84
Input/Output (I/O) 253
Integrated Encryption Scheme (IES) 99
intermediate CA certificates 141
significance, reasons 142
intermediate CA config file
reference link 290
International Data Encryption Algorithm (IDEA) 25
Internet Engineering Task Force (IETF) 169
Internet-of-Things (IoT) devices 8, 170
IPsec 77
irreversible 85
K
KangarooTwelve (K12) 62
kdf program
running 90
KECCAK Message Authentication Code (KMAC) 74
Kernel TLS (KTLS) 5
key agreement 164
Key Derivation Function (KDF) 84
overview, supported by OpenSSL 87
parameters 85
operation 99
keypair 96
key signing parties 97
key signing party 97
keystream 18
Kuznyechik 24
L
leaf certificate 141
verifying, on command line 154
verifying, programmatically 154, 155
x509-verify program, implementing 155-158
x509-verify program, running 158
length extension attack 74
LibreSSL 9
OpenSSL, comparing with 9
Libtasn1 6
lightweight TLS libraries 8
MatrixSSL 8
Mbed TLS 8
wolfSSL 8
Local Area Networks (LANs) 24
M
MAC function 72
MAC-then-Encrypt (MtE) scheme 75
Magma 24
Man in the Middle (MITM) attack 32, 96, 97, 140, 164, 244
key fingerprint, verifying over phone 97
key, signing by trusted third party 98
key splitting 98
meeting, in person 97
master secret 167
MatrixSSL 8
Mbed TLS 8
MD4 64
MD family
functions 64
reviewing, of hash functions 64
Mercurial 58
Merkle tree structure 65
message authentication 72
Message Authentication Code (MAC) 22, 57, 72, 164
versus digital signatures 121
blockchain 58
calculating, on command line 67
calculating, programmatically 68
content identifier 58
cryptocurrencies 58
data integrity verification 56, 57
digital signatures 57
Hash-based Message Authentication Codes (HMACs) 57
need for 56
network protocols 57
password verification 58
mini-CA
running 279
running, openssl ca subcommand used 280, 281
Modification Detection Code 2 (MDC-2) 66
N
national cipher 23
national cryptographic hash functions 65
National Institute of Standards and Technology (NIST) 20, 60
National Security Agency (NSA) 60
Nettle 6
network protocols 57
Network Security Services (NSS) 7
OpenSSL, comparing with 7
non-blocking sockets 253
non-repudiation 72
non-self-signed certificate
NSS library 7
number used once (nonce) 18
O
OAEP padding 105
OCSP responder 213
OCSP, using in C programs
OCSP callback, implementing 219-224
OCSP callback, registering 219
offset codebook (OCB) mode 32
Online Certificate Status Protocol (OCSP) 140, 213, 245, 289
using 213
using, on command line 214-217
certificate revocation status, providing via 301-304
OpenBSD 9
available asymmetric encryption 98, 99
comparing, with BoringSSL 10, 11
comparing, with LibreSSL 9, 10
comparing, with lightweight TLS libraries 8, 9
comparing, with NSS 7
downloading 35
installing 35
key derivation functions, overview 87
used, for verifying TLS peer certificate 194
OpenSSL 3.0 5
openssl ca subcommand 280
used, for running mini-CA 280, 281
OpenSSL compatibility layers 4
openssl dgst subcommand 77
openssl enc file
decrypting, with AES programmatically 49, 50
decryption program, implementing 50, 51
decryption program, running 52
encrypting, with AES programmatically 44, 45
encryption program, implementing 45-48
encryption program, running 49
OpenSSL library
OpenSSL operation implementation providers 5
operating system kernel 5
Operating System (OS) 244
opportunistic TLS 165
oracle 30
Organization Validation (OV) certificates 146
output feedback (OFB) mode 32
Output Key Material (OKM) 84
P
Padding Oracle On Downgraded Legacy Encryption (POODLE) 169
partial hash inversion 58
passphrase 84
password 84
symmetric encryption key, deriving on command line 87, 88
symmetric encryption key, deriving programmatically 88, 89
versus symmetric encryption key 84
Password-Based Key Derivation Function (PBKDF) 84-86
properties 85
password hashing 64
Perfect Forward Secrecy (PFS) 164
PGP 66
PKCS #12 container 296
PKCS #12 container files
client certificates, packaging into 226-228
plaintext 16
Poly1305 8
POWER8 62
Power ISA 62
prehash function 124
preimage attacks 59
pre-master secret 167
Pretty Good Privacy (PGP) 23, 63, 97
Privacy Enhanced Mail (PEM) 103, 139, 300
propagating CBC (PCBC) mode 32
provider 5
pseudorandom cipher digit stream 18
Pseudorandom Function (PRF) 76, 167
Pseudo-Random Number Generator (PRNG) 18
public key 96
Public Key Cryptography Standard number 7 padding (PKCS #7 padding) 33
disadvantage 34
Public Key Infrastructure (PKI) 98, 244
Public or Private Key (PKEY) 102
PureEdDSA 124
Python 7
Q
R
Random Number Generator (RNG) 123
RC2 cipher 23
RC4 cipher
reviewing 22
RC5 cipher 23
RC cipher family 24
Rijndael algorithm 21
RIPEMD-160 66
Rivest-Shamir-Adleman (RSA) algorithm 98
reviewing 122
using, to decrypt programmatically 115
using, to encrypt and decrypt on command-line 105-107
root CA certificate 141
root CA config file
reference link 285
rsa-decrypt program
implementing 116
running 117
rsa-encrypt program
RSA key exchange 164
RSA keypair
S
S-boxes 24
Scrypt algorithm 88
secret key 72
Secure Multipurpose Mail Extension (S/MIME) 63
Secure Sockets Layer (SSL) 4
security
assessing, of cryptographic hash functions 59, 60
security bits 20
SEED algorithm 23
SEED cipher 24
selective forgery attack 72
self-signed certificate
Server Name Indication (SNI) 167, 268
session key 99
SHA-0 61
SHA-0 hash functions
SHA-1 hash functions
SHA-2 family
hash functions 60
reviewing, of hash functions 60, 61
SHA-2 functions 60
SHA3-256 66
SHA-3 family
reviewing, of hash functions 61, 62
SHA3 family
functions 61
SHA-256 59
SHA-512 61
SHAKE128 62
SHAKE256 62
Shang Mi 2 (SM2)
reviewing 125
signatures
subcommands, for signing and verification of 127-129
SM3 65
SM4 algorithm 23
SM4 cipher 24
Sophie Germain Counter Mode (SGCM) mode 32
Source Code Management (SCM) 58
source or sink BIOs 174
spam 59
SSL 3.0 64
SSLeay library 4
SSL/TLS library 3
standard block padding 33
stream cipher 18
Streebog 65
Subject Alternative Names (SANs) 179
SVE/SVE2 62
symmetric cipher
national cipher 23
overview, by OpenSSL 17
RC cipher family 24
reviewing, by OpenSSL 23
symmetric cipher security 19
symmetric cryptographic algorithms 20
symmetric cryptography 4
symmetric encryption algorithm 4, 16, 17, 164
symmetric encryption key 84
deriving, from password on command line 87, 88
deriving, from password programmatically 88, 89
generating 34
versus password 84
Synthetic Initialization Vector (SIV) 32
T
TLS 1.0 64
TLS 1.1 64
TLS certificate pinning 244, 245
cert_verify_callback() function, implementing 249-251
cons 246
pros 245
run_tls_client() function, modifying 247-249
tls-cert-pinning program, running 251-253
using 246
TLS client certificates
requesting 228
response generation function, implementing 230-232
using 225
verifying, on server side programmatically 228
TLS client connection
code inherited from tls-client program, modifying 235, 236
establishing, on command line 170-172
establishing, programmatically 176, 177
establishing, with client certificate programmatically 234, 235
tls-client program, implementing 177-182
tls-client program, running 182
tls-client program
running 182
TLS on non-blocking sockets
run_tls_client() function, modifying 254-260
tls-client-non-blocking program, running 260, 261
using 254
TLS on non-standard sockets 262, 263
run_tls_client() function, reimplementing 266-273
service_bios() function, implementing 264-266
tls-client-memory-bio program, running 273, 274
TLS peer certificate
verifying, with OpenSSL 194
TLS server connection
accepting, on command line 173, 174
accepting, programmatically 183, 184
certificates, preparing 172, 173
tls-server program, implementing 184-190
tls-server program, running 190-192
tls-server program
TLS socket 5
TLS (Transport Layer Security) 4
TLS Working Group (TLS WG) 169
Transmission Control Protocol (TCP) 165
Transport Layer Security (TLS) 98, 243
Triple DES (3DES) 21
TrueCrypt 66
Trusted Third Parties 141
twisted Edwards curves 124
two-clause BSD license 8
U
universal forgery attack 72
User Datagram Protocol (UDP) 165
V
VeraCrypt 66
verify depth 195
W
Whirlpool 66
wolfSSL 8
X
x86/x86_64 62
fields 139
X.509 certificates 3, 4, 57, 164
generating, stages 144
X.509 Public Key Infrastructure (PKI) 147
X509v3 extensions 146, 147, 301
x509-verify program
running 158
XOR (eXclusive OR) 18
Z
zero round-trip time (0-RTT) 170