Test And Analysis Of OpenSSL Handshake Process

Network is changing people's life and more and more people have paid attention to how to protect the data transported on the network. SSL and its successor TLS are main part of Internet security protocols. OpenSSL is an excellent, powerful and open source implementation of SSL and TLS. Both of SSL/TLS and OpenSSL have been widely deployed and followed with interest. There have been many domestic and overseas papers and books to discuss them. But most of these papers and books concern the applications of SSL/TLS or OpenSSL rather than the deep analysis of the protocol details or the relative part of code in OpenSSL. The implementations of SSL/TLS known by now all come from foreign countries. As an open source software package, OpenSSL provides a valuable source which can be used to employ and implement SSL. But so far, we have not known the relationship between OpenSSL and SSL and whether OpenSSL is authentic. It is only treated as a black box.The handshake protocol is the most important and complex part of SSL protocol and it is worthy of being learnt. It makes sense to analyse a classical handshake process. It is a new try to employ a method called'capture and analyse'to analyse SSL protocol and relative code in OpenSSL, which means first we get real data from inside of the source code and then analyse the data combining the protocol and source code together. The purpose is to unpack the OpenSSL black box and to know it and SSL protocol better.The analysis of handshake process will concern two aspects, including the structure, meaning and function of each handshake message as well as the critical calculations. There are differences between SSL v3.0 and TLS v1.0. The study of OpenSSL source code can help us to clarify some actions and ambiguous arguments in the protocol specifications. OpenSSL shows a concrete SSL protocol.The analysis of classical handshake process will come into being a base for the study of any other form of handshake or any other aspects of SSL protocol and OpenSSL.