Assignment # A5− P 1 (Computer Security and Privacy ) Solution



This assignment requires you to implement an SSL client-server system. The system must work as follows:


Consider the following two entities: a certifying authority “A” and a server


Use OpenSSL to create a signing key pair (choose any digital signature sup- ported by SSL) (pkA , skA ) for A, and a public key encryption pair (pkS , skS ) for server S.

Generate, using OpenSSL, a self signed certificate (certAA ) for A binding the public key pkA to A’s identity.

Make A issue, using OpenSSL, a certificate to S (certAS ) binding pkS to S’s identity .

Client-Server Communication:

The server will start (say at host with ip address a.b.c.d and port number 3001)

in passive mode listening for a transmission from the client.

The client will initiate an SSL connection (at a host with ip address different from a.b.c.d) to contact the server (at a.b.c.d and port 3001).

As part of the SSL connection, the server S must send back both the certificates certA→A and certA→S .

The client must be equipped with the public key pkA of A to verify both

these certificates.

Upon acceptance of the SSL connection, the client will pass two integers to the server.

On receiving the integers, the server should add both the integers and send the result back to client.

The client will display the result and exit.