Tree: guardian ssl

From RFID Wiki

[edit] Guardian SSL

Some communications between Guardian and host, reader or fellow-Guardian must be encrypted. A patched version OpenSSL-0.9.7g is required.

OpenSSL uses a communication abstraction, BIO. A BIO for RFID 15693 is found in ~MRG/src/ssl/rfid-frame-bio/15693. On the other hand, the Guardian emulator modules use OpenSSL's socket BIO.

Encryption can be bypassed by directly accessing the BIO.

Depends on:

RFID protocol stacks

OpenSSL

OpenSSL needed to be slightly modified and configured to minimalism. For that, we provide a patch for OpenSSL-0.9.7g in ~MRG/openssl/ecos/openssl-0.9.7g

Spoofer

The Guardian SSL BIO uses read/write multiple block commands. However, neither the block size nor the number of blocks is fixed. To establish values for these, a Reader uses the GetSysInfo command to retrieve the values for 'the' spoofer tag. The SSL BIO blocksize is then determined.

Guardian Discovery

One of the steps in Guardian Discovery is authentication of the Reader through the standard SSL handshake.

Retrieved from "http://www.rfidguardian.org/index.php/Tree:_guardian_ssl"

Category: All