Upload
ugo
View
31
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Applied Cryptography Week 10. Michael McCarthy SSL and Key Management. “SOAP is going to open up a whole new avenue for security vulnerabilities” Bruce Schneier, June 2000. Web Apps & Web Services using SSL. Server Authentication Client Authentication Configuring Tomcat for SSL - PowerPoint PPT Presentation
Citation preview
95-804 Applied Cryptography Week 10 SSL and Key Management
1
Applied CryptographyWeek 10
Michael McCarthy
SSL and Key Management
95-804 Applied Cryptography Week 10 SSL and Key Management
2
“SOAP is going to open up a whole new avenue for security vulnerabilities”
Bruce Schneier, June 2000
95-804 Applied Cryptography Week 10 SSL and Key Management
3
Web Apps & Web Services using SSL
• Server Authentication
• Client Authentication
• Configuring Tomcat for SSL
• Writing an SSL servlet for a browser
• Writing an SSL JAXM servlet for a SOAP client
95-804 Applied Cryptography Week 10 SSL and Key Management
4
SSL Overview
• Developed by Netscape Communications • Authenticates servers (and optionally clients)• Performs secret key exchange like Diffie-Hellman• Data is encrypted with the exchanged key• Clients do not need to provide a certificate but may be required to by the server • Client authentication is typically done in the application layer• Servers must provide a certificate• Normally uses RSA• Data integrity provided by Message Authentication Codes
95-804 Applied Cryptography Week 10 SSL and Key Management
5
SSL Detail
• Runs on top of TCP/IP
• Uses session key encryption
• Most commonly used to secure HTTP
(HTTPS)
• Is an extension of sockets
• Begins with a handshake
95-804 Applied Cryptography Week 10 SSL and Key Management
6
Abbreviated Handshake (1)
1) Client sends to server
-- SSL versions supported by the client
-- 32 bytes of random data
-- a made up session ID
-- a list of supported ciphers
-- a list of supported compression methods
95-804 Applied Cryptography Week 10 SSL and Key Management
7
Abbreviated Handshake (2)
• The server responds with
-- SSL version selected from client’s list
-- 32 bytes of server generated random data
-- The session ID
-- A cipher chosen from the client list
-- The selected compression method
-- A signed public key (certificate)
-- (Perhaps) a request for the client’s certificate
95-804 Applied Cryptography Week 10 SSL and Key Management
8
Abbreviated Handshake (3)
• The client -- checks the server’s certificate -- sends a client certificate (if required) -- sends (RSA encrypted) 48 bytes of random data for the construction of a session key -- if client authentication is required the client hashes all of this and signs the hash with its private key
95-804 Applied Cryptography Week 10 SSL and Key Management
9
Abbreviated Handshake (4)
• The server and client share a session key• All communication is now handled with symmetric key encryption• Programmers must make very few changes
to their code – just use InputStreams and OutputStreams extracted from SSLSockets rather that regular sockets
95-804 Applied Cryptography Week 10 SSL and Key Management
10
Writing a simple SSL Client• All SSL clients must have a truststore
• If a client is to be verified by the server then the client needs a keystore as well as a truststore
• The truststore
- holds trusted certificates (signed public keys of CA’s)- is in the same format as a keystore- is an instance of Java’s KeyStore class- is used by the client to verify the certificate sent by the server- may be shared with others
95-804 Applied Cryptography Week 10 SSL and Key Management
11
Creating a Truststore
(1) Use keytool –genkey to create an RSA key pair
(2) Use keytool –export to generate a self-signed RSA certificate (holding no private key)
(3) Use keytool –import to place the certificate into a truststore
95-804 Applied Cryptography Week 10 SSL and Key Management
12
(1) Use keytool –genkey to create an RSA key pair
D:\McCarthy\www\95-804\examples\keystoreexamples>keytool -genkey -alias mjm -keyalg RSA -keystore mjmkeystore
Enter keystore password: sesame
What is your first and last name? [Unknown]: Michael McCarthy
What is the name of your organizational unit? [Unknown]: Heinz School
What is the name of your organization? [Unknown]: CMU
95-804 Applied Cryptography Week 10 SSL and Key Management
13
What is the name of your City or Locality? [Unknown]: Pittsburgh
What is the name of your State or Province? [Unknown]: PA
What is the two-letter country code for this unit? [Unknown]: US
Is CN=Michael McCarthy, OU=Heinz School, O=CMU,L=Pittsburgh, ST=PA, C=US correct? [no]: yes
Enter key password for <mjm> (RETURN if same as keystore password): <RT>
95-804 Applied Cryptography Week 10 SSL and Key Management
14
D:\McCarthy\www\95-804\examples\keystoreexamples>dir /w Volume in drive D has no label. Volume Serial Number is 486D-D392
Directory of D:\McCarthy\www\95-804\examples\keystoreexamples
[.] [..] mjmkeystore
95-804 Applied Cryptography Week 10 SSL and Key Management
15
(2) Use keytool –export to generate a self-signed RSA certificate (holding no private key)
D:\McCarthy\www\95-804\examples\keystoreexamples>keytool -export -alias mjm -keystore mjmkeystore -file mjm.cerEnter keystore password: sesameCertificate stored in file <mjm.cer>
D:\McCarthy\www\95-804\examples\keystoreexamples>dir /w Volume in drive D has no label. Volume Serial Number is 486D-D392
Directory of D:\McCarthy\www\95-804\examples\keystoreexamples
[.] [..] mjm.cer mjmkeystore
95-804 Applied Cryptography Week 10 SSL and Key Management
16
(3) Use keytool –import to place the certificate into a truststore
D:\McCarthy\www\95-804\examples\keystoreexamples>keytool -import -alias mjm -keystore mjm.truststore -file mjm.cer
Enter keystore password: sesameOwner: CN=Michael McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US
Issuer: CN=Michael McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US
95-804 Applied Cryptography Week 10 SSL and Key Management
17
Serial number: 3e60f3ceValid from: Sat Mar 01 12:54:22 EST 2003 until: Fri May 30 13:54:22 EDT 2003Certificate fingerprints:
MD5: 80:F4:73:23:4C:B4:32:4C:5F:E0:8A:B1:4D:1E:A3:0D
SHA1: 19:06:31:54:72:ED:B8:D5:B3:CF:38:07:66:B5:78:1A:34:16:56:07Trust this certificate? [no]: yesCertificate was added to keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
18
D:\McCarthy\www\95-804\examples\keystoreexamples>dir /w Volume in drive D has no label. Volume Serial Number is 486D-D392
Directory of D:\McCarthy\www\95-804\examples\keystoreexamples
[.] [..] mjm.cer mjm.truststore mjmkeystore 5 File(s) 2,615 bytes
mjmkeystore will be placed in the server’s directorySSL will send the associated certificate to the client
mjm.truststore will be placed in the client’s directory
95-804 Applied Cryptography Week 10 SSL and Key Management
19
File OrganizationD:\McCarthy\www\95-804\examples\keystoreexamples>tree /fDirectory PATH listingVolume serial number is 0012FC94 486D:D392D:.├───clientcode│ mjm.truststore | Client.java│└───servercode mjmkeystore Server.java
95-804 Applied Cryptography Week 10 SSL and Key Management
20
Client.javaimport java.io.*;import javax.net.ssl.*;import java.net.*;import javax.net.*;
public class Client { public static void main(String args[]) {
int port = 6502; try { // tell the system who we trust System.setProperty("javax.net.ssl.trustStore","mjm.truststore");
95-804 Applied Cryptography Week 10 SSL and Key Management
21
// get an SSLSocketFactorySocketFactory sf = SSLSocketFactory.getDefault();
// an SSLSocket "is a" SocketSocket s = sf.createSocket("localhost",6502); PrintWriter out = new PrintWriter(s.getOutputStream());BufferedReader in = new BufferedReader( new InputStreamReader( s.getInputStream()));out.write("Hello server\n");out.flush();String answer = in.readLine(); System.out.println(answer);
95-804 Applied Cryptography Week 10 SSL and Key Management
22
out.close(); in.close(); } catch(Exception e) { System.out.println("Exception thrown " + e); } }}
95-804 Applied Cryptography Week 10 SSL and Key Management
23
Server.java// Server side SSL import java.io.*;import java.net.*;import javax.net.*;import javax.net.ssl.*;import java.security.*;
public class Server {
// hold the name of the keystore containing public and private keys static String keyStore = "mjmkeystore";
// password of the keystore (same as the alias) static char keyStorePass[] = "sesame".toCharArray();
95-804 Applied Cryptography Week 10 SSL and Key Management
24
public static void main(String args[]) {
int port = 6502; SSLServerSocket server;
try { // get the keystore into memory KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keyStore), keyStorePass);
// initialize the key manager factory with the keystore data KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks,keyStorePass);
95-804 Applied Cryptography Week 10 SSL and Key Management
25
// initialize the SSLContext engine// may throw NoSuchProvider or NoSuchAlgorithm exception// TLS - Transport Layer Security most generic
SSLContext sslContext = SSLContext.getInstance("TLS");
// Inititialize context with given KeyManagers, TrustManagers, // SecureRandom defaults taken if null
sslContext.init(kmf.getKeyManagers(), null, null);
// Get ServerSocketFactory from the context objectServerSocketFactory ssf = sslContext.getServerSocketFactory();
95-804 Applied Cryptography Week 10 SSL and Key Management
26
// Now like programming with normal server sockets ServerSocket serverSocket = ssf.createServerSocket(port);
System.out.println("Accepting secure connections"); Socket client = serverSocket.accept();System.out.println("Got connection"); BufferedWriter out = new BufferedWriter( new OutputStreamWriter( client.getOutputStream()));BufferedReader in = new BufferedReader( new InputStreamReader( client.getInputStream()));
95-804 Applied Cryptography Week 10 SSL and Key Management
27
String msg = in.readLine(); System.out.println("Got message " + msg); out.write("Hello client\n"); out.flush(); in.close(); out.close();
} catch(Exception e) { System.out.println("Exception thrown " + e); } }}
95-804 Applied Cryptography Week 10 SSL and Key Management
28
On the serverD:\McCarthy\www\95-804\examples\keystoreexamples\servercode>java ServerAccepting secure connectionsGot connectionGot message Hello server
95-804 Applied Cryptography Week 10 SSL and Key Management
29
On the client
D:\McCarthy\www\95-804\examples\keystoreexamples\clientcode>java ClientHello client
95-804 Applied Cryptography Week 10 SSL and Key Management
30
What we have so far…
The Client
Has a list of public keys it trusts in the file mjm.truststore
Has no public/private key pair of its own
The Server
Has no list of trusted public keys in a truststore
Has a public/private key pair of its own
95-804 Applied Cryptography Week 10 SSL and Key Management
31
Important resource
Client
Server
Company Issued PublicKey
Unknown Server’s Signedpublic Key
SSL Server Authentication
truststore
keystore
Should the client workwith this server? Yes, if and only if the server’s public key has been signed by the Company IssuedPublic Key.
95-804 Applied Cryptography Week 10 SSL and Key Management
32
For client authentication we need
(1) To generate a key pair for the client(2) Extract a client certificate from the key pair(3) Copy the certificate to the server(4) Import this certificate into the server's truststore(5) Have the server code trust the truststore(6) Have the client code know about its own keys
95-804 Applied Cryptography Week 10 SSL and Key Management
33
Important resource
Client
Server
Company Issued PublicKey
Unknown Server’s Signedpublic Key
Client/Server Authentication
Unknown Client’s Signedpublic key
Company Issued PublicKeyImportant Resource
truststore
truststorekeystore
keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
34
(1) Generate a key pair for the client
D:\McCarthy\www\95-804\examples\keystoreexamples3\client>keytool -genkey -alias mjmclient -keyalg RSA -keystore mjmclientkeystore
Enter keystore password: sesameWhat is your first and last name? [Unknown]: Michael J. McCarthyWhat is the name of your organizational unit? [Unknown]: Heinz SchoolWhat is the name of your organization? [Unknown]: CMU
95-804 Applied Cryptography Week 10 SSL and Key Management
35
What is the name of your City or Locality? [Unknown]: PittsburghWhat is the name of your State or Province? [Unknown]: PAWhat is the two-letter country code for this unit? [Unknown]: USIs CN=Michael J. McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US correct? [no]: yes
Enter key password for <mjmclient> (RETURN if same as keystore password):<RT>
Created mjmclientkeystore
95-804 Applied Cryptography Week 10 SSL and Key Management
36
(2) Extract a client certificate from the key pair
D:\McCarthy\www\95-804\examples\keystoreexamples3\client>keytool -export -alias mjmclient -keystore mjmclientkeystore -file mjmclient.cer
Enter keystore password: sesameCertificate stored in file <mjmclient.cer>
Created mjmclient.cer
95-804 Applied Cryptography Week 10 SSL and Key Management
37
(3) Copy the certificate to the server
D:\McCarthy\www\95-804\examples\keystoreexamples3\server>dir
03/05/03 12:25p 602 mjmclient.cer03/01/03 12:54p 1,363 mjmkeystore03/05/03 01:49p 2,670 Server.class03/05/03 01:48p 2,740 Server.java
95-804 Applied Cryptography Week 10 SSL and Key Management
38
(4) Import the certificate into the server's truststore
D:\McCarthy\www\95-804\examples\keystoreexamples3\server>
keytool -import -alias mjmclient -keystore mjmclient.trustore -file mjmclient.cer
Enter keystore password: sesameOwner: CN=Michael J. McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US
Issuer: CN=Michael J. McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US
95-804 Applied Cryptography Week 10 SSL and Key Management
39
Serial number: 3e663114Valid from: Wed Mar 05 12:17:08 EST 2003 until: Tue Jun 03 13:17:08 EDT 2003
Certificate fingerprints:MD5: 8F:87:63:CD:0B:BD:FA:E7:21:7C:0C:B0:C2:CC:2C:14SHA1: 4A:C8:ED:BB:1A:C4:B9:32:A5:37:03:2F:4C:A3:3C:34:A3:33:9B:C8Trust this certificate? [no]: yesCertificate was added to keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
40
D:\McCarthy\www\95-804\examples\keystoreexamples3\server>dir Volume in drive D has no label. Volume Serial Number is 486D-D392
Directory of server
03/05/03 12:25p 602 mjmclient.cer03/05/03 12:35p 668 mjmclient.trustore03/01/03 12:54p 1,363 mjmkeystore03/01/03 10:40p 2,942 Server.class03/01/03 10:40p 3,798 Server.java 9 File(s) 18,184 bytes
95-804 Applied Cryptography Week 10 SSL and Key Management
41
(5) Have the server code trust the truststore
// Server side SSL import java.io.*;import java.net.*;import javax.net.*;import javax.net.ssl.*;import java.security.*;
public class Server {
// hold the name of the keystore containing public and private keys static String keyStore = "mjmkeystore";
// password of the keystore (same as the alias) static char keyStorePass[] = "sesame".toCharArray();
95-804 Applied Cryptography Week 10 SSL and Key Management
42
public static void main(String args[]) {
int port = 6502; SSLServerSocket server;
try { // get the keystore into memory KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keyStore), keyStorePass);
// initialize the key manager factory with the keystore data
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks,keyStorePass);
95-804 Applied Cryptography Week 10 SSL and Key Management
43
// tell the system who we trust, we trust the client's certificate// in mjmclient.truststore
System.setProperty("javax.net.ssl.trustStore", "mjmclient.truststore");
// initialize the SSLContext engine
// may throw NoSuchProvider or NoSuchAlgorithm exception// TLS - Transport Layer Security most generic
SSLContext sslContext = SSLContext.getInstance("TLS");// Inititialize context with given KeyManagers, TrustManagers, // SecureRandom// defaults taken if nullsslContext.init(kmf.getKeyManagers(), null, null);
95-804 Applied Cryptography Week 10 SSL and Key Management
44
// Get ServerSocketFactory from the context object ServerSocketFactory ssf = sslContext.getServerSocketFactory();
// Now almost like programming with normal server sockets ServerSocket serverSocket = ssf.createServerSocket(port); ((SSLServerSocket)serverSocket).setNeedClientAuth(true); System.out.println("Accepting secure connections"); Socket client = serverSocket.accept(); System.out.println("Got connection"); PrintWriter out = new PrintWriter(client.getOutputStream(),true); BufferedReader in = new BufferedReader( new InputStreamReader( client.getInputStream()));
95-804 Applied Cryptography Week 10 SSL and Key Management
45
String fromClient = in.readLine(); System.out.println(fromClient); out.println("Hello client\n"); out.flush(); in.close(); out.close(); System.out.println("Data sent");
} catch(Exception e) { System.out.println("Exception thrown " + e); } }}
95-804 Applied Cryptography Week 10 SSL and Key Management
46
(6) Have the client code know about its own keys
import java.net.*;import java.io.*;import javax.net.ssl.*;import javax.security.cert.X509Certificate;import java.security.KeyStore;
public class Client { public static void main(String args[]) {
int port = 6502; // tell the system who we trust System.setProperty("javax.net.ssl.trustStore","mjm.truststore");
95-804 Applied Cryptography Week 10 SSL and Key Management
47
try { SSLSocketFactory factory = null; try { SSLContext ctx;
KeyManagerFactory kmf;KeyStore ks;char[] passphrase = "sesame".toCharArray();ctx = SSLContext.getInstance("TLS");kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream("mjmclientkeystore"), passphrase); kmf.init(ks, passphrase); ctx.init(kmf.getKeyManagers(), null, null); factory = ctx.getSocketFactory(); } catch (Exception e) { throw new IOException(e.getMessage()); }
95-804 Applied Cryptography Week 10 SSL and Key Management
48
SSLSocket s = (SSLSocket)factory.createSocket("localhost", port);s.startHandshake(); PrintWriter out = new PrintWriter(s.getOutputStream());BufferedReader in = new BufferedReader( new InputStreamReader( s.getInputStream()));out.write("Hello server\n");out.flush();String answer = in.readLine(); System.out.println(answer);out.close();in.close();}catch(Exception e) { System.out.println("Exception thrown " + e); } }}
95-804 Applied Cryptography Week 10 SSL and Key Management
49
Testing
D:…\server>java ServerAccepting secure connectionsGot connectionHello serverData sent D:\…\client>java Client
Hello client
95-804 Applied Cryptography Week 10 SSL and Key Management
50
Testing after deleting the server’s truststore
D:…\server>java ServerAccepting secure connectionsGot connection
Exception thrown javax.net.ssl.SSLHandshakeException: Couldn't find trusted certificate
D:\…\client>java ClientException thrown javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
95-804 Applied Cryptography Week 10 SSL and Key Management
51
Testing after deleting the client’s truststore
D:..\server\java ServerAccepting secure connectionsGot connectionException thrown javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
D:\…\client>java ClientException thrown javax.net.ssl.SSLHandshakeException: Couldn't find trusted certificate
95-804 Applied Cryptography Week 10 SSL and Key Management
52
Configuring Tomcat for SSL
The web server needs a certificate so that the clientcan identify the server.
The certificate may be signed by a Certificate Authorityor it may be self-signed.
The web server needs a private key as well.
95-804 Applied Cryptography Week 10 SSL and Key Management
53
D:\McCarthy\www\95-804\examples\SSLAndTomcat>keytool -genkey -keyalg RSA -alias tomcat -keystore .keystore
Enter keystore password: sesame
What is your first and last name? [Unknown]: localhostWhat is the name of your organizational unit? [Unknown]: Heinz SchoolWhat is the name of your organization? [Unknown]: CMUWhat is the name of your City or Locality? [Unknown]: Pgh.What is the name of your State or Province? [Unknown]: PA
Generate public andprivate keys forTomcat
The keystore file is called .keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
54
What is the two-letter country code for this unit? [Unknown]: USIs CN=localhost, OU=Heinz School, O=CMU, L=Pgh., ST=PA, C=US correct? [no]: yes
Enter key password for <tomcat> (RETURN if same as keystore password):<RT>
D:\McCarthy\www\95-804\examples\SSLAndTomcat>
95-804 Applied Cryptography Week 10 SSL and Key Management
55
Use admin tool to tell Tomcat about SSL
(1) Startup Tomcat(2) Run the admin server with http://localhost:8080/admin(3) Log in with your user name and password(4) Select Service (Java Web Service Developer Pack)(5) Select Create New Connector from the drop down list in the right pane(6) In the type field enter HTTPS(7) In the port field enter 8443(8) Enter complete path to your .keystore file(9) Enter keystore password(10) Select SAVE and then Commit Changes
Tell Tomcatabout .keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
56
Testing
Shutdown Tomcat.
Visit Tomcat from a browser.
Use https://localhost:8443/
You can also visit your other installed web apps through https.
95-804 Applied Cryptography Week 10 SSL and Key Management
57
95-804 Applied Cryptography Week 10 SSL and Key Management
58
95-804 Applied Cryptography Week 10 SSL and Key Management
59
95-804 Applied Cryptography Week 10 SSL and Key Management
60
Recall the Goals Of Secure Voting
• Only Authorized Voters Can Vote• No one can vote more than once• No one can determine for whom anyone else voted• No one can duplicate anyone else’s vote• No one can change anyone else’s vote without
being discovered• Every voter can make sure that his vote has been
taken into account in the final tabulation.
95-804 Applied Cryptography Week 10 SSL and Key Management
61
Recall The First Attempt
• Each voter encrypts his vote with the public key of a Central Tabulating Facility (CTF)
• Each voter send his vote in to the CTF
• The CTF decrypts the votes, tabulates them, and makes the results public
95-804 Applied Cryptography Week 10 SSL and Key Management
62
VoterServlet.java (Using a browser)// VoterServlet.java -- Handle the voting form sent by index.html
import java.io.*;import javax.servlet.*;import javax.servlet.http.*;
public class VoterServlet extends HttpServlet {
public void doPost(HttpServletRequest req, HttpServletResponse response) throws ServletException, IOException { doGet(req, response); }
95-804 Applied Cryptography Week 10 SSL and Key Management
63
public void doGet(HttpServletRequest req, HttpServletResponse response) throws ServletException, IOException { String scheme = req.getScheme(); if(scheme.equals("https")) {
String newPresident = req.getParameter("president"); System.out.println("Got Connection"); response.setContentType("text/html");
PrintWriter out = response.getWriter();
95-804 Applied Cryptography Week 10 SSL and Key Management
64
String docType = "<!DOCTYPE HTML PUBLIC \"//W3C//DTD HTML 4.0 "; docType += "Transitional//EN\">\n";
out.println(docType + "<HTML>\n" + "<HEAD><TITLE>Presidential Servlet" + "</TITLE></HEAD>\n" + "<BODY>\n" + "<H1>The new president is "+ newPresident + "</H1>\n" + "</BODY></HTML>"); } }
}
95-804 Applied Cryptography Week 10 SSL and Key Management
65
index.html<html> <head> <title>Democracy</title> </head> <body BGCOLOR="WHITE"> <form action="https://localhost:8443/VoteServlet/VoterServlet/"> <dl> <dt> Please Vote </dt> <dd><Input type = "Radio" name = "president" value= "Bush"> <b>George W. Bush</b> <dd><Input type = "Radio" name = "president“ value = "Gore"> Al Gore <dd><Input type = "Radio" name = "president“ value = "Buchanan"> Pat Buchanan
95-804 Applied Cryptography Week 10 SSL and Key Management
66
<dd><Input type = "Radio" name = "president" value = "Nader"> Ralph Nader <p> <input type = "submit"> </dl> </form> </body> </html>
95-804 Applied Cryptography Week 10 SSL and Key Management
67
95-804 Applied Cryptography Week 10 SSL and Key Management
68
95-804 Applied Cryptography Week 10 SSL and Key Management
69
File OrganizationD:\MCCARTHY\WWW\95-804\EXAMPLES\PRESIDENT│ build.properties build.properties contains app.path=/VoteServlet│ build.xml holds ant program│├───build build directory created by ant compile│ │ index.html the html file asking for a vote│ ││ └───WEB-INF│ │ │ │ web.xml deployment descriptor│ ││ ├───classes│ │ VoterServlet.class the compiled servlet│ ││ └───lib
95-804 Applied Cryptography Week 10 SSL and Key Management
70
├───src src directory holds servlet│ VoterServlet.java servlet│└───web │ index.html the html file asking for vote │ └───WEB-INF │ │ web.xml the deployment descriptor that maps │ a URL pattern to the servlet └───classes
95-804 Applied Cryptography Week 10 SSL and Key Management
71
Web.xml deployment descriptorD:\McCarthy\www\95-804\examples\president\web\WEB-INF>type web.xml<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"> <web-app> <servlet> <servlet-name>VoteForPres</servlet-name> <servlet-class>VoterServlet</servlet-class> <load-on-startup/> </servlet>
95-804 Applied Cryptography Week 10 SSL and Key Management
72
<servlet-mapping> <servlet-name>VoteForPres</servlet-name> <url-pattern>/VoterServlet/*</url-pattern> </servlet-mapping></web-app>
95-804 Applied Cryptography Week 10 SSL and Key Management
73
Build.properties
D:\McCarthy\www\95-804\examples\president>type build.properties# Context path to install this application onapp.path=/VoteServlet
# Tomcat 4 installation directorycatalina.home=d:/jwsdp-1_0_01
# Established when installing the JWSDPmanager.username=XXXXXXRequired and case sensitivemanager.password=XXXXXXRequired and case sensitive
95-804 Applied Cryptography Week 10 SSL and Key Management
74
Voting (The CTF is a Web Service)
Use Java API for XML Messaging (JAXM)
Work with a new kind of servlet
The input is a SOAP message and the output is a SOAPMessage
Tomcat has a keystore (.keystore) that sends certificates self-signed by localhost
The client trusts certificates signed by localhost
95-804 Applied Cryptography Week 10 SSL and Key Management
75
NoteThere may be sever copies of the file java.security on yoursystem. Make sure they all contain the line:
security.provider.n=com.sun.net.ssl.internal.ssl.Provider
95-804 Applied Cryptography Week 10 SSL and Key Management
76
Output First
D:..\examples\SOAPAndSSL\server>shutdownD:..\examples\SOAPAndSSL\server>startupD:..\examples\SOAPAndSSL\server>ant installBuildfile: build.xmlprepare:compile:install: [install] OK - Installed application at context path /Vote [install]BUILD SUCCESSFULTotal time: 1 minute 33 secondsD:\McCarthy\www\95-804\examples\SOAPAndSSL\server>
Server Side
95-804 Applied Cryptography Week 10 SSL and Key Management
77
Output First – SOAP ClientClient Side
D:..\examples\SOAPAndSSL\client>java VotingClient NixonSending the following message<?xml version="1.0" encoding="UTF-8"?><soap-env:Envelope xmlns:soap-env= "http://schemas.xmlsoap.org/soap/envelope/"> <soap-env:Header/> <soap-env:Body>Nixon </soap-env:Body></soap-env:Envelope>
95-804 Applied Cryptography Week 10 SSL and Key Management
78
providers com.sun.net.ssl.internal.www.protocol
Got back the following response
<?xml version="1.0" encoding="UTF-8"?><soap-env:Envelope xmlns:soap-env= "http://schemas.xmlsoap.org/soap/envelope/"> <soap-env:Header/> <soap-env:Body>Vote for Nixon accepted </soap-env:Body></soap-env:Envelope>The result is Vote for Nixon accepted
D:..\examples\SOAPAndSSL\client>
95-804 Applied Cryptography Week 10 SSL and Key Management
79
A SOAP CLIENT Using SSL// VotingClient.java
// for wrapping a SOAP documentimport javax.xml.soap.*;
// for sending the SOAP documentimport javax.xml.messaging.*;
// Standard Java importsimport java.io.*;import java.net.URL;import java.util.Iterator;import java.math.*;import java.security.*;
95-804 Applied Cryptography Week 10 SSL and Key Management
80
// For writing the XML documentimport org.apache.xml.serialize.XMLSerializer; // not standardimport org.apache.xml.serialize.OutputFormat; // not standardimport org.xml.sax.InputSource;
public class VotingClient {
// Establish a connection and a message factory private SOAPConnectionFactory soapConnectionFactory; private MessageFactory messageFactory;
95-804 Applied Cryptography Week 10 SSL and Key Management
81
public VotingClient() throws SOAPException { // get connection factory soapConnectionFactory = SOAPConnectionFactory.newInstance(); // get a message factory messageFactory = MessageFactory.newInstance(); // set system property to point to our provider System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); } public String castVote(String candidate) throws IOException, SOAPException { // invoke web service SOAPMessage result = sendInVote(candidate); return handleResult(result); }
95-804 Applied Cryptography Week 10 SSL and Key Management
82
private SOAPMessage sendInVote(String candidate) {
SOAPMessage soapResponse = null; try {
// get a SOAPConnection from the factory SOAPConnection soapConnection = soapConnectionFactory.createConnection(); // get a SOAPMessage from the factory SOAPMessage soapRequest = messageFactory.createMessage();
// Establish the truststore of who this client trusts System.setProperty("javax.net.ssl.trustStore","tomcat.truststore");
// establish a url endpoint for the SSL request URLEndpoint urlEndpoint = new URLEndpoint( "https://localhost:8443/Vote/VotingServlet");
95-804 Applied Cryptography Week 10 SSL and Key Management
83
// place a vote in the SOAP body SOAPPart sp = soapRequest.getSOAPPart();
SOAPEnvelope se = sp.getEnvelope(); SOAPBody sb = se.getBody(); SOAPHeader sh = se.getHeader();
sb.addTextNode(candidate);
System.out.println("Sending the following message"); soapRequest.writeTo(System.out);
soapResponse = soapConnection.call(soapRequest, urlEndpoint);
System.out.println("Got back the following response"); soapResponse.writeTo(System.out); soapConnection.close();
95-804 Applied Cryptography Week 10 SSL and Key Management
84
} catch(SOAPException se) { System.out.println("I found the SOAP exception" + se); } catch(IOException ioe) {
System.out.println("IO Exception thrown"); } return soapResponse; }
95-804 Applied Cryptography Week 10 SSL and Key Management
85
private String handleResult(SOAPMessage fromVotingServlet) throws SOAPException {
Text value; try {
SOAPPart sr = fromVotingServlet.getSOAPPart(); SOAPEnvelope sre = sr.getEnvelope(); SOAPBody srb = sre.getBody(); SOAPHeader srh = sre.getHeader();
Iterator iter = srb.getChildElements(); value = (Text)iter.next();
}
95-804 Applied Cryptography Week 10 SSL and Key Management
86
catch(Exception er) { System.out.println("Exception in handleResult()" + er); return null; }
return (String)(value.getValue()); } public static void main(String a[]) throws Exception {
VotingClient vc = new VotingClient(); String result = vc.castVote(a[0]); System.out.println("The result is " + result); }
}
95-804 Applied Cryptography Week 10 SSL and Key Management
87
SOAP Servlet Using SSL
// JAXM servlet VotingServlet.java// Takes a vote from the SOAP body and returns a SOAP response // to the client
import java.io.IOException;import java.util.Iterator;
import javax.servlet.*;import javax.xml.messaging.*;import javax.xml.soap.*;import java.util.*;
95-804 Applied Cryptography Week 10 SSL and Key Management
88
public class VotingServlet extends JAXMServlet implements ReqRespListener {
// we need to create a return message private MessageFactory messageFactory;
// onMessage hit on each visit public SOAPMessage onMessage( SOAPMessage messageIn ) {
try { // read data from input message SOAPPart inSoapPart = messageIn.getSOAPPart(); SOAPEnvelope inSoapEnvelope = inSoapPart.getEnvelope();
SOAPBody inSoapBody = inSoapEnvelope.getBody();
95-804 Applied Cryptography Week 10 SSL and Key Management
89
Iterator it = inSoapBody.getChildElements();
Text content = (Text)it.next();
System.out.println("Collected vote for " +content.getValue());
// Build SOAP response
messageFactory = MessageFactory.newInstance();
SOAPMessage messageOut = messageFactory.createMessage();
SOAPPart soapPart = messageOut.getSOAPPart(); SOAPEnvelope soapEnvelope = soapPart.getEnvelope();SOAPBody soapBody = soapEnvelope.getBody();
95-804 Applied Cryptography Week 10 SSL and Key Management
90
soapBody.addTextNode( "Vote for " + content.getValue() + " accepted");
return messageOut;}catch(NullPointerException np) {
System.out.println("Null pointer all bets are off");return null;
} catch(SOAPException s) { System.out.println("Voting Servlet SOAP Exception"); return null;}catch(Exception e) { System.out.println("exception " + e); return null;}}}
95-804 Applied Cryptography Week 10 SSL and Key Management
91
Recall the Second Attempt
• Each voter signs his vote with his private key
• Each voter encrypts his signed vote with the CTF’s public key
• Each voter send his vote to the CTF• The CTF decrypts the votes, checks the
signature, tabulates the votes and makes the results public
95-804 Applied Cryptography Week 10 SSL and Key Management
92
Send Vote With SOAP over HTTPS (Client & Server Authentication)
What we have so far:
SOAP Client SOAP Server
-- has a truststore but no -- has a file called keys of its own .keystore holding keysWe need to:
-- give the client some keys -- set the server to trust those keys
95-804 Applied Cryptography Week 10 SSL and Key Management
93
Client Authentication
(1) Generate a key set for the client(2) Generate a certificate from the keys(3) Place the certificate in the server’s keystore(4) Tell Tomcat to authenticate clients(5) Tell the client to load its keys for SSL
95-804 Applied Cryptography Week 10 SSL and Key Management
94
(1) Generate a key set for the client
D:..\examples\SOAPAndSSL\client>keytool -genkey -alias mjm -keyalg RSA -storepass sesame -keystore client.keystore
What is your first and last name? [Unknown]: Michael McCarthyWhat is the name of your organizational unit? [Unknown]: Heinz SchoolWhat is the name of your organization? [Unknown]: CMUWhat is the name of your City or Locality? [Unknown]: Pittsburgh
95-804 Applied Cryptography Week 10 SSL and Key Management
95
What is the name of your State or Province? [Unknown]: PAWhat is the two-letter country code for this unit? [Unknown]: USIs CN=Michael McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=US correct? [no]: yes
Enter key password for <mjm> <RT> (RETURN if same as keystore password):
95-804 Applied Cryptography Week 10 SSL and Key Management
96
(2) Generate a certificate from the keys
D:..\examples\SOAPAndSSL\client>keytool -export -alias mjm -storepass sesame -file client.cer -keystore client.keystore
Certificate stored in file <client.cer>
D:..examples\SOAPAndSSL\client>
95-804 Applied Cryptography Week 10 SSL and Key Management
97
(3) Place the client’s certificate into the server’s keystore
a. Copy client.cer over to the serverb. Add client.cer to the server’s keystore
D:..\examples\SSLAndTomcat>keytool -import -v -trustcacerts -alias mjmservercert -file client.cer -keystore .keystore -storepass sesame
Owner: CN=Michael McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=USIssuer: CN=Michael McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA, C=USSerial number: 3e7396d6
95-804 Applied Cryptography Week 10 SSL and Key Management
98
Valid from: Sat Mar 15 16:10:46 EST 2003 until: Fri Jun 13 17:10:46 EDT 2003
Certificate fingerprints: MD5: CB:49:42:25:DC:FF:B8:0C:02:0F:31:29:B4:E8:B1:00 SHA1: D8:8E:AA:B6:55:17:39:1B:CF:14:24:A9:0E:65:E4:29:52:30:4C:E4
Trust this certificate? [no]: yCertificate was added to keystore[Saving .keystore]
D..\examples\SSLAndTomcat>
95-804 Applied Cryptography Week 10 SSL and Key Management
99
(4) Tell Tomcat to authenticate clients
Client authentiaction
Server’skeystore
95-804 Applied Cryptography Week 10 SSL and Key Management
100
(5) Tell the client to load its keys for SSL
public VotingClient() throws SOAPException {
// get connection factory soapConnectionFactory = SOAPConnectionFactory.newInstance(); // get a message factory messageFactory = MessageFactory.newInstance();
//Almost the same client as before…
95-804 Applied Cryptography Week 10 SSL and Key Management
101
But with the following// use Sun's reference implementation of a URL handler for // the https protocolSystem.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
// Establish the truststore of who this client trustsSystem.setProperty("javax.net.ssl.trustStore","tomcat.truststore");
// Establish the keystore of this clientSystem.setProperty("javax.net.ssl.keyStore","client.keystore");System.setProperty("javax.net.ssl.keyStorePassword","sesame"); // dynamically register SUN's SSL providerSecurity.addProvider(new com.sun.net.ssl.internal.ssl.Provider());}
95-804 Applied Cryptography Week 10 SSL and Key Management
102
Some Key Management issues
• Two problems with public key crypto: 1) Suppose Mallory can convince Alice that she is using Bob’s public key to check a signature when she is really using Mallory’s and 2) Suppose Eve convinces Alice to encrypt to Eve’s public key rather than Bob’s• Two types of PKI (X509 & Web of Trust PGP)• Writing a Certificate Authority• The XML Key Management Specification
95-804 Applied Cryptography Week 10 SSL and Key Management
103
Writing a Certificate Authority
• Code adapted from “Professional Java Security” by Garms and Somerfield
95-804 Applied Cryptography Week 10 SSL and Key Management
104
Overview
• Generate the CA’s self-signed public/private key pair
• Generate a user’s self-signed public/private key pair (no need for private key)
• Use the CA’s Private key to sign the certificate of the user
• Store it all back to the keystore
95-804 Applied Cryptography Week 10 SSL and Key Management
105
Generate the CA’s self-signed public/private key pair
(1) Place a new public/private key pair of the CA in the keystore. The alias is Trent and the password is TrentSesame for the keystore and the alias.
keytool -genkey -v -alias Trent -keyalg RSA -keystore keystore
Enter keystore password: TrentSesameWhat is your first and last name?[Unknown]: Trusted TrentWhat is the name of your organizational unit?[Unknown]: SignerDepartmentWhat is the name of your organization?[Unknown]: BigCAWhat is the name of your City or Locality?
95-804 Applied Cryptography Week 10 SSL and Key Management
106
[Unknown]: PittsburghWhat is the name of your State or Province?[Unknown]: PAWhat is the two-letter country code for this unit?[Unknown]: USIs CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh,
ST=PA, C=US correct?
[no]: yes
Generating 1,024 bit RSA key pair and self-signed certificate (MD5WithRSA) for: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh, ST=PA, C=US
Enter key password for <Trent> (RETURN if same as keystore password):
[Saving keystore]
95-804 Applied Cryptography Week 10 SSL and Key Management
107
Generate a users self-signed public/private key pair
(2) Place a new public/private key pair for Mike in the keystore. The alias is myKey. The keystore password is TrentSesame and the password for Mike's key data is MikeSesame.
keytool -genkey -v -alias myKey -keyalg RSA -keystore keystore
Enter keystore password: TrentSesame
What is your first and last name?[Unknown]: Mike McCarthyWhat is the name of your organizational unit?[Unknown]: Heinz SchoolWhat is the name of your organization?[Unknown]: CMUWhat is the name of your City or Locality?
95-804 Applied Cryptography Week 10 SSL and Key Management
108
[Unknown]: PittsburghWhat is the name of your State or Province?[Unknown]: PAWhat is the two-letter country code for this unit?[Unknown]: USIs CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA,
C=US correct?[no]: yes
Generating 1,024 bit RSA key pair and self-signed certificate (MD5WithRSA) for: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh,
ST=PA, C=US
Enter key password for <myKey> (RETURN if same as keystore password): MikeSesame[Saving keystore]
95-804 Applied Cryptography Week 10 SSL and Key Management
109
Examine the keystore(3) Examine the keystore
keytool -list -v -keystore keystore
Enter keystore password: TrentSesame
Keystore type: jksKeystore provider: SUN
Your keystore contains 2 entries
Alias name: trentCreation date: Apr 30, 2003Entry type: keyEntryCertificate chain length: 1Certificate[1]:Owner: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh, ST=PA,
C=US
95-804 Applied Cryptography Week 10 SSL and Key Management
110
Issuer: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh, ST=PA, C=US
Serial number: 3eaffa1a
Valid from: Wed Apr 30 12:30:18 EDT 2003 until: Tue Jul 29 12:30:18 EDT 2003
Certificate fingerprints: MD5: 3F:47:AB:23:32:3E:20:C7:BB:3C:48:DC:40:C1:BD:6C SHA1:
71:5D:FB:F6:F9:B9:20:52:AB:AA:4D:01:CA:3B:50:41:18:3C:ED:0F
**************************************************************************************
95-804 Applied Cryptography Week 10 SSL and Key Management
111
Alias name: mykeyCreation date: Apr 30, 2003Entry type: keyEntryCertificate chain length: 1Certificate[1]:Owner: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh,
ST=PA, C=USIssuer: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh,
ST=PA, C=USSerial number: 3eaffafdValid from: Wed Apr 30 12:34:05 EDT 2003 until: Tue Jul 29 12:34:05 EDT
2003Certificate fingerprints: MD5: C3:8A:74:21:DC:EF:98:8D:48:CB:E2:22:FA:57:4B:CF SHA1:
FF:F0:4E:BF:B7:1B:9F:67:40:1A:98:88:FA:2B:CF:AA:A8:1F:F2:DB
**************************************************************************************
95-804 Applied Cryptography Week 10 SSL and Key Management
112
Use the CA’s Private key to sign the certificate of the user
Store it all back to the keystore
(4) Run the Java code SignCertificate
java SignCertificate keystore Trent myKey myKey_Signed
Usage; java SignCertificate keystore CAAlias certToSignAlias newAlias
Keystore password: TrentSesame
CA (Trent) password:TrentSesame
Cert (myKey) password: MikeSesame
95-804 Applied Cryptography Week 10 SSL and Key Management
113
SignCertificate.java
• Uses MD5 With RSA
• The signature will be valid for one year
• Use a timestamp for the serial number
• The certificate issuer will be Trent
• Use the X509CertImpl’s sign method to
do the signing
95-804 Applied Cryptography Week 10 SSL and Key Management
114
SignCertificate.java
import java.io.*;import java.security.*;import java.security.cert.*;import java.util.*;import sun.security.x509.X509CertImpl;import sun.security.x509.X509CertInfo;import sun.security.x509.X500Name;import sun.security.x509.AlgorithmId;import sun.security.x509.CertificateIssuerName;import sun.security.x509.CertificateSubjectName;import sun.security.x509.CertificateValidity;import sun.security.x509.CertificateSerialNumber;import sun.security.x509.CertificateAlgorithmId;
95-804 Applied Cryptography Week 10 SSL and Key Management
115
public class SignCertificate {
private static final String SIG_ALG_NAME = "MD5WithRSA"; private static final int VALIDITY = 365;
public static void main(String args[]) throws Exception {
System.out.println("Usage; java SignCertificate keystore CAAlias certToSignAlias newAlias"); String keystoreFile = args[0]; String caAlias = args[1]; String certToSignAlias = args[2]; String newAlias = args[3];
95-804 Applied Cryptography Week 10 SSL and Key Management
116
BufferedReader in = new BufferedReader(new InputStreamReader(System.in)); System.out.print("Keystore password: "); char[] password = in.readLine().toCharArray();
System.out.println("CA (" + caAlias + ") password: "); char[] caPassword = in.readLine().toCharArray();
System.out.print("Cert (" + certToSignAlias + ") password: ");
char[] certPassword = in.readLine().toCharArray();
95-804 Applied Cryptography Week 10 SSL and Key Management
117
FileInputStream input = new FileInputStream(keystoreFile); KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(input,password); input.close(); PrivateKey caPrivateKey = (PrivateKey) keyStore.getKey(caAlias, caPassword);
java.security.cert.Certificate caCert = keyStore.getCertificate(caAlias);
byte[] encoded = caCert.getEncoded(); X509CertImpl caCertImpl = new X509CertImpl(encoded);
95-804 Applied Cryptography Week 10 SSL and Key Management
118
X509CertInfo caCertInfo = (X509CertInfo) caCertImpl.get(X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name issuer = (X500Name)caCertInfo.get(X509CertInfo.SUBJECT
+ "." + CertificateIssuerName.DN_NAME); java.security.cert.Certificate cert =
keyStore.getCertificate(certToSignAlias);
PrivateKey privateKey = (PrivateKey) keyStore.getKey(certToSignAlias,certPassword);
encoded = cert.getEncoded();
95-804 Applied Cryptography Week 10 SSL and Key Management
119
X509CertImpl certImpl = new X509CertImpl(encoded);
X509CertInfo certInfo = (X509CertInfo) certImpl.get(X509CertImpl.NAME + "." + X509CertImpl.INFO);
Date firstDate = new Date(); Date lastDate = new Date(firstDate.getTime() + VALIDITY * 24 * 60 * 60 * 1000L);
CertificateValidity interval = new CertificateValidity(firstDate, lastDate);
certInfo.set(X509CertInfo.VALIDITY, interval);
certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber((int)(firstDate.getTime()/1000)));
95-804 Applied Cryptography Week 10 SSL and Key Management
120
certInfo.set(X509CertInfo.ISSUER + "." + CertificateSubjectName.DN_NAME, issuer);
AlgorithmId algorithm = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
certInfo.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algorithm); X509CertImpl newCert = new X509CertImpl(certInfo);
newCert.sign(caPrivateKey, SIG_ALG_NAME);
keyStore.setKeyEntry(newAlias, privateKey, certPassword, new java.security.cert.Certificate[] { newCert } );
95-804 Applied Cryptography Week 10 SSL and Key Management
121
FileOutputStream output = new FileOutputStream(keystoreFile); keyStore.store(output, password); output.close(); }}
95-804 Applied Cryptography Week 10 SSL and Key Management
122
Examine the new keystore
keytool -list -v -keystore keystore
Enter keystore password: TrentSesame
Keystore type: jks
Keystore provider: SUN
Your keystore contains 3 entries
95-804 Applied Cryptography Week 10 SSL and Key Management
123
Alias name: mykey_signedCreation date: Apr 30, 2003Entry type: keyEntryCertificate chain length: 1Certificate[1]:Owner: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh,
ST=PA, C=USIssuer: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh,
ST=PA, C=US
Serial number: 3eaffe36Valid from: Wed Apr 30 12:47:50 EDT 2003 until: Thu Apr 29 12:47:50 EDT
2004Certificate fingerprints: MD5: 14:76:75:B0:40:25:47:0E:7E:51:06:7E:B8:1E:5E:C3 SHA1: E3:4E:BA:F1:E3:0B:3A:59:69:E1:90:F6:1A:F5:8E:85:AF:92:C1:21
95-804 Applied Cryptography Week 10 SSL and Key Management
124
**************************************************************************************Alias name: mykeyCreation date: Apr 30, 2003Entry type: keyEntryCertificate chain length: 1Certificate[1]:Owner: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA,
C=USIssuer: CN=Mike McCarthy, OU=Heinz School, O=CMU, L=Pittsburgh, ST=PA,
C=USSerial number: 3eaffafdValid from: Wed Apr 30 12:34:05 EDT 2003 until: Tue Jul 29 12:34:05 EDT 2003Certificate fingerprints: MD5: C3:8A:74:21:DC:EF:98:8D:48:CB:E2:22:FA:57:4B:CF SHA1: FF:F0:4E:BF:B7:1B:9F:67:40:1A:98:88:FA:2B:CF:AA:A8:1F:F2:DB
*******************************************
95-804 Applied Cryptography Week 10 SSL and Key Management
125
*******************************************Alias name: trentCreation date: Apr 30, 2003Entry type: keyEntryCertificate chain length: 1Certificate[1]:Owner: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh,
ST=PA, C=US
Issuer: CN=Trusted Trent, OU=SignerDepartment, O=BigCA, L=Pittsburgh, ST=PA, C=U
SSerial number: 3eaffa1aValid from: Wed Apr 30 12:30:18 EDT 2003 until: Tue Jul 29 12:30:18 EDT
2003Certificate fingerprints: MD5: 3F:47:AB:23:32:3E:20:C7:BB:3C:48:DC:40:C1:BD:6C SHA1:
71:5D:FB:F6:F9:B9:20:52:AB:AA:4D:01:CA:3B:50:41:18:3C:ED:0F
95-804 Applied Cryptography Week 10 SSL and Key Management
126
We could now…
• Export the CA’s self-signed certificate
from the keystore
• Import it into a browser or a Truststore
• Export the new signed certificate and
present it to a client or browser
95-804 Applied Cryptography Week 10 SSL and Key Management
127
Where things may be heading…W3C XML Key Management Last Call Published18 April 2003
"The groundswell of industry support for the XKMS specification shows that PKI has entered the next generation," said Stratton Sclavos, president and CEO of VeriSign.April 10,2001
95-804 Applied Cryptography Week 10 SSL and Key Management
128
"As an open framework for the XML-based trust services architecture, XKMSwill enable trust through stronger authentication and will ultimately help deliverXML's promise of expanded e-commerce across the board -- thus makingintegration technology faster and easier to deploy, as well as making largeindustrial exchanges more manageable," said Jeremy Epstein, Director ofProduct Security and Performance, webMethods, Inc. April 10, 2001
95-804 Applied Cryptography Week 10 SSL and Key Management
129
Roberto Medrano, general manager, HP Internet Security Division,
said, "HP supports the adoption of the XKMS Specification to provide
the higher-level application security that customers need to further
their service-centric Web commerce in a heterogeneous environment.
The wide industry acknowledgement of the benefits associated with
adopting the XKMS specification will enable pervasive development
efforts." April 10, 2001
95-804 Applied Cryptography Week 10 SSL and Key Management
130
"The use of XML for e-business is maturing rapidly and security is an essential part of the standards 'stack' for web services," said Bob Sutor, IBM's Director for e-business Standards Strategy. "XKMS should prove to be an important component of the standards that the industry cooperatively develops to ensure that Internet-based business transactions take place in a secure and reliable way.“ April 10, 2001
95-804 Applied Cryptography Week 10 SSL and Key Management
131
"Web Services are transforming every corner of high-tech computingredefining the possibilities for end users and the business opportunities forenterprises. This transformation hinges on the public standardization of coreXML technologies, and security standards are at the top of that list," said BlairDillaway, security software architect at Microsoft Corp. "The XKMS-definedtrust services provide key functionality needed for building secure,interoperable, e-commerce solutions.“ April 10, 2001
95-804 Applied Cryptography Week 10 SSL and Key Management
132
From Java One Conference
“Next, we describe the design and implementation of an XKMS solution that exploits the security and XML function available in Java technology. Our solution builds on XML Signatures and XML Encryption. We describe how we provide XKMS as a Web service. We conclude the session by demonstrating the use of XKMS and PKI to develop secure applications.” From a Bird’s of a FeatherSession, April 29, 2003
95-804 Applied Cryptography Week 10 SSL and Key Management
133
From Oracle’s web site
The XML Key Management Specification
To verify a signature, an application needs to validate the digitalcertificate that was used in creating the signature. Validating the digitalcertificate requires interacting with the public key infrastructure (PKI).XML Key Management offers a standard way for interacting with PKIsystems. Once an application receives an XML digital signature, it canuse XML Key Management Specification (XKMS) to send a request tothe PKI to validate a digital certificate. If the key is validated, theapplication can proceed and verify that the certificate used to create thedigital signature was valid at the time of signing.
95-804 Applied Cryptography Week 10 SSL and Key Management
134
XKMS Toolkits available
VeriSign XKMS toolkit (java)
Entrust XKMS toolkit (java)
Poupou XKMS toolkit (.NET)
Microsoft XKMS client and server sample code (ASP.NET)
95-804 Applied Cryptography Week 10 SSL and Key Management
135
XKMSPKI HOST
XMK Key Management Specification
Holds keys, certificates and certificate revocation list
Signer
VerifierSigned document
(SOAP)
Verify signatureX-KISSXML Key Information Service Specification
Register keyRevoke CertificateRecover KeyX-KRSSXML Key Registration Service Specification
Signer generates key pair or requests the pair from the PKI host
Key registration request sent to PKI HostCertificate sent to Signer by PKI HostSigned document sent to VerifierVerifier requests certificate from PKI hostKey and certificate sent to Verifier by PKI Host
(SO
AP
)(S
OA
P)
The Signer may request that a certificate be revokedThe Signer may request copy
of lost keys
95-804 Applied Cryptography Week 10 SSL and Key Management
136
X-KISS allows a client to delegate part or all of thetasks required to process XML Signature<ds:KeyInfo> elements to a Trust service. A keyobjective of the protocol design is to minimize thecomplexity of applications using XML Signature.By becoming a client of the trust service, theapplication is relieved of the complexity and syntaxof the underlying PKI used to establish trustrelationships, which may be based upon a differentspecification such as X.509/PKIX, SPKI or PGP. (From the
w3c)
XKMS
95-804 Applied Cryptography Week 10 SSL and Key Management
137
XKMS
X-KRSS describes a protocol for registration of public key information. A client of a conforming service may request that the Registration Service bind information to a public key. The information bound may include a name, an identifier or extended attributes defined by the implementation.(From the W3C)
95-804 Applied Cryptography Week 10 SSL and Key Management
138
X-KISS Example Request
<Locate> <Query> <ds:KeyInfo> <ds:RetrievalMethod URI="http://www.PKeyDir.test/Certificates/01293122" Type="http://www.w3.org/2000/09/xmldsig#X509Data"/> </ds:KeyInfo> </Query> <Respond> <string>KeyName</string> <string>KeyValue</string> </Respond></Locate>
The client receives a signed XML document. The <ds:Keyinfo> element specifies a <ds:RetrievalMethod> for an X.509 certificate that contains the public key. The client sends the <ds:Keyinfo> element to the location service requesting that the <KeyName> and <KeyValue> elements be returned. (W3C)
95-804 Applied Cryptography Week 10 SSL and Key Management
139
X-KISS Example Response
<LocateResult> <Result>Success</Result> <Answer> <ds:KeyInfo> <ds:KeyName>O=XMLTrustCernter.org OU="Crypto" CN="Alice"</ds:KeyName> <ds:KeyValue>...</ds:KeyValue> </ds:KeyInfo> </Answer></LocateResult>
The location service resolves the <ds:RetrievalMethod>, obtaining an X.509v3 certificate. The certificate is parsed to obtain the public key value that is returned to the client. (W3C)
95-804 Applied Cryptography Week 10 SSL and Key Management
140
X-KRSS Example Request<Register> <Prototype Id="keybinding"> <Status>Invalid</Status> <KeyID>mailto:[email protected]</KeyId> <ds:KeyInfo> <ds:KeyValue> <ds:RSAKeyValue> <ds:Modulus>998/T2PUN8HQlnhf9YIKdMH HGM7HkJwA56UD0a1oYq7E fdxSXAidruAszNqBoOqfarJIsf cVKLob1hGnQ/l6xw </ds:Modulus> <ds:Exponent>AQAB</ds:Exponent> </ds:RSAKeyValue> </ds:KeyValue> <ds:KeyName>mailto:[email protected]</ds:KeyName> </ds:KeyInfo> </Prototype>
For some reason Alicerequests the Registration Service revoke the binding for her public key. Alice authenticates herself by signing her request with the corresponding private key. (W3C)
95-804 Applied Cryptography Week 10 SSL and Key Management
141
<AuthInfo> <AuthUserInfo> <ProofOfPossession> <ds:Signature? URI="#keybinding" [RSA-Sign (KeyBinding, Private)] /> </ProofOfPossession> </AuthUserInfo> </AuthInfo> <Respond> <string>KeyName</string> <string>KeyValue</string> </Respond></Register>
95-804 Applied Cryptography Week 10 SSL and Key Management
142
X-KRSS Response<RequestResult> <Result>Success</Result> <Answer> <Status>Invalid</Status> <KeyID>mailto:[email protected]</KeyID> <ds:KeyInfo> <ds:KeyValue> <ds:RSAKeyValue> <ds:Modulus>998/T2PUN8HQlnhf9YIKdMHHGM7HkJwA56UD0a1oYq7E fdxSXAidruAszNqBoOqfarJIsfcVKLob1hGnQ/l6xw </ds:Modulus> <ds:Exponent>AQAB</ds:Exponent> </ds:RSAKeyValue> </ds:KeyValue> <ds:KeyName>mailto:[email protected]</ds:KeyName> </ds:KeyInfo> </Answer></RegisterResult>
The service responds that the key binding has been revoked. (W3C)