Documente Academic
Documente Profesional
Documente Cultură
Agenda
Transport Level Security/Secure Sockets Layer (TLS and SSL)
Not covering IPSec, SSH, or DTLS
Chains
Walk the Certificate Path
View/Install/Note Details
Especially Serial Number
then Export/Copy_to_File
Chains
Export to File
IE9
FF12
Ch 21
1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go
Daddy Secure Certification Authority/serialNumber=07969287
i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
2 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
i:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation
Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com
3 s:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation
Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com
i:/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation
Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com
PEM Encoding
Portecle (cont)
Three Certificates in Chain keep saving them
#1 Subject: CN=www.paypal.com, OU=PayPal Production, O="PayPal, Inc.", STREET=2211 N 1st St, L=San
Jose, ST=California, OID.2.5.4.17=95131-2021, C=US, SERIALNUMBER=3014267, OID.2.5.4.15=Private
Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
#2 Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign,
Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
#3 Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign,
Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer = Subject!
03:30
03:31
03:32
03:36
PM
PM
PM
PM
2,280
2,136
1,756
848
www_paypal_com_VeriSign_Class_Extended_Validation_SSL_CA.pem
VeriSign_Class_Extended_Validation_SSL_CA_VeriSign_Class_Public_Primary_Certification_Autho
VeriSign_Class_Public_Primary_Certification_Authority_-_G.pem
ROOT.
OK
OK
Serial #
CA Cert:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
Has been
a2:6b:0f:3f:02:56:dd:a7
found!
17
Alice
Bob
Here is
my public
key..
[a7Uq8zbD1]
Perfect!
I will use it
to send you
some info
privately!
18
Ill compute
something with a hash
algorithm, then use
my private key
to sign it.
Perfect!
I will then know
that it wasnt
modified (integrity)
and that it came
from You!
19
Registration/Certificate/Validation Authorities
EV Certs
Extended Validation
Common Terms
Public Key Infrastructure an asymmetric scheme to present publicly
useful identity items (public key) while safeguarding unauthorized (nonidentity) use by requiring a private key. Concepts and Processes.
Public Key Cryptography Standards the details on how one might
implement PKI.
Trust Model generally a chain-of-trust by CA signature verification,
though some applications (e.g., TIBCO Rendezvous) need a trust model
of holding (i.e., having a copy means you trust it)
TrustStore a collection of Public Keys that are generally Certificate
Authority Keys, but as above, can include Public Server/Client keys
KeyStore generally a key-pair of Private + Public Key, but can contain
multiple identities with an alias as an index.
sign
0.000531s
0.002684s
0.015626s
0.113300s
verify
0.000049s
0.000143s
0.000472s
0.001659s
sign/s verify/s
1884.8 20584.2
372.6
6990.4
64.0
2117.6
8.8
602.6
Expensive!
Cheap!
Common PKCS
PKCS#1 is the RSA Cryptography Standard (RFC 3447)
PKCS#5 is Password Based Encryption Standard - aka PBE (RFC
2898)
PKCS#7 is a collection of one or more public keys (RFC 2315)
PKCS#8 is about private key information syntax (RFC 5208)
PKCS#10 is about Certificate Request Standard (RFC 2986)
PKCS#11 is an interface to external/other providers (e.g., Hardware
Security Module)
PKCS#12 is about PFX Personal Information Exchange a store for
private keys with one or more public keys, often a chain.
Ciphers: -ssl_ciphers
(-ssl_ciphers TLS_RSA_WITH_AES_256_CBC_SHA)
No SSL
(-server tcp://localhost:7222)
Less Secure
Copyright 2000-2012 TIBCO Software Inc.
PKCS#7
PKCS#5 PBE
Phrase for
Private Key
PKCS#7 Bag
Subject and
Issuer
PKCS#12 Continued
Subject and
Issuer
Subject and
Issuer
Certificate bag
Bag Attributes
friendlyName: pseudogod
subject=/C=US/ST=CA/L=Palo Alto/O=TIBCO Software Inc./OU=Engineering/CN=pseudogod/emailAddress=someone@tibco.com
issuer=/C=US/ST=CA/L=Palo Alto/O=TIBCO Software Inc./OU=Engineering/CN=pseudogod/emailAddress=someone@tibco.com
-----BEGIN CERTIFICATE----MIIEtzCCA5+gAwIBAgIJALdkmlnwzm3+MA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD
[SNIP]
-----END CERTIFICATE----Certificate bag
Bag Attributes: <Empty Attributes>
subject=/C=US/ST=CA/O=TIBCO Software Inc./OU=Engineering/CN=level2/emailAddress=someone@tibco.com
issuer=/C=US/ST=CA/L=Palo Alto/O=TIBCO Software Inc./OU=Engineering/CN=pseudogod/emailAddress=someone@tibco.com
-----BEGIN CERTIFICATE----MIIEyDCCA7CgAwIBAgICAX0wDQYJKoZIhvcNAQEEBQAwgZgxCzAJBgNVBAYTAlVT
[SNIP]
-----END CERTIFICATE-----
PUBLIC
PUBLIC
pseudogod
level2
Root CA/Self-Signed
Intermediate CA
PUBLIC
samplecert
Leaf Certificate
samplecert
PRIVATE
Cut/Paste Keys
Include
-----BEGIN XXX----and
-----END XXX-----
Strong
Signature
Trusted Issuer
Time Validity
FQDN of URL
Size of Key
Not a CA
Revoked?
You can have differences such that a single certificate may not be
sufficient!
Wildcard names for FQDN only in first level (illegal for LDAP)
*.na.tibco.com
Flow of using a CA
Heavy Prime Number BigInt Math creates Public and Private Keys
Request contains Identity information and Public Key
Requester maintains secure access to Private Key and sends Request
to CA for signature (actually sends to RA, which sends to CA)
CA signs the Public Key and returns a certificate (Certified)
Additional Requester functions usually combine Private Key and
Certificate into some form of a store (JKS/JCEKS/PKCS#12), which
may contain the CA public key(s)
Private Key and Keystore passphrases MAY be different but caution!
some applications only accept one passphrase!
When using OpenSSL, it pays to set up the CNF file to manage indices,
serial numbers, etc. Leverage the framework!
32
openssl req
-newkey rsa:2048 -sha256 -keyout Key.pem -keyform PEM -out Req.pem -outform
PEM -config attributes.txt -batch verbose
openssl rsa
openssl ca
pause
REM make the certificate into PKCS#12 format with the full chain using Priv Key and Export
passwords assigned to env var $PASS or %PASS%
openssl pkcs12
Reading a PKCS#12:
openssl pkcs12
Reading an X.509:
openssl x509
java.property.oracle.net.tns_admin=C:/temp/tnsnames.ora
javax.net.ssl.trustStore=C:/tibco/jre/1.6.0/lib/security/cacerts
javax.net.ssl.trustStorePassword=changeit
java.property.oracle.net.ssl_cipher_suites=TLS_RSA_WITH_AES_256_CBC_SHA
java.property.oracle.jdbc.Trace=true
OCSP/CRL Functions
java.property.java.security.ocsp.enable=true
java.property.com.sun.net.ssl.checkRevocation=true
java.property.com.sun.security.enableCRLDP=true
java.property.com.tibco.security.NoExplicitCAChain=true
java.property.com.tibco.security.CheckRevocation=true
java.property.java.security.debug=certpath
java.property.java.security.ocsp.responderURL="http://someone-wk.na.tibco.com:8888"
Trace.Task.*=true
Challenge Yourself
Get the Full Chain from https://www.paypal.com and
https://tibco.tibbr.com
Create your own CA with a Self-Signed Cert X.509v3, 2048-bit RSA,
and signed with SHA-256
Make a personal certificate for <yourID>@tibco.com, same bit-length and SHA
algorithm (e.g., someone@tibco.com)
Make a certificate for your machine(s), use the FQDN (e.g., someonewk.na.tibco.com)
Make PKCS#12 structures with the chain included, use AES-128 to secure the
store.
Copy the Private Key into PKCS#8 format
Copy the Public Key into PKCS#7 format
Import your key pair into a JKS or JCEKS
Copy your Public Key into DER encoding (or if you did it in DER, make it PEM)
Make a certificate with the OCSP/CRL information, then revoke it and test the
revocation.
37
Appendix
38
Standards Advance
NIST has competitions for encryption and hashing
DES/TDES aged, then came Advanced Encryption Standard (AES)
based on Rijndael
MD5 aged, then SHA-1, then SHA-2SHA-3 is in current competition
(started 2007)
Export Rules/Department of Commerce Export Ciphers & Unlimited
Strength Policy
FIPS 140-2 2001 -> FIPS 140-3 Draft 2009
2011 NIST Standards for Key Size and related TLS specs
Years 2011-to-2030:
Minimum Key Size: 2048
Hashing Minimum: SHA-1 for TLS
Elliptical Curve: 224
Standards Morph
ISO OSI ISO/IEC 7498-1 The OSI Model & GOSIP (Government
Open Systems Interconnection Profile) circa 1984, reasonable
adoption by 1992, almost dead by 1996.
TP4, X.400 Mail, X.500 Directory Service, FTAM, VT, CMISE, CMIP
Level 1:
Level 2:
Level 3:
Level 4:
TIBCO Runtime Agent w/Entrust Authority Security for the Java Platform
v7.2
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#802
TRA file entry: java.property.com.tibco.security.FIPS=true
Unlimited Strength
// Country-specific policy file for countries with no limits on crypto strength.
grant {
// There is no restriction to any algorithms.
permission javax.crypto.CryptoAllPermission;
};
TLS/SSL Handshake
CLIENT
Directionality
SERVER
1. Client Hello
2. Server hello
3. Certificate
4. Certificate Request
5. Server Key Exchange
6. Server hello done
7. Certificate
8. Client Key Exchange
9. Certificate Verify
10. Change cipher spec
11. Finished
12. Change cipher spec
13. Finished
14. Encrypted Data
Both parties compute the master secret and derive a session key
If the server can decrypt the data and complete the protocol, the client is assured that the
server has the right private key.
Certificate Verify
Only when Client sends a certificate client uses its private key to sign a hash
of all messages sent up to this point; verified with public key