Upload
dalia-haselton
View
220
Download
0
Embed Size (px)
Citation preview
How to Use XML Security Standards in Real World
Aleksey Sanin <[email protected]>
O’Reilly Open Source Convention
July 7 - 11, 2003
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
Agenda
• W3C XML Security specifications
• XML Security Library
• Practical XML Security
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
W3C XML Security Standards
• XML Canonicalization and Exclusive XML Canonicalization (W3C recommendations)http://www.w3.org/TR/xml-c14n/http://www.w3.org/TR/xml-exc-c14n/
• XML Signature (W3C recommendation)http://www.w3.org/TR/xmldsig-core/
• XML Encryption (W3C recommendation)http://www.w3.org/TR/xmlenc-core/
• XML Key Management (W3C working draft)http://www.w3.org/TR/xkms2/
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
Why Do We Need New Specifications?
• SSL/TLS provides transport level security when Web services need messages level security– Store message for later use– Session keys in SSL/TLS
• Fine grained security for XML documents
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Canonicalization
• <Test a="aa" b="bb"/>
• <Test b="bb" a="aa"></Test>
• <Test a="aa" b="bb"></Test>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Canonicalization (Continue)
• C14N is a serialization of XML document or XPath node set to a binary string.
• There are many C14N algorithms (W3C: C14N, Exclusive C14N).
• Same input data (XML document or XPath node set) and same C14N algorithm produce the same binary string.
• Use Exclusive C14N.
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature Structure
<dsig:Signature ID?>
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm />
<dsig:SignatureMethod Algorithm />
<dsig:Reference URI? >+
</dsig:SignedInfo>
<dsig:SignatureValue>
<dsig:KeyInfo>?
(<dsig:Object ID?>)*
</dsig:Signature>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature Structure: Reference element
<dsig:Reference URI? >
(<dsig:Transforms>
(<dsig:Transform Algorithm />)+
</dsig:Transforms>)?
<dsig:DigestMethod Algorithm >
<dsig:DigestValue>
</dsig:Reference>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature Structure: KeyInfo element<dsig:KeyInfo>
<dsig:KeyName>?
<dsig:KeyValue>?
<dsig:RetrievalMethod>?
<dsig:X509Data>?
<dsig:PGPData>?
<enc:EncryptedKey>?
<enc:AgreementMethod>?
<dsig:KeyName>?
<dsig:RetrievalMethod>?
<*>?
</dsig:KeyInfo>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature Generation
• Calculate digests other signed data from <dsig:Reference/> element.
• Compose <dsig:SignedInfo/> element.
• Calculate signature other <dsig:SignedInfo/> element and place result in <dsig:SignatureValue/> element.
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature: Enveloped Signature Example<?xml version="1.0" encoding="UTF-8"?>
<Envelope>
<SignedData>Hello, World!</SignedData>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/…"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>9H/rQr...</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Mx4psI...</SignatureValue>
<KeyInfo><KeyName>My-RSA-Key</KeyName></KeyInfo>
</Signature>
</Envelope>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Digital Signature: Enveloped Signature Example (Continue)Digested data:<Envelope> <SignedData>Hello, World!</SignedData></Envelope>
Signed data:<SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/…"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>9H/rQr...</DigestValue> </Reference> </SignedInfo>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Encryption Structure
<enc:EncryptedData Id? Type? MimeType?>
<enc:EncryptionMethod Algorithm />?
<dsig:KeyInfo>?
<enc:CipherData>
<enc:CipherValue>?
<enc:CipherReference URI?>?
</enc:CipherData>
<enc:EncryptionProperties>?
</enc:EncryptedData>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Encryption: Example
<?xml version="1.0" encoding="UTF-8"?>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><KeyName>My-DES-Key</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>WXlDy...</CipherValue>
</CipherData>
</EncryptedData>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Toolkits
• XML Security Library (C/C++)http://www.aleksey.com/xmlsec
• Microsoft .NET (C#)http://msdn.microsoft.com/netframework/
• DataPower (Hardware)http://www.datapower.com/products/xs40.html
• Apache XML Security (Java)http://xml.apache.org/security/index.html
• Baltimore Technologies (Java)http://www.baltimore.com/keytools/xml/
• IBM XML Security Suite (Java)http://www.alphaworks.ibm.com/tech/xmlsecuritysuite
• Phaos Technology Corporation (Java)http://phaos.com/products/category/xml.html
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library
• Open Source (MIT license)
• Based on LibXML2/LibXSLT and your favorite cryptographic library
• Strong standards support• Very fast• Can use practically any cryptographic
library (OpenSSL, GnuTLS, NSS, …)• Portable (Linux, OpenBSD, FreeBSD,
Solaris, Windows, Mac OS X, …)
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Objects
• Transforms
• Keys• Keys Manager• Operation Contexts
– Signature– Encryption– Transforms– Key selection
• Templates
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Templates<?xml version="1.0" encoding="UTF-8"?><Envelope> <SignedData>Hello, World!</SignedData> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/…"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue></DigestValue> </Reference> </SignedInfo> <SignatureValue></SignatureValue> <KeyInfo>
<KeyName></KeyName> </KeyInfo> </Signature></Envelope>
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Signing or Encrypting XML Document• Prepare keys manager (the same keys manager can be
shared by multiple operations)
• Create or load "template" and select the start node (<dsig:Signature/> or <enc:EncryptedData/>)
• Create signature (xmlSecDSigCtx) or encryption (xmlSecEncCtx) context object
• Specify signature or encryption key in the template (by name, for example) or in the context object
• Sign or encrypt data and consume the result• Destroy context object
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Signature Exampleint sign_template(xmlDocPtr tmpl, xmlNodePtr startNode,
xmlSecKeyPtr key) {
xmlSecDSigCtxPtr dsigCtx;
/* create signature context w/o keys manager */
dsigCtx = xmlSecDSigCtxCreate(NULL);
if(dsigCtx == NULL) {
fprintf(stderr,"Error: failed to create context.\n");
return(-1);
}
/* set signature key in the context */
dsigCtx->signKey = xmlSecKeyDuplicate(key);
if(dsigCtx->signKey == NULL) {
fprintf(stderr,"Error: failed to duplicate key.\n");
xmlSecDSigCtxDestroy(dsigCtx);
return(-1);
}
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Signature Example (Continue)
/* sign the template */
if(xmlSecDSigCtxSign(dsigCtx, startNode) < 0) {
fprintf(stderr,"Error: signature failed.\n"); xmlSecDSigCtxDestroy(dsigCtx);
return(-1);
}
/* destroy context object */
xmlSecDSigCtxDestroy(dsigCtx);
return(0);
}
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Verifying Signature
• Prepare keys manager (the same keys manager can be shared by multiple operations)
• Load signed document and select the start node (<dsig:Signature/> or <enc:EncryptedData/>)
• Create signature (xmlSecDSigCtx) or encryption (xmlSecEncCtx) context object
• Verify signature or decrypt the data, consume the result
• Destroy context object
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Signature Verification Exampleint verify_document(xmlDocPtr doc, xmlNodePtr startNode,
xmlSecKeysMngrPtr keysMngr) {
xmlSecDSigCtxPtr dsigCtx;
int res;
/* create signature context */
dsigCtx = xmlSecDSigCtxCreate(keysMngr);
if(dsigCtx == NULL) {
fprintf(stderr,"Error: failed to create context.\n");
return(-1);
}
/* Verify signature */
if(xmlSecDSigCtxVerify(dsigCtx, startNode) < 0) {
fprintf(stderr,"Error: verification failed.\n");
xmlSecDSigCtxDestroy(dsigCtx);
return(-1);
}
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
XML Security Library: Signature Verification Example (Continue)
/* check verification result */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
/* signature is valid */
res = 1;
} else {
/* signature is invalid */
res = 0;
}
/* destroy signature context */
xmlSecDSigCtxDestroy(dsigCtx);
return(res);
}
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world
Practical XML Security
• Check what was actually signed– Use pre-digested data– Analyze used transforms
• Limit allowed digest, signature, encryption and transform algorithms
• Limit allowed key sources• Check that data or key source matches
expectation
Wednesday, July 09 20034:30pm -
5:15pm
Aleksey Sanin - How to use XML Security standards in real world