ot Vesselin Markov(25-09-2006)
reiting (20)
[ dobre ]
[ zle ]
Variant za otpechatvane
Dostup do ueb
resursi
chrez H.509 identifikatsiia
Veselin Markov 09.2006
Tozi dokument
demonstrira metod na udostoverenie pri dostup do ueb resursi,
iziskvasht
identifikatsiia ot strana na potrebitelia, bazirana na X.509v3
sertifikati.
Preduprezhdenie:
Potrebitelite na Internet Explorer niama da mogat da vidiat
grafichnite
failove kum statiiata poradi nesuvmestimost na brauzura s RFC2397
(data:
URL scheme).
.:
Vuvedenie
Edin ot chesto izpolzvanite metodi za
identifikatsiia na potrebitel e izpolzvane na shema, pri koiato
se iziskva
validno potrebitelsko ime i parola. Kolkoto i dobre utvurden
da e tozi variant,
toi ima svoite slabosti - parolite ne vinagi bivat podbirani
slozhni,
koeto gi pravi lesni za otgatvane. Dosta prilozheniia koito
izpolzvat
takava sistema sa uiazvimi
ot ataki tip "gruba sila", potrebitelskite danni ne vinagi se
predavat
po obezopasen nachin i pr.
Regulirane na dostup baziran na IP
adresi riadko e prilozhimo i pochti vinagi nepraktichno reshenie,
ne samo
kogato potrebitelite sa poveche.
Drug metod, koito se nalaga ot
finansovi organizatsii (a i ne samo) e forsirane na
avtentikatsiia chrez
klientski sertifikati, t.e. survurut iziskva nalichieto na
opredelen
fail ot strana na klienta, za
da razreshi po-natatushen dostup. Izpulnenieto na tozi variant
ne e dotam
trivialna zadacha, no sigurnostta pri opredeliane na pravo za
polzvane na
daden
resurs, znachitelno se povishava.
Primer za polzite ot takuv vid
udostoveriavane sa neprekusnatite ataki s tsel otgatvane na
potrebitel/parola pri SSH. S izpolzvane na PKI sistema te
otpadat.
Vse poveche ueb survuri poddurzhat
takuv tip klient/survur avtentikatsiia, a reshenieto razglezhdano
ot
statiiata se bazira na Apache i OpenSSL.
.: Izgrazhdane i
administrirane na Dostovren Iztochnik na Sertifikati
(Certificate
Authority)
Tozi podhod iziskva suzdavane i
izvurshvane na slednite operatsii pri upravlenie na CA:
1. Izdavane na klientski sertifikati
2. Proverka za validnost v bazata
danni na CA
3. Otmiana/anulirane na sertifikat,
pri:
3.1. Iztekla validnost
na sertifikat
3.2. Zaguba na
sertifikat
3.3. Komprometiran
sertifikat
3.4. Drugo subitie
nalagashto prekusvane na validnostta mu
4. Podnoviavane na sertifikat
Sledvat niakoi ukazaniia, koito vi
biha bili polezni pri administrirane na CA. Po tozi nachin shte
suzdadete
lokalno CA:
# mkdir -p CA/{newcerts,private,crl}
&& cd CA
# echo 01 > serial
# touch index.txt
# cp /etc/ssl/openssl.cnf-sample
openssl.cnf
# vim openssl.cnf
Primeren cnf fail ima v paketa
OpenSSL. Napravete promeni kudeto e neobhodimo
(ime na CA direktoriia,
klyuch/sertifikat, validnost v dni i dr. parametri).
# openssl req -new -x509 -keyout
private/CA.key -out CA.crt -days 3650 -config openssl.cnf
Dobre e Root CA sertifikatut vi da
ima po-goliama validnost. Parolata za chastniia klyuch triabva da
bude
podbrana vnimatelno i da ne se zabravia.
Proverete informatsiiata koiato ste
populnili taka:
# openssl x509 -in CA.crt -noout
-text
Izdavane i podpisvane ot CA na nov
(potrebitelski) sertifikat:
# openssl req -nodes -new -x509
-keyout 01req.pem -out 01req.pem -days 1095 -config
openssl.cnf
# openssl x509 -x509toreq -in
01req.pem -signkey 01req.pem -out tmp.pem
# openssl ca -config openssl.cnf
-policy policy_anything -out 01cert.pem -infiles tmp.pem
# mv 01req.pem 01key.pem ; rm -f
tmp.pem
V momenta 01key.pem sudurzha chastniia
klyuch (i CSR), a 01cert.pem e podpisaniiat ot CA nov sertifikat.
Zapis za tova subitie shte otide i v
index.txt; toi triabva da zapochva s V, koeto e indikatsiia
sertifikatut che
e validen. Drugi vuzmozhni stoinosti sa R (revoked) i E
(expired).
Triabva da ustanovite protsedura po
redovno podnoviavane na bazata danni na CA i proverka na
sertifikatite:
# openssl ca -updatedb -verbose
-config openssl.cnf
# openssl verify -CAfile CA.crt
XYZcert.pem
S vremeto, po razlichni prichini shte vi
se nalaga da anulirate sushtestvuvashti sertifikati. Po tozi nachin
shte
suzdadete Certificate Revocation List (CRL), koito triabva da
bude
opresniavan vseki put
kogato tova se nalaga.
# openssl ca -revoke bad_cert.pem
-keyfile private/CA.key -cert CA.crt -config openssl.cnf
# openssl ca -gencrl -keyfile
private/CA.key -cert CA.crt -out crl/CA.crl -config
openssl.cnf
Prochitane na CA.crl
# openssl crl -in crl/CA.crl -noout
-text
Certificate Revocation List (CRL):
Version 1 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=Example Corp. CA-1/emailAddress=hq@example.net
Last Update: Sep 25 08:18:41 2006 GMT
Next Update: Oct 25 08:18:41 2006 GMT
Revoked Certificates:
Serial Number: 02
Revocation Date: Sep 25 08:18:19 2006 GMT
Signature Algorithm: sha1WithRSAEncryption
2b:a4:f0:9d:92:bc:75:f2:04:2f:b8:0f:51:90:72:23:21:1d:
2c:b8:56:8b:e9:67:b9:a8:90:08:23:f9:10:89:ea:a9:26:c5:
cb:e6:6d:17:95:f8:87:ce:09:dc:5b:3f:66:b5:7e:69:eb:66:
a7:d5:cf:3b:8f:e5:01:98:83:4d:f8:8b:0b:28:7b:04:2d:ee:
e1:2b:99:96:ed:41:3f:9a:9b:62:d6:4e:f9:08:1d:d7:e2:e9:
9c:8e:fc:4f:8c:f2:6d:9d:85:09:7a:b7:70:83:ca:a6:cf:72:
80:0e:2a:0a:8f:82:dd:2f:c3:25:92:9a:de:20:6a:77:d9:cc:
1d:4f
Po podrazbirane validnostta na tozi
list e 30 dni. Tazi stoinost mozhe da bude promeniana. Ne e
fatalno ako
propusnete da go pre-generirate sled iztichaneto na tozi srok,
stiga da
niama podlezhasht na
anulirane subekt.
Pri podnoviavane na
sertifikat purvo
triabva da anulirate tekushtiia (koito mozhe i da e s iztekla
validnost),
sled koeto podpisvate otnovo originalniiat (kum nego) CSR
(Certificate
Signing Request),
kato suobraziavate novite dati.
# openssl ca -config openssl.cnf
-policy policy_anything -out renewed-01cert.pem -infiles
01key.pem
-startdate <sega> -enddate <predishen srok na
validnost+1095
dni>
V 01key.pem prisustva originalniiat
CSR osven chastniiat klyuch.
V nachaloto imahme suzdadeni
01cert.pem i 01key.pem. Za da mogat da budat importnati v
brauzur ili
S/MIME klient za elektronna poshta, triabva da budat
preobrazuvani v
PKCS#12 vid. Takuv
hranilishten fail sudurzha chastniia klyuch kum sertifikata, samiia
sertifikat
i tozi na CA. Za da bude zashtiten se polzva simetrichno
kriptirane s
parola, koiato
triabva da predostavite na potrebitelia.
# openssl pkcs12 -export -in
01cert.pem -inkey 01key.pem -certfile CA.crt -name cust01 -out
cust01.p12
Pri neobhodimost obratno mozhe da
bude transformiran v PEM fail:
# openssl pkcs12 -in cust01.p12 -out
01keys.pem -nodes
Sled kato stava duma za
sobstveno-podpisani sertifikati ot osobeno znachenie e
sertifikatut na
loklanoto CA da bude importnat v brauzura na klienta kato
Trusted
Authority. Pri vsiaka edna greshka
v posledstvie pri klient/survur komunikatsiia, sledva da se
potursi
nezabavno sudeistvie ot administratorite na suotvetnoto CA. V
protiven
sluchai sledva
da se raziasni kakvo e sertifikaten fingerprint i tozi niz da
bude
izvesten na potrebitelia za spravka:
# openssl x509 -fingerprint -noout
-in /opt/CA/CA.crt
SHA1
Fingerprint=63:AC:75:46:BC:A6:B6:D4:F5:4A:37:1D:0F:F3:C2:9A:D8:1B:F1:C0
.: Konfiguratsiia
na
Apache survur
Edno ot neshtata koito ne triabva da se
propuskat e da se upomene v konfiguratsionniia fail, che
direktoriiata
koiato shte zashtitavame mozhe da bude dostupna samo v SSL rezhim ot
httpd.conf:
<Directory /opt/apache2/htdocs/lock>
SSLRequireSSL
</Directory>
...
Primerna konfiguratsiia v
httpd-ssl.conf
...
SSLCACertificateFile /opt/CA/CA.crt
SSLCARevocationFile /opt/CA/crl/CA.crl
<Location /lock>
SSLRequireSSL
SSLVerifyClient require
SSLVerifyDepth 1
</Location>
</VirtualHost>
Tuk pochti vsichko e iasno, s
izklyuchenie mozhe bi na direktivata SSLVerifyDepth. Kogato e sus
stoinost
1, edinstveno klientski sertifikati koito sa podpisani ot
gorespomenatoto CA bivat dopuskani do
suotvetniia resurs.
Kogato pravite promiana po CRL lista
triabva da nakarate ueb survura da go prochete nanovo.
# kill -SIGHUP `cat httpd.pid`
[Sun Sep 24 17:14:36 2006] [notice]
SIGHUP received. Attempting to restart
[Sun Sep 24 17:14:36 2006] [notice]
Apache configured -- resuming normal operations
.: Primeri
Ako rabotite poveche v konzola,
mozhete da izpolzvate SSL/TLS klienta ot OpenSSL, za da
proverite dali
neshtata rabotiat kakto se ochakva.
# openssl s_client -connect
secure.example.net:443 -cert /opt/CA/01cert.pem
-key /opt/CA/01key.pem
CONNECTED(00000003)
depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
verify return:1
---
Certificate chain
0 s:/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
i:/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICnzCCAggCCQDctSBIGHvahjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC
QkcxCzAJBgNVBAgTAkJHMQswCQYDVQQHEwJCRzEWMBQGA1UEChMNRXhhbXBsZSBD
b3JwLjEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEbMBkGA1UEAxMSc2VjdXJlLmV4
YW1wbGUubmV0MR0wGwYJKoZIhvcNAQkBFg5ocUBleGFtcGxlLm5ldDAeFw0wNjA5
MjQyMDIwMzZaFw0wNjExMjMyMDIwMzZaMIGTMQswCQYDVQQGEwJCRzELMAkGA1UE
CBMCQkcxCzAJBgNVBAcTAkJHMRYwFAYDVQQKEw1FeGFtcGxlIENvcnAuMRYwFAYD
VQQLEw1JVCBEZXBhcnRtZW50MRswGQYDVQQDExJzZWN1cmUuZXhhbXBsZS5uZXQx
HTAbBgkqhkiG9w0BCQEWDmhxQGV4YW1wbGUubmV0MIGfMA0GCSqGSIb3DQEBAQUA
A4GNADCBiQKBgQChrUNqM9bF4rU/B2C/hEZNRTP7HzofkD6qMqde5qy+wVqOaVaq
WaQPa7WUoq+aL/q4O0t1I/4D2vS9UO/Xf8eVUWZNyZH3pNq+YEjq/rQHCDVYqzV/
V+mnBy9Xta9payWwzTXaav0FLvtkEfAH0dcBrLrOOByOX+hLAKHxMAoVKQIDAQAB
MA0GCSqGSIb3DQEBBQUAA4GBAISu8yHDX6x1n6Xc7rPI/b1EFJGg09XbaGYTc55O
i59dslOx9R4yFaxTIi2LHfguO3I5Q4HGRT5EctmUIVu6schEQb1tzx0HWzDsTLG2
YQyhZF49gudmAtk1nFggV4uhWP2XLWwBxzMa+oQ5K8p++fHUhSuvFw5iejf13PHz
6S+g
-----END CERTIFICATE-----
subject=/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
issuer=/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
---
No client certificate CA names sent
---
SSL handshake has read 1239 bytes and written 340 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID:
067A93FD93C798641CE87C9DFE7C47939B56FC61B9A791C103771A756E83B9A8
Session-ID-ctx:
Master-Key:
E2645E27AC78634AC4BED831A8C6913FF949A9A81F1A687328C4E8DBD371FC47BCB71A513DAA706F4FEA41A9814397EB
Key-Arg : None
Start Time: 1159130361
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
GET /lock/ HTTP/1.0
depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT
Department/CN=secure.example.net/emailAddress=hq@example.net
verify return:1
read R BLOCK
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2006 20:39:31 GMT
Server: Apache
Last-Modified: Sat, 16 Sep 2006 09:45:00 GMT
ETag: "4f6e2-3-fe8c1f00"
Accept-Ranges: bytes
Content-Length: 3
Connection: close
Content-Type: text/html
Certificate accepted
Za po-podrobna informatsiia,
izpolzvaite '-debug', '-msg' ili '-state'. Ako se opitate da
izpolzvate
anuliran ili nevaliden sertifikat, sledva da poluchite slednite
suobshteniia:
(httpd error_log)
[Sun Sep 24 17:31:01 2006] [error]
Certificate Verification: Error (23): certificate revoked
[Sun Sep 24 17:31:01 2006] [error]
Re-negotiation handshake failed: Not accepted by client!?
[Sun Sep 24 17:34:54 2006] [error]
Certificate Verification: Error (20): unable to get local
issuer
certificate
[Sun Sep 24 17:37:41 2006] [error]
Certificate Verification: Error (10): certificate has
expired
(s_client)
>>> TLS 1.0
ChangeCipherSpec [length 0001]
01
>>> TLS 1.0 Handshake
[length 0010], Finished
14 00 00 0c d7 82
fa 4c dc d9 31 7a 83 e5 2e ef
02 2c
2873:error:14094414:SSL
routines:SSL3_READ_BYTES:sslv3 alert certificate
revoked:s3_pkt.c:1057:SSL alert number 44
2873:error:140940E5:SSL
routines:SSL3_READ_BYTES:ssl handshake
failure:s3_pkt.c:994:
[ EKRANNI SNIMKI ]
.:
Prilozhenie
Tova reshenie mozhe da se izpolzva ot
vsiaka edna organiztsiia, bez znachenie dali stava vupros za
Intranet ili
vunshni potrebiteli, kogato sa neobhodimi dopulnitelni metodi
na zashtita
do daden
resurs. Pri pravilna realizatsiia ima visoka efikasnost. Samoto
administrirane na lokalnoto CA triabva da se izvurshva po
adekvaten nachin. Vuzmozhno e i protsesut da se avtomatizira.
.: Vruzki
[1] http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
[2] http://www.openssl.org/docs/
<< Izpolzvane na IPSET, IPTABLES i IPMARK | Konfigurirane na multimediina klaviatura v Linux >>
|