ot Vesselin Markov(25-09-2006)

reiting (20)   [ dobre ]  [ zle ]

Printer Friendly Variant za otpechatvane


Dostup do ueb resursi chrez H.509 identifikatsiia


Veselin Markov 09.2006

Tozi dokument demonstrira metod na udostoverenie pri dostup do ueb resursi, iziskvasht identifikatsiia ot strana na potrebitelia, bazirana na X.509v3 sertifikati.

Preduprezhdenie: Potrebitelite na Internet Explorer niama da mogat da vidiat grafichnite failove kum statiiata poradi nesuvmestimost na brauzura s RFC2397 (data: URL scheme).


.: Vuvedenie


Edin ot chesto izpolzvanite metodi za identifikatsiia na potrebitel e izpolzvane na shema, pri koiato se iziskva validno potrebitelsko ime i parola. Kolkoto i dobre utvurden da e tozi variant, toi ima svoite slabosti - parolite ne vinagi bivat podbirani slozhni, koeto gi pravi lesni za otgatvane. Dosta prilozheniia koito izpolzvat takava sistema sa uiazvimi ot ataki tip "gruba sila", potrebitelskite danni ne vinagi se predavat po obezopasen nachin i pr.

Regulirane na dostup baziran na IP adresi riadko e prilozhimo i pochti vinagi nepraktichno reshenie, ne samo kogato potrebitelite sa poveche.

Drug metod, koito se nalaga ot finansovi organizatsii (a i ne samo) e forsirane na avtentikatsiia chrez klientski sertifikati, t.e. survurut iziskva nalichieto na opredelen fail ot strana na klienta, za da razreshi po-natatushen dostup. Izpulnenieto na tozi variant ne e dotam trivialna zadacha, no sigurnostta pri opredeliane na pravo za polzvane na daden resurs, znachitelno se povishava.

Primer za polzite ot takuv vid udostoveriavane sa neprekusnatite ataki s tsel otgatvane na potrebitel/parola pri SSH. S izpolzvane na PKI sistema te otpadat.

Vse poveche ueb survuri poddurzhat takuv tip klient/survur avtentikatsiia, a reshenieto razglezhdano ot statiiata se bazira na Apache i OpenSSL.



.: Izgrazhdane i administrirane na Dostovren Iztochnik na Sertifikati (Certificate Authority)


Tozi podhod iziskva suzdavane i izvurshvane na slednite operatsii pri upravlenie na CA:

1. Izdavane na klientski sertifikati
2. Proverka za validnost v bazata danni na CA
3. Otmiana/anulirane na sertifikat, pri:

  3.1. Iztekla validnost na sertifikat
  3.2. Zaguba na sertifikat
  3.3. Komprometiran sertifikat
  3.4. Drugo subitie nalagashto prekusvane na validnostta mu

4. Podnoviavane na sertifikat


Sledvat niakoi ukazaniia, koito vi biha bili polezni pri administrirane na CA. Po tozi nachin shte suzdadete lokalno CA:

# mkdir -p CA/{newcerts,private,crl} && cd CA
# echo 01 > serial
# touch index.txt
# cp /etc/ssl/openssl.cnf-sample openssl.cnf
# vim openssl.cnf

Primeren cnf fail ima v paketa OpenSSL. Napravete promeni kudeto e neobhodimo
(ime na CA direktoriia, klyuch/sertifikat, validnost v dni i dr. parametri).

# openssl req -new -x509 -keyout private/CA.key -out CA.crt -days 3650 -config openssl.cnf

Dobre e Root CA sertifikatut vi da ima po-goliama validnost. Parolata za chastniia klyuch triabva da bude podbrana vnimatelno i da ne se zabravia.
Proverete informatsiiata koiato ste populnili taka:

# openssl x509 -in CA.crt -noout -text

Izdavane i podpisvane ot CA na nov (potrebitelski) sertifikat:

# openssl req -nodes -new -x509 -keyout 01req.pem -out 01req.pem -days 1095 -config openssl.cnf
# openssl x509 -x509toreq -in 01req.pem -signkey 01req.pem -out tmp.pem
# openssl ca -config openssl.cnf -policy policy_anything -out 01cert.pem -infiles tmp.pem
# mv 01req.pem 01key.pem ; rm -f tmp.pem

V momenta 01key.pem sudurzha chastniia klyuch (i CSR), a 01cert.pem e podpisaniiat ot CA nov sertifikat.
Zapis za tova subitie shte otide i v index.txt; toi triabva da zapochva s V, koeto e indikatsiia sertifikatut che e validen. Drugi vuzmozhni stoinosti sa R (revoked) i E (expired).

Triabva da ustanovite protsedura po redovno podnoviavane na bazata danni na CA i proverka na sertifikatite:

# openssl ca -updatedb -verbose -config openssl.cnf
# openssl verify -CAfile CA.crt XYZcert.pem

S vremeto, po razlichni prichini shte vi se nalaga da anulirate sushtestvuvashti sertifikati. Po tozi nachin shte suzdadete Certificate Revocation List (CRL), koito triabva da bude opresniavan vseki put kogato tova se nalaga.

# openssl ca -revoke bad_cert.pem -keyfile private/CA.key -cert CA.crt -config openssl.cnf
# openssl ca -gencrl -keyfile private/CA.key -cert CA.crt -out crl/CA.crl -config openssl.cnf


Prochitane na CA.crl

# openssl crl -in crl/CA.crl -noout -text

  
 Certificate Revocation List (CRL):  
         Version 1 (0x0)  
         Signature Algorithm: sha1WithRSAEncryption  
         Issuer: /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=Example Corp. CA-1/emailAddress=hq@example.net  
         Last Update: Sep 25 08:18:41 2006 GMT  
         Next Update: Oct 25 08:18:41 2006 GMT  
 Revoked Certificates:  
     Serial Number: 02  
         Revocation Date: Sep 25 08:18:19 2006 GMT  
     Signature Algorithm: sha1WithRSAEncryption  
         2b:a4:f0:9d:92:bc:75:f2:04:2f:b8:0f:51:90:72:23:21:1d:  
         2c:b8:56:8b:e9:67:b9:a8:90:08:23:f9:10:89:ea:a9:26:c5:  
         cb:e6:6d:17:95:f8:87:ce:09:dc:5b:3f:66:b5:7e:69:eb:66:  
         a7:d5:cf:3b:8f:e5:01:98:83:4d:f8:8b:0b:28:7b:04:2d:ee:  
         e1:2b:99:96:ed:41:3f:9a:9b:62:d6:4e:f9:08:1d:d7:e2:e9:  
         9c:8e:fc:4f:8c:f2:6d:9d:85:09:7a:b7:70:83:ca:a6:cf:72:  
         80:0e:2a:0a:8f:82:dd:2f:c3:25:92:9a:de:20:6a:77:d9:cc:  
         1d:4f

Po podrazbirane validnostta na tozi list e 30 dni. Tazi stoinost mozhe da bude promeniana. Ne e fatalno ako propusnete da go pre-generirate sled iztichaneto na tozi srok, stiga da niama podlezhasht na anulirane subekt.

Pri podnoviavane na sertifikat purvo triabva da anulirate tekushtiia (koito mozhe i da e s iztekla validnost), sled koeto podpisvate otnovo originalniiat (kum nego) CSR (Certificate Signing Request), kato suobraziavate novite dati.

# openssl ca -config openssl.cnf -policy policy_anything -out renewed-01cert.pem -infiles 01key.pem -startdate <sega> -enddate <predishen srok na validnost+1095 dni>

V 01key.pem prisustva originalniiat CSR osven chastniiat klyuch.

V nachaloto imahme suzdadeni 01cert.pem i 01key.pem. Za da mogat da budat importnati v brauzur ili S/MIME klient za elektronna poshta, triabva da budat preobrazuvani v PKCS#12 vid. Takuv hranilishten fail sudurzha chastniia klyuch kum sertifikata, samiia sertifikat i tozi na CA. Za da bude zashtiten se polzva simetrichno kriptirane s parola, koiato triabva da predostavite na potrebitelia.

# openssl pkcs12 -export -in 01cert.pem -inkey 01key.pem -certfile CA.crt -name cust01 -out cust01.p12

Pri neobhodimost obratno mozhe da bude transformiran v PEM fail:

# openssl pkcs12 -in cust01.p12 -out 01keys.pem -nodes

Sled kato stava duma za sobstveno-podpisani sertifikati ot osobeno znachenie e sertifikatut na loklanoto CA da bude importnat v brauzura na klienta kato Trusted Authority. Pri vsiaka edna greshka v posledstvie pri klient/survur komunikatsiia, sledva da se potursi nezabavno sudeistvie ot administratorite na suotvetnoto CA. V protiven sluchai sledva da se raziasni kakvo e sertifikaten fingerprint i tozi niz da bude izvesten na potrebitelia za spravka:

# openssl x509 -fingerprint -noout -in /opt/CA/CA.crt
SHA1 Fingerprint=63:AC:75:46:BC:A6:B6:D4:F5:4A:37:1D:0F:F3:C2:9A:D8:1B:F1:C0




.: Konfiguratsiia na Apache survur


Edno ot neshtata koito ne triabva da se propuskat e da se upomene v konfiguratsionniia fail, che direktoriiata koiato shte zashtitavame mozhe da bude dostupna samo v SSL rezhim ot httpd.conf:


<Directory /opt/apache2/htdocs/lock>
   SSLRequireSSL
</Directory>

...

Primerna konfiguratsiia v httpd-ssl.conf

...

 SSLCACertificateFile /opt/CA/CA.crt
 SSLCARevocationFile /opt/CA/crl/CA.crl

<Location /lock>
   SSLRequireSSL
   SSLVerifyClient require
   SSLVerifyDepth 1
</Location>

</VirtualHost>

Tuk pochti vsichko e iasno, s izklyuchenie mozhe bi na direktivata SSLVerifyDepth. Kogato e sus stoinost 1, edinstveno klientski sertifikati koito sa podpisani ot gorespomenatoto CA bivat dopuskani do suotvetniia resurs.

Kogato pravite promiana po CRL lista triabva da nakarate ueb survura da go prochete nanovo.

# kill -SIGHUP `cat httpd.pid`

[Sun Sep 24 17:14:36 2006] [notice] SIGHUP received. Attempting to restart
[Sun Sep 24 17:14:36 2006] [notice] Apache configured -- resuming normal operations




.: Primeri


Ako rabotite poveche v konzola, mozhete da izpolzvate SSL/TLS klienta ot OpenSSL, za da proverite dali neshtata rabotiat kakto se ochakva.

# openssl s_client -connect secure.example.net:443 -cert /opt/CA/01cert.pem -key /opt/CA/01key.pem

CONNECTED(00000003)  
 depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 verify error:num=18:self signed certificate  
 verify return:1  
 depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 verify return:1  
 ---  
 Certificate chain  
  0 s:/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
    i:/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 ---  
 Server certificate  
 -----BEGIN CERTIFICATE-----  
 MIICnzCCAggCCQDctSBIGHvahjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC  
 QkcxCzAJBgNVBAgTAkJHMQswCQYDVQQHEwJCRzEWMBQGA1UEChMNRXhhbXBsZSBD  
 b3JwLjEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEbMBkGA1UEAxMSc2VjdXJlLmV4  
 YW1wbGUubmV0MR0wGwYJKoZIhvcNAQkBFg5ocUBleGFtcGxlLm5ldDAeFw0wNjA5  
 MjQyMDIwMzZaFw0wNjExMjMyMDIwMzZaMIGTMQswCQYDVQQGEwJCRzELMAkGA1UE  
 CBMCQkcxCzAJBgNVBAcTAkJHMRYwFAYDVQQKEw1FeGFtcGxlIENvcnAuMRYwFAYD  
 VQQLEw1JVCBEZXBhcnRtZW50MRswGQYDVQQDExJzZWN1cmUuZXhhbXBsZS5uZXQx  
 HTAbBgkqhkiG9w0BCQEWDmhxQGV4YW1wbGUubmV0MIGfMA0GCSqGSIb3DQEBAQUA  
 A4GNADCBiQKBgQChrUNqM9bF4rU/B2C/hEZNRTP7HzofkD6qMqde5qy+wVqOaVaq  
 WaQPa7WUoq+aL/q4O0t1I/4D2vS9UO/Xf8eVUWZNyZH3pNq+YEjq/rQHCDVYqzV/  
 V+mnBy9Xta9payWwzTXaav0FLvtkEfAH0dcBrLrOOByOX+hLAKHxMAoVKQIDAQAB  
 MA0GCSqGSIb3DQEBBQUAA4GBAISu8yHDX6x1n6Xc7rPI/b1EFJGg09XbaGYTc55O  
 i59dslOx9R4yFaxTIi2LHfguO3I5Q4HGRT5EctmUIVu6schEQb1tzx0HWzDsTLG2  
 YQyhZF49gudmAtk1nFggV4uhWP2XLWwBxzMa+oQ5K8p++fHUhSuvFw5iejf13PHz  
 6S+g  
 -----END CERTIFICATE-----  
 subject=/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 issuer=/C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 ---  
 No client certificate CA names sent  
 ---  
 SSL handshake has read 1239 bytes and written 340 bytes  
 ---  
 New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA  
 Server public key is 1024 bit  
 Compression: NONE  
 Expansion: NONE  
 SSL-Session:  
     Protocol  : TLSv1  
     Cipher    : DHE-RSA-AES256-SHA  
     Session-ID: 
 067A93FD93C798641CE87C9DFE7C47939B56FC61B9A791C103771A756E83B9A8  
     Session-ID-ctx:  
     Master-Key: 
 E2645E27AC78634AC4BED831A8C6913FF949A9A81F1A687328C4E8DBD371FC47BCB71A513DAA706F4FEA41A9814397EB  
     Key-Arg   : None  
     Start Time: 1159130361  
     Timeout   : 300 (sec)  
     Verify return code: 18 (self signed certificate)  
 ---  
   
 GET /lock/ HTTP/1.0  
   
 depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 verify error:num=18:self signed certificate  
 verify return:1  
 depth=0 /C=BG/ST=BG/L=BG/O=Example Corp./OU=IT 
 Department/CN=secure.example.net/emailAddress=hq@example.net  
 verify return:1  
 read R BLOCK  
   
 HTTP/1.1 200 OK  
 Date: Sun, 24 Sep 2006 20:39:31 GMT  
 Server: Apache  
 Last-Modified: Sat, 16 Sep 2006 09:45:00 GMT  
 ETag: "4f6e2-3-fe8c1f00"  
 Accept-Ranges: bytes  
 Content-Length: 3  
 Connection: close  
 Content-Type: text/html  
   
 Certificate accepted

Za po-podrobna informatsiia, izpolzvaite '-debug', '-msg' ili '-state'. Ako se opitate da izpolzvate anuliran ili nevaliden sertifikat, sledva da poluchite slednite suobshteniia:


(httpd error_log)
[Sun Sep 24 17:31:01 2006] [error] Certificate Verification: Error (23): certificate revoked
[Sun Sep 24 17:31:01 2006] [error] Re-negotiation handshake failed: Not accepted by client!?
[Sun Sep 24 17:34:54 2006] [error] Certificate Verification: Error (20): unable to get local issuer certificate
[Sun Sep 24 17:37:41 2006] [error] Certificate Verification: Error (10): certificate has expired

(s_client)
>>> TLS 1.0 ChangeCipherSpec [length 0001]
01
>>> TLS 1.0 Handshake [length 0010], Finished
14 00 00 0c d7 82 fa 4c dc d9 31 7a 83 e5 2e ef
02 2c
2873:error:14094414:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate revoked:s3_pkt.c:1057:SSL alert number 44
2873:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:994:


[ EKRANNI SNIMKI ]

accept cert dialogue


firefox cert mngr


browser



.: Prilozhenie


Tova reshenie mozhe da se izpolzva ot vsiaka edna organiztsiia, bez znachenie dali stava vupros za Intranet ili vunshni potrebiteli, kogato sa neobhodimi dopulnitelni metodi na zashtita do daden resurs. Pri pravilna realizatsiia ima visoka efikasnost. Samoto administrirane na lokalnoto CA triabva da se izvurshva po adekvaten nachin. Vuzmozhno e i protsesut da se avtomatizira.



.: Vruzki


[1] http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
[2] http://www.openssl.org/docs/






<< Izpolzvane na IPSET, IPTABLES i IPMARK | Konfigurirane na multimediina klaviatura v Linux >>