1 / 26

Agenda

How to Use XML Security Standards in Real World Aleksey Sanin <aleksey@aleksey.Com> O’Reilly Open Source Convention July 7 - 11, 2003. Agenda. W3C XML Security specifications XML Security Library Practical XML Security. W3C XML Security Standards.

annice
Download Presentation

Agenda

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to Use XML Security Standards in Real WorldAleksey Sanin <aleksey@aleksey.Com> O’Reilly Open Source ConventionJuly 7 - 11, 2003

  2. Agenda • W3C XML Security specifications • XML Security Library • Practical XML Security

  3. W3C XML Security Standards • XML Canonicalization and Exclusive XML Canonicalization (W3C recommendations)http://www.w3.org/TR/xml-c14n/http://www.w3.org/TR/xml-exc-c14n/ • XML Signature (W3C recommendation)http://www.w3.org/TR/xmldsig-core/ • XML Encryption (W3C recommendation)http://www.w3.org/TR/xmlenc-core/ • XML Key Management (W3C working draft)http://www.w3.org/TR/xkms2/

  4. Why Do We Need New Specifications? • SSL/TLS provides transport level security when Web services need messages level security • Store message for later use • Session keys in SSL/TLS • Fine grained security for XML documents

  5. XML Canonicalization • <Test a="aa" b="bb"/> • <Test b="bb" a="aa"></Test> • <Test a="aa" b="bb"></Test>

  6. XML Canonicalization (Continue) • C14N is a serialization of XML document or XPath node set to a binary string. • There are many C14N algorithms (W3C: C14N, Exclusive C14N). • Same input data (XML document or XPath node set) and same C14N algorithm produce the same binary string. • Use Exclusive C14N.

  7. XML Digital Signature Structure <dsig:Signature ID?> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm /> <dsig:SignatureMethod Algorithm /> <dsig:Reference URI? >+ </dsig:SignedInfo> <dsig:SignatureValue> <dsig:KeyInfo>? (<dsig:Object ID?>)* </dsig:Signature>

  8. XML Digital Signature Structure: Reference element <dsig:Reference URI? > (<dsig:Transforms> (<dsig:Transform Algorithm />)+ </dsig:Transforms>)? <dsig:DigestMethod Algorithm > <dsig:DigestValue> </dsig:Reference>

  9. XML Digital Signature Structure: KeyInfo element <dsig:KeyInfo> <dsig:KeyName>? <dsig:KeyValue>? <dsig:RetrievalMethod>? <dsig:X509Data>? <dsig:PGPData>? <enc:EncryptedKey>? <enc:AgreementMethod>? <dsig:KeyName>? <dsig:RetrievalMethod>? <*>? </dsig:KeyInfo>

  10. XML Digital Signature Generation • Calculate digests other signed data from <dsig:Reference/> element. • Compose <dsig:SignedInfo/> element. • Calculate signature other <dsig:SignedInfo/> element and place result in <dsig:SignatureValue/> element.

  11. XML Digital Signature: Enveloped Signature Example <?xml version="1.0" encoding="UTF-8"?> <Envelope> <SignedData>Hello, World!</SignedData> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/…"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>9H/rQr...</DigestValue> </Reference> </SignedInfo> <SignatureValue>Mx4psI...</SignatureValue> <KeyInfo><KeyName>My-RSA-Key</KeyName></KeyInfo> </Signature> </Envelope>

  12. XML Digital Signature: Enveloped Signature Example (Continue) Digested data: <Envelope> <SignedData>Hello, World!</SignedData> </Envelope> Signed data: <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/…"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>9H/rQr...</DigestValue> </Reference> </SignedInfo>

  13. XML Encryption Structure <enc:EncryptedData Id? Type? MimeType?> <enc:EncryptionMethod Algorithm />? <dsig:KeyInfo>? <enc:CipherData> <enc:CipherValue>? <enc:CipherReference URI?>? </enc:CipherData> <enc:EncryptionProperties>? </enc:EncryptedData>

  14. XML Encryption: Example <?xml version="1.0" encoding="UTF-8"?> <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>My-DES-Key</KeyName> </KeyInfo> <CipherData> <CipherValue>WXlDy...</CipherValue> </CipherData> </EncryptedData>

  15. XML Security Toolkits • XML Security Library (C/C++)http://www.aleksey.com/xmlsec • Microsoft .NET (C#)http://msdn.microsoft.com/netframework/ • DataPower (Hardware)http://www.datapower.com/products/xs40.html • Apache XML Security (Java)http://xml.apache.org/security/index.html • Baltimore Technologies (Java)http://www.baltimore.com/keytools/xml/ • IBM XML Security Suite (Java)http://www.alphaworks.ibm.com/tech/xmlsecuritysuite • Phaos Technology Corporation (Java)http://phaos.com/products/category/xml.html

  16. XML Security Library • Open Source (MIT license) • Based on LibXML2/LibXSLT and your favorite cryptographic library • Strong standards support • Very fast • Can use practically any cryptographic library (OpenSSL, GnuTLS, NSS, …) • Portable (Linux, OpenBSD, FreeBSD, Solaris, Windows, Mac OS X, …)

  17. XML Security Library: Objects • Transforms • Keys • Keys Manager • Operation Contexts • Signature • Encryption • Transforms • Key selection • Templates

  18. XML Security Library: Templates <?xml version="1.0" encoding="UTF-8"?> <Envelope> <SignedData>Hello, World!</SignedData> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/…"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference URI=""> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue></DigestValue> </Reference> </SignedInfo> <SignatureValue></SignatureValue> <KeyInfo> <KeyName></KeyName> </KeyInfo> </Signature> </Envelope>

  19. XML Security Library: Signing or Encrypting XML Document • Prepare keys manager (the same keys manager can be shared by multiple operations) • Create or load "template" and select the start node (<dsig:Signature/> or <enc:EncryptedData/>) • Create signature (xmlSecDSigCtx) or encryption (xmlSecEncCtx) context object • Specify signature or encryption key in the template (by name, for example) or in the context object • Sign or encrypt data and consume the result • Destroy context object

  20. XML Security Library: Signature Example int sign_template(xmlDocPtr tmpl, xmlNodePtr startNode, xmlSecKeyPtr key) { xmlSecDSigCtxPtr dsigCtx; /* create signature context w/o keys manager */ dsigCtx = xmlSecDSigCtxCreate(NULL); if(dsigCtx == NULL) { fprintf(stderr,"Error: failed to create context.\n"); return(-1); } /* set signature key in the context */ dsigCtx->signKey = xmlSecKeyDuplicate(key); if(dsigCtx->signKey == NULL) { fprintf(stderr,"Error: failed to duplicate key.\n"); xmlSecDSigCtxDestroy(dsigCtx); return(-1); }

  21. XML Security Library: Signature Example (Continue) /* sign the template */ if(xmlSecDSigCtxSign(dsigCtx, startNode) < 0) { fprintf(stderr,"Error: signature failed.\n"); xmlSecDSigCtxDestroy(dsigCtx); return(-1); } /* destroy context object */ xmlSecDSigCtxDestroy(dsigCtx); return(0); }

  22. XML Security Library: Verifying Signature • Prepare keys manager (the same keys manager can be shared by multiple operations) • Load signed document and select the start node (<dsig:Signature/> or <enc:EncryptedData/>) • Create signature (xmlSecDSigCtx) or encryption (xmlSecEncCtx) context object • Verify signature or decrypt the data, consume the result • Destroy context object

  23. XML Security Library: Signature Verification Example int verify_document(xmlDocPtr doc, xmlNodePtr startNode, xmlSecKeysMngrPtr keysMngr) { xmlSecDSigCtxPtr dsigCtx; int res; /* create signature context */ dsigCtx = xmlSecDSigCtxCreate(keysMngr); if(dsigCtx == NULL) { fprintf(stderr,"Error: failed to create context.\n"); return(-1); } /* Verify signature */ if(xmlSecDSigCtxVerify(dsigCtx, startNode) < 0) { fprintf(stderr,"Error: verification failed.\n"); xmlSecDSigCtxDestroy(dsigCtx); return(-1); }

  24. XML Security Library: Signature Verification Example (Continue) /* check verification result */ if(dsigCtx->status == xmlSecDSigStatusSucceeded) { /* signature is valid */ res = 1; } else { /* signature is invalid */ res = 0; } /* destroy signature context */ xmlSecDSigCtxDestroy(dsigCtx); return(res); }

  25. Practical XML Security • Check what was actually signed • Use pre-digested data • Analyze used transforms • Limit allowed digest, signature, encryption and transform algorithms • Limit allowed key sources • Check that data or key source matches expectation

More Related