当前位置:网站首页>Cryptography series: detailed explanation of online certificate status protocol OCSP
Cryptography series: detailed explanation of online certificate status protocol OCSP
2022-07-07 12:32:00 【flydean】
brief introduction When we visit the website, we will deal with all kinds of certificates , Like visiting https On the web , Need to detect https Certificate validity of the website .
OCSP Is a verification protocol , Used to get X.509 Revocation status of digital certificate . It is to replace CRL And the emergence of .
This article will introduce in detail OCSP Implementation and advantages of .
PKI Medium CRL We know that PKI Architecture ,CA Certificates are a very important component , Client pass CA Certificate to verify the reliability of the service . about CA For the certificate itself, the expiration time can be specified when it is created . In this way, the certificate can not be used after expiration , Need to apply for a new certificate .
However, it is not enough to specify the expiration time for the certificate , For example, because of our business needs , What if the certificate needs to be revoked ?
PKI There is one provided in called CRL(certificate revocation list) The mechanism of , Used to maintain the list of revoked certificates .
This CRL By CA To issue , It is usually generated before the certificate expires . Because if the certificate has expired , So this CRL It's meaningless .
about CRL itself , It is a list of certificates , The format of the certificate is usually X.509.
CRL Generally, the certificate is issued by CA To maintain and publish , Release CRL The component is called CRL issuer, Generally speaking CRL issuer and CA It's the same service , But you can also send... As needed CRL issuer and CA To break up .
CRL By CA Regularly released , Of course, you can also revoke a as needed CA Reissue the certificate when CRL. be-all CRL All have expiration dates , Within this expiration time , The client can be based on CRL Signature in , Go to CA verification CRL The effectiveness of the , To prevent CRL Forgery of .
CRL The shortcomings of that CRL What are the disadvantages ?
First CRL Maintain a list of revoked certificates , In order to ensure the effectiveness of the system , The client checks every time CA When the certificate is valid , From the CA Get this from the server CRL. And then through CRL To verify the corresponding CA Certificate Status .
If you get this every time CRL, There may be the following problems .
The first question is , If CRL Unavailable , Then the client can't get this CRL, You can't verify CA The status of the certificate , This makes the service unavailable .
Another problem is , If there are many certificates to revoke , This CRL It may be relatively large , Thus causing a waste of network resources .
The last question is PKI The purpose of certificate system itself is to establish a self verifiable , A security system that does not rely on online services , If you have to get it online every time CRL Words , Just go PKI This advantage of .
CRL The state of although CRL Maintain a list of revocation certificates , However, the status of certificates in this list is different .
CRL There are two statuses of certificates in , The first is that the certificate has been revoked , For example, the certification authority CA It is found that the previously issued certificate is wrong , Or because of other reasons, such as the disclosure of the private key, the original certificate is not secure enough , The certificate needs to be withdrawn . Or the certificate authority's certificate is revoked because it fails to comply with some policies , You need to set the previous certificate to revocation status .
There is also a state of temporary revocation , It's called Hold state , The certificate is temporarily invalid , For example, determine whether the user's private key is lost . When the user finally finds the private key , Then the certificate can still be restored .
OCSP workflow since CRL There are so many shortcomings , So one is used to replace CRL Of OCSP There's an agreement .
So let's see OCSP workflow .
If A and B To use PKI To communicate . In order to ensure the security of communication ,A Send your public key to B, And tell B, This is my public key , You can use this public key to verify the message I sent you .
B Upon receipt of A After the public key of , I'm not sure A Your public key is correct , Not tampered with . So from the A Extracted from the public key of serial number, And encapsulate it into a ’OCSP request’ Medium distribution CA The server .
CA In the server OCSP responder It reads ’OCSP request’ request , And extract A Of the public key serial number.OCSP responder from CA Query this in the database of the server serial number Whether it is in the list of revoked databases .
If it's not found , That means A Your public key is still valid ,OCSP responder A signed... Will be sent OCSP response to B.
B By using CA Public key verification of the server OCSP response The effectiveness of the , So as to confirm A Your public key is still valid .
Last B Use A The public key and A To communicate .
OCSP The advantages of From the above OCSP We can roughly summarize the following work flow OCSP be relative to CRL The advantages of .
First OCSP The amount of data in response is greater than CRL smaller , So there is less demand and pressure on the network .
In addition, because OCSP The response has less data to parse , therefore OCSP The implementation of the client is better than CRL It's simpler .
Although because of CRL All kinds of shortcomings , stay web No longer used in the environment , But by being more efficient OCSP Replace , however CRL Still running in CA In other environments .
OCSP Details of the agreement OCSP The agreement is in RFC 6960 As defined in .
OCSP The protocol can be divided into request protocol and response protocol , Next, let's introduce .
OCSP request One OCSP The request needs to contain the protocol version number , Request service , Certificate to be verified identifier And optional extensions .
OCSP responder On receiving OCSP After the request , It's going to check OCSP The validity of the message , If there is a problem with the message, an exception will be returned , Otherwise, it will be processed according to the requested service .
OCSP Request if ASN.1(Abstract Syntax Notation One) Abstract syntax notation this can be expressed as :
OCSPRequest ::= SEQUENCE { tbsRequest TBSRequest, optionalSignature [0] EXPLICIT Signature OPTIONAL }
TBSRequest ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, requestorName [1] EXPLICIT GeneralName OPTIONAL, requestList SEQUENCE OF Request, requestExtensions [2] EXPLICIT Extensions OPTIONAL } Signature ::= SEQUENCE { signatureAlgorithm AlgorithmIdentifier, signature BIT STRING, certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}
Version ::= INTEGER { v1(0) }
Request ::= SEQUENCE { reqCert CertID, singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
CertID ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier, issuerNameHash OCTET STRING, -- Hash of issuer's DN issuerKeyHash OCTET STRING, -- Hash of issuer's public key serialNumber CertificateSerialNumber } ASN.1 Is an interface description language , adopt ASN.1, We can clearly describe the format information of data .
One OCSPRequest Is optionally signed by OCSP request tbsRequest And the corresponding signature optionalSignature Composed of .
among TBSRequest It contains the version number ,OCSP requestor Name , Status list of certificates requestList, The optional extended data consists of these items .
OCSP Respond to about OCSP In terms of response , According to different transmission protocols, its structure is also different . But all responses should contain responseStatus Field indicates the processing status of the request .
OCSP Sound application ASN.1 The format is represented as follows :
OCSPResponse ::= SEQUENCE { responseStatus OCSPResponseStatus, responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
OCSPResponseStatus ::= ENUMERATED { successful (0), -- Response has valid confirmations malformedRequest (1), -- Illegal confirmation request internalError (2), -- Internal error in issuer tryLater (3), -- Try again later -- (4) is not used sigRequired (5), -- Must sign the request unauthorized (6) -- Request unauthorized }
ResponseBytes ::= SEQUENCE { responseType OBJECT IDENTIFIER, response OCTET STRING }
responseStatus Is the status of the response ,responseBytes Is an optional response result .
there response It's a BasicOCSPResponse Object's DER code :
BasicOCSPResponse ::= SEQUENCE { tbsResponseData ResponseData, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING, certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } OCSP stapling You can see OCSP When the customer needs to check whether the certificate is revoked , You need to OCSP responser request , To confirm the validity of the certificate .
But this method actually divulges the user's private information , because OCSP responser Know the certificate that the client needs to verify , Just know the website the client is visiting .
So I introduced OCSP stapling To solve this problem .
So what is OCSP stapling Well ?
OCSP stapling Is directly to the OCSP Put the certificate in the place that the client wants to access web Server , because OCSP Certificates are time stamped and digitally signed , Therefore, its correctness can be guaranteed .
these OCSP The certificate will be displayed on the client and web End build SSL The handshake is included in OCSP Response .
In this way, the client does not need to be separated from CA Establish additional connections , This improves performance .
OCSP stapling It needs to be started on the server side .
If you're using a apache The server , First, you need a version greater than 2.3.3.
Then it needs to be in .conf In the document <VirtualHost></VirtualHost> block External addition :
SSLStaplingCahe shmcb: /tmp/stapling_cache(128000) And then in <VirtualHost></VirtualHost> block Add... Inside of :
SSLUseStapling On If you're using a nginx, First, you need a version greater than 1.3.7.
And then in nginx Configuration file for server {} block Add :
ssl_stapling on; ssl_stapling_verify on; If you want to verify whether a website is open OCSP stapling, You can go to https://entrust.ssllabs.com/ Query in the website :
In this website , You can enter the address of any website you want to query , Then you can get the following information :
You can see that this website is open OCSP stapling Of .
summary OCSP and OCSP stapling Is a very useful certificate revocation verification protocol , Has been widely used . You can check whether your website is used .
Please refer to http://www.flydean.com/43-pki-ocsp/
The most popular interpretation , The deepest dry goods , The most concise tutorial , There are so many tricks you don't know about waiting for you to discover !
Welcome to my official account. :「 Program those things 」, Know technology , Know you better !
边栏推荐
- Upgrade from a tool to a solution, and the new site with praise points to new value
- DOM parsing XML error: content is not allowed in Prolog
- IPv6 experiment
- idm服务器响应显示您没有权限下载解决教程
- 【统计学习方法】学习笔记——提升方法
- SQL lab 21~25 summary (subsequent continuous update) (including secondary injection explanation)
- Object. Simple implementation of assign()
- 【统计学习方法】学习笔记——第四章:朴素贝叶斯法
- OSPF exercise Report
- wallys/Qualcomm IPQ8072A networking SBC supports dual 10GbE, WiFi 6
猜你喜欢
小红书微服务框架及治理等云原生业务架构演进案例
Simple network configuration for equipment management
leetcode刷题:二叉树25(二叉搜索树的最近公共祖先)
BGP actual network configuration
全球首堆“玲龙一号”反应堆厂房钢制安全壳上部筒体吊装成功
关于 Web Content-Security-Policy Directive 通过 meta 元素指定的一些测试用例
SQL Lab (41~45) (continuous update later)
SQL lab 21~25 summary (subsequent continuous update) (including secondary injection explanation)
对话PPIO联合创始人王闻宇:整合边缘算力资源,开拓更多音视频服务场景
【深度学习】图像多标签分类任务,百度PaddleClas
随机推荐
(待会删)yyds,付费搞来的学术资源,请低调使用!
Inverted index of ES underlying principle
数据库系统原理与应用教程(008)—— 数据库相关概念练习题
【统计学习方法】学习笔记——第四章:朴素贝叶斯法
An error occurred when vscade tried to create a file in the target directory: access denied [resolved]
The left-hand side of an assignment expression may not be an optional property access.ts(2779)
关于 Web Content-Security-Policy Directive 通过 meta 元素指定的一些测试用例
Learning and using vscode
The road to success in R & D efficiency of 1000 person Internet companies
Decrypt gd32 MCU product family, how to choose the development board?
(to be deleted later) yyds, paid academic resources, please keep a low profile!
ps链接图层的使用方法和快捷键,ps图层链接怎么做的
Tutorial on principles and applications of database system (007) -- related concepts of database
AirServer自动接收多画面投屏或者跨设备投屏
ES底层原理之倒排索引
Solve server returns invalid timezone Go to ‘Advanced’ tab and set ‘serverTimezone’ property manually
How to understand the clothing industry chain and supply chain
What are the technical differences in source code anti disclosure
Solutions to cross domain problems
GCC compilation error