当前位置:网站首页>Detailed explanation of digital certificate and Ca

Detailed explanation of digital certificate and Ca

2022-06-13 07:57:00 Boiled soybeans in brine

List of articles

1. certificate 

" certificate  --  Digitally sign the public key "

You have to get a driver's license before you drive . There is a picture of myself on the driver's license 、 full name 、 Date of birth and other personal information . And the expiration date 、 Information such as the type of vehicle to be driven , The Public Security Bureau shall affix its seal on it . We just need to see the driver's license , You can know that the Public Security Bureau has determined that this person is qualified to drive a vehicle .

Public key certificate (Public-Key Certificate,PKC) It's very similar to a driver's license , There's a name in it 、 organization 、 Email address and other personal information , And the public key that belongs to that person , And certified by (Certification Authority、Certifying Authority, CA) Apply a digital signature . Just see the public key certificate , We can know that the certification authority has determined that the public key really belongs to this person . Public key certificate is also called certificate for short (certificate).

Many people may not have heard of certification bodies , The certification body is able to identify “ The public key does belong to this person ", An individual or organization that can generate a digital signature . Certification bodies include international organizations and organizations established by the government , There are also general enterprises that make profits by providing certification services , In addition, individuals can also set up certification bodies .

1.1 Application scenario of certificate

Let's understand the role of certificates through the representative application scenarios of certificates .

The following figure shows Alice towards Bob Sending ciphertext , Used in generating ciphertext Bob The public key of is obtained through the certification authority .

The certification body must be credible , about “ A trusted third party ”, The following figure will use Trent The name , The word comes from trust( trust ) The word evolved from .

Insert picture description here

Let's take a look at what these steps have done according to the above figure .

  1. Bob Generate key pair

    To communicate using public key cryptography , First, you need to generate a key pair .Bob Generated a pair of public and private keys , And keep the private key properly . ad locum , The key pair is composed of Bob Self generated , It can also be generated by the certification authority .

  2. Bob In the certification body Trent Register your own public key

    • ad locum Bob Then the public key is sent to the certification authority Trent, This is because Bob The certification authority is required Trent Digitally sign his public key ( That is, generate certificates ).

    • Trent received Bob After the public key of , Will confirm whether the received public key is Bob I own ( See the column : Identification and authentication business guidelines )

      special column : Identification and authentication business guidelines

      The certification authority confirms that " I am " The method of identity and the authentication business guidelines of the certification body (CertificatePractice Statement, CPS, The content of . If the certification body provides services for testing , Then there may be no identification at all . If it is a certification body operated by a government department , It may be necessary to confirm the identity according to the legal provisions . If it is a certification body set up internally by the enterprise , Then you may call the department head to confirm directly .

      for example ,VeriSign According to the authentication business guidelines of, identity confirmation is divided into Class1 ~ 3 There are three levels

      • Class1: Confirm your identity by sending a message to your email
      • Class2: Identify yourself through a third-party database
      • Class3: Confirm your identity through face-to-face authentication and identification

      The higher the rank , The more strict the identification is .

  3. Certification body Trent Use your own private key for Bob The public key of the system imposes a digital signature and generates a certificate

    Trent Yes Bob Public key plus digital signature . To generate a digital signature , need Trent Own private key , therefore Trent The key pair needs to be generated in advance .

  4. Alice Get a certificate with a certification authority Trent Digital signature of Bob The public key ( certificate )

    Now? Alice You need to Bob Send ciphertext , So she started from Trent Get the certificate at . The certificate contains Bob The public key .

  5. Alice Use a certification authority Trent Public key verification digital signature , confirm Bob The legitimacy of the public key

    Alice Use a certification authority Trent The public key of the certificate verifies the digital signature in the certificate . If the validation is successful , It is equivalent to confirming that the public key contained in the certificate really belongs to Bob Of . Come here ,Alice You get the legal Bob The public key .

  6. Alice use Bob The public key encrypts the message and sends it to Bob

    Alice use Bob The public key of encrypts the message to be sent , And send the message to Bob.

  7. Bob Decrypt the ciphertext with your own private key to get Alice The news of

    Bob received Alice The ciphertext sent , Then decrypt with your own private key , So you can see Alice News. .

The above is the use of certification bodies Trent The process of public key cryptographic communication . among 1、2、3 These steps are only performed when registering a new public key , Not every communication needs . Besides , step 4 Only in Alice It is the first time to use public key cryptography to Bob Only when sending messages , as long as Alice take Bob Your public key is stored on your computer , It can be used directly in future communication .

1.2 Certificate Standard Specification X.509

The certificate is issued by the certification authority , The user needs to validate the certificate , Therefore, if the format of the certificate is various, it will be inconvenient . therefore , People have developed a standard specification for certificates , One of the most widely used is by ITU(International TelecommumcationUnion, international telecommunications union ) and ISO(IntemationalOrganizationforStandardization, International Organization for Standardization ) To formulate the X.509 standard . Many applications support x.509 And take it as the Standard Specification for certificate generation and exchange .

X.509 Is a very common certificate format . All the certificates match ITU-T X.509 international standard , therefore ( Theoretically ) A certificate created for one application can be used for any other application that matches X.509 Application of standards .X.509 The structure of the certificate is to use ASN1(Abstract Syntax Notation One) Describe the data structure , And use ASN.1 Syntax to code .

In a certificate , It must be proved that the public key and the name of its owner are consistent . Yes X.509 The certificate says , Certifiers are always CA Or by the CA Designated person , One copy X.509 A certificate is a collection of standard fields , These fields contain information about the user or device and their corresponding public key .X.509 The standard defines what information should be included in the certificate , Describes how the information is encoded ( Data format )

Generally speaking , A digital certificate may contain basic data ( edition 、 Serial number ) 、 Signed object information ( Signature algorithm type 、 Signer information 、 The period of validity 、 Issued by 、 Issued public key )、CA Digital signature of , wait .

1.2.1 Certificate specification

The most widely used standard before is ITU and ISO Made jointly X.509 Of v3 Version specification (RFC5280), The following certificate information fields are defined :

  • Version number (Version Number): Version number of the specification , The current version is 3, The value is 0x2;

  • Serial number (Serial Number): from CA Maintain a column number assigned to each certificate it issues , Used to track and revoke certificates . As long as you have the issuer information and serial number , You can uniquely identify a certificate , The maximum can not be over 20 Bytes ;

  • Signature algorithm (Signature Algorithm): The algorithm used in digital signature , Such as :

    • sha256-with-RSA-Encryption
    • ccdsa-with-SHA2S6;

  • Issued by the (Issuer): Identification information of certificate issuing unit , Such as ” C=CN,ST=Beijing, L=Beijing, O=org.example.com,CN=ca.org.example.com ”;

  • The period of validity (Validity): The validity of the certificate is very long , Including start and end time .

  • The main body (Subject) : The identity of the certificate owner (Distinguished Name), Such as :" C=CN,ST=Beijing, L=Beijing, CN=person.org.example.com”;

  • The public key information of the subject (SubJect Public Key Info): Information about the protected public key :

    • Public key algorithm (Public Key Algorithm) The algorithm used by the public key ;
    • Principal public key (Subject Unique Identifier): The content of the public key .

  • The unique number of the issuer (Issuer Unique Identifier): Unique information on behalf of the issuer , only 2、3 Versioning support , Optional ;

  • Subject unique number (Subject Unique Identifier): Represents the unique information of the entity that owns the certificate , only 2,3 Versioning support , Optional :

  • Expand (Extensions, Optional ): Optional extensions . May include :

    • Subject Key Identifier: Entity's secret key identifier , Multiple pairs of secret keys that distinguish entities ;
    • Basic Constraints: Indicate whether it belongs to CA;
    • Authority Key Identifier: The public key identifier of the certificate issuer ;
    • CRL Distribution Points: The issuing address of the revocation document ;
    • Key Usage: Information about the purpose or function of the certificate .

Besides , The certificate issuer also needs to use its own private key to add a signature to the certificate content , To prevent others from tampering with the contents of the certificate .

1.2.2 Form of certificate

X.509 It is generally recommended to use PEM(Privacy Enhanced Mail) Format to store certificate related files . The file name suffix of certificate file is generally .crt or .cer . The suffix of the file name corresponding to the private key file is generally .key. The file name suffix of the certificate request file is .csr . Sometimes it's the same pem As a filename suffix .

PEM The format is stored as text . It generally includes head and tail tags and content blocks , The content block uses Base64 Encoding .

Code format summary :

  • X.509 DER(Distinguished Encoding Rules) code , The suffix is :.der .cer .crt
  • X.509 BASE64 code (PEM Format ), The suffix is :.pem .cer .crt

for example , One PEM Format (base64 code ) The contents of the sample certificate file for are as follows :

-----BEGIN CERTIFICATE-----
MIIDyjCCArKgAwIBAgIQdZfkKrISoINLporOrZLXPTANBgkqhkiG9w0BAQsFADBn
MSswKQYDVQQLDCJDcmVhdGVkIGJ5IGh0dHA6Ly93d3cuZmlkZGxlcjIuY29tMRUw
EwYDVQQKDAxET19OT1RfVFJVU1QxITAfBgNVBAMMGERPX05PVF9UUlVTVF9GaWRk
bGVyUm9vdDAeFw0xNzA0MTExNjQ4MzhaFw0yMzA0MTExNjQ4MzhaMFoxKzApBgNV
BAsMIkNyZWF0ZWQgYnkgaHR0cDovL3d3dy5maWRkbGVyMi5jb20xFTATBgNVBAoM
DERPX05PVF9UUlVTVDEUMBIGA1UEAwwLKi5iYWlkdS5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDX0AM198jxwRoKgwWsd9oj5vI0and9v9SB9Chl
gZEu6G9ZA0C7BucsBzJ2bl0Mf6qq0Iee1DfeydfEKyTmBKTafgb2DoQE3OHZjy0B
QTJrsOdf5s636W5gJp4f7CUYYA/3e1nxr/+AuG44Idlsi17TWodVKjsQhjzH+bK6
8ukQZyel1SgBeQOivzxXe0rhXzrocoeKZFmUxLkUpm+/mX1syDTdaCmQ6LT4KYYi
soKe4f+r2tLbUzPKxtk2F1v3ZLOjiRdzCOA27e5n88zdAFrCmMB4teG/azCSAH3g
Yb6vaAGaOnKyDLGunW51sSesWBpHceJnMfrhwxCjiv707JZtAgMBAAGjfzB9MA4G
A1UdDwEB/wQEAwIEsDATBgNVHSUEDDAKBggrBgEFBQcDATAWBgNVHREEDzANggsq
LmJhaWR1LmNvbTAfBgNVHSMEGDAWgBQ9UIffUQSuwWGOm+o74JffZJNadjAdBgNV
HQ4EFgQUQh8IksZqcMVmKrIibTHLbAgLRGgwDQYJKoZIhvcNAQELBQADggEBAC5Y
JndwXpm0W+9SUlQhAUSE9LZh+DzcSmlCWtBk+SKBwmAegbfNSf6CgCh0VY6iIhbn
GlszqgAOAqVMxAEDlR/YJTOlAUXFw8KICsWdvE01xtHqhk1tCK154Otci60Wu+tz
1t8999GPbJskecbRDGRDSA/gQGZJuL0rnmIuz3macSVn6tH7NwdoNeN68Uj3Qyt5
orYv1IFm8t55224ga8ac1y90hK4R5HcvN71aIjMKrikgynK0E+g45QypHRIe/z0S
/1W/6rqTgfN6OWc0c15hPeJbTtkntB5Fqd0sfsnKkW6jPsKQ+z/+vZ5XqzdlFupQ
29F14ei8ZHl9aLIHP5s=
-----END CERTIFICATE-----

Use openssl Tool command :openssl x509 -in ca-cert.pem -inform pem -noout -text

The parsed contents in the certificate :

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:e6:fc:62:b7:41:8a:d5:00:5e:45:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA-SHA256-G2
        Validity
            Not Before: Nov 21 08:00:00 2016 GMT
            Not After : Nov 22 07:59:59 2017 GMT
        Subject: C=US, ST=California, L=San Francisco, O=Wikimedia Foundation, Inc., CN=*.wikipedia.org
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:c9:22:69:31:8a:d6:6c:ea:da:c3:7f:2c:ac:a5:
                    af:c0:02:ea:81:cb:65:b9:fd:0c:6d:46:5b:c9:1e:
                    ed:b2:ac:2a:1b:4a:ec:80:7b:e7:1a:51:e0:df:f7:
                    c7:4a:20:7b:91:4b:20:07:21:ce:cf:68:65:8c:c6:
                    9d:3b:ef:d5:c1
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Agreement
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2

            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2

            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

            X509v3 Subject Alternative Name: 
                DNS:*.wikipedia.org, DNS:*.m.mediawiki.org, DNS:*.m.wikibooks.org, DNS:*.m.wikidata.org, DNS:*.m.wikimedia.org, DNS:*.m.wikimediafoundation.org, DNS:*.m.wikinews.org, DNS:*.m.wikipedia.org, DNS:*.m.wikiquote.org, DNS:*.m.wikisource.org, DNS:*.m.wikiversity.org, DNS:*.m.wikivoyage.org, DNS:*.m.wiktionary.org, DNS:*.mediawiki.org, DNS:*.planet.wikimedia.org, DNS:*.wikibooks.org, DNS:*.wikidata.org, DNS:*.wikimedia.org, DNS:*.wikimediafoundation.org, DNS:*.wikinews.org, DNS:*.wikiquote.org, DNS:*.wikisource.org, DNS:*.wikiversity.org, DNS:*.wikivoyage.org, DNS:*.wiktionary.org, DNS:*.wmfusercontent.org, DNS:*.zero.wikipedia.org, DNS:mediawiki.org, DNS:w.wiki, DNS:wikibooks.org, DNS:wikidata.org, DNS:wikimedia.org, DNS:wikimediafoundation.org, DNS:wikinews.org, DNS:wikiquote.org, DNS:wikisource.org, DNS:wikiversity.org, DNS:wikivoyage.org, DNS:wiktionary.org, DNS:wmfusercontent.org, DNS:wikipedia.org
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Key Identifier: 
                28:2A:26:2A:57:8B:3B:CE:B4:D6:AB:54:EF:D7:38:21:2C:49:5C:36
            X509v3 Authority Key Identifier: 
                keyid:96:DE:61:F1:BD:1C:16:29:53:1C:C0:CC:7D:3B:83:00:40:E6:1A:7C

    Signature Algorithm: sha256WithRSAEncryption
         8b:c3:ed:d1:9d:39:6f:af:40:72:bd:1e:18:5e:30:54:23:35:
         ...

1.2.3 CA certificate

A certificate is something used to prove that something is really something ( Is it like a tongue twister ?). In layman's terms , The certificate is just like the official seal above . Through the official seal , It can prove the authenticity of the corresponding certificate .

Theoretically , Everyone can find a certificate tool , Make your own certificate . How to prevent the bad guys from making their own certificates to cheat others ? See later CA Introduction to .

CA yes Certificate Authority Abbreviation , Also called “ Certificate Authority Center ”.

It's a third party agency responsible for managing and issuing certificates , Like a trusted intermediary company . Generally speaking ,CA It has to be trust in all industries and the public 、 Approved . So it has to be authoritative enough . like A、B Both companies have to trust C company , I'll find it C The company acts as the intermediary of the official seal .

  • CA certificate

    CA certificate , seeing the name of a thing one thinks of its function , Namely CA Certificate issued .

    As I said before , Everyone can find tools to make certificates . But the certificate made by your little child is useless . Because you're not authoritative CA office , Your own certificate is not authoritative .

    such as , Some villain carved a seal himself , Put it on the letter of introduction . But when people look at it , Not the official seal of a trusted agency , Just ignore it . The villain's plot will not succeed .

  • Certificate trust chain

    Certificates can be trusted directly , One certificate can prove that another certificate is also authentic . actually , Trust between certificates , It can be nested . such as ,C trust A1,A1 trust A2,A2 trust A3… This is called the certificate chain of trust . As long as you trust the first certificate on the chain , The subsequent Certificate , All can be trusted .

    hypothesis C Certificate trust A and B; then A trust A1 and A2;B trust B1 and B2. Then between them , Make up a tree relationship as follows ( An upside down tree ).

Insert picture description here

The certificate at the top root of the tree , Namely “ Root certificate ”. Except for the root certificate , All other certificates depend on the certificate at the next higher level , To prove myself . Who's going to prove it “ Root certificate ” Reliable pinch ? actually , The root certificate proves itself reliable ( Or to put it another way , The root certificate does not need to be certified ).

Smart students should realize by now : Root certificate is the foundation of the whole certificate system security . therefore , If a certificate system , There's something wrong with the root certificate ( It's no longer credible ), Then all other certificates trusted by the root certificate , It's no longer credible .

  • What's the use of a certificate

    1. Verify that the website is trustworthy ( in the light of HTTPS)

      Usually , If we visit some sensitive web pages ( For example, the user login page ), The protocol will use HTTPS instead of HTTP. because HTTP The agreement is clear , Once there's a bad guy peeping at your Internet communications , He / She can see the content of the Internet Communication ( Like your password 、 Bank account number 、 etc. ); and HTTPS It's an encrypted protocol , It's guaranteed that in your transmission , Bad guys can't peep .

      however , Never think ,HTTPS The protocol has encryption , You can rest easy . Let me give another example to illustrate , Encryption is not enough . Suppose there's a bad guy , Made a fake online banking site , And then lure you to the site . Suppose you are more simple , Be careless , Just put your account number , All the passwords are in . Then this villain's plot will succeed .

      To prevent the bad guys from doing this ,HTTPS The protocol has encryption mechanism , There is also a certificate mechanism . Through certificates to ensure that , A site is really a site .

      With the certificate , When your browser is accessing a HTTPS Website time , Will verify the CA certificate ( It's similar to verifying the official seal of the letter of introduction ). If the browser finds that the certificate is OK ( The certificate is trusted by a root certificate 、 The domain name bound on the certificate is consistent with the domain name of the website 、 The certificate has not expired ), Then the page opens directly ; Otherwise , The browser will give a warning , Tell you there is something wrong with the certificate of this website , Do you want to continue visiting the site ? Here's how IE and Firefox A snapshot of :

Insert picture description here
Insert picture description here

Most well-known websites , If used HTTPS agreement , Their certificates are trusted ( There would be no such warning ). therefore , If you go to a famous website in the future , Found that the browser jumped out of the above warning , You have to be careful !

  1. Verify that a file is trustworthy ( Has it been tampered with )

    In addition to the certificate can be used to verify a website , It can also be used to verify whether a file has been tampered with . Specifically, the digital signature of the file is made through the certificate . The process of making digital signature is too professional , Let's not talk about it . Later, I will tell you how to verify the digital signature of the file . Considering that most people use Windows System , I'll take Windows Let's take this as an example .

    such as , I have one on hand Google Chrome Installation file ( With a digital signature ). When I look at the properties of the file , You will see the following interface . Students with good eyes , You'll notice that there's a “ digital signature ” Tab for . If this tab doesn't appear , It means that the file is not attached with a digital signature .

Insert picture description here

Generally speaking , In the signature list , There is and only one signature . Select it , spot “ Details ” Button . Jump out of the following interface :

Usually this interface will display a line of words :“ The digital signature is OK ”( The picture is circled in red ). If there's this line , It means that the document is delivered to you from the factory , Not tampered with in the middle ( It's the original drop 、 It's pure ). If the file has been tampered with ( such as , Infected with the virus 、 Injected into the Trojan horse ), Then a warning will appear in the dialog box “ The digital signature is invalid

> [ Failed to transfer the external chain picture (img-nTQSfNiK-1567152270924)(assets/1533294414623.png)]

Whether the signature is normal or not , You can order “ Check the certificate ” Button . Now , Will jump out of the Certificate dialog . as follows :

> [ Failed to transfer the external chain picture (img-n5p5986M-1567152270925)(assets/1533294685323.png)]

Insert picture description here

From the latter interface , You can see the certificate trust chain just mentioned . The trust chain in the graph is 3 layer :

  • The first 1 Layer is the root certificate (verisign).
  • The first 2 Layer is symantec A certificate designed to sign .
  • The first 3 Layer is Google My own certificate .

Most well-known companies at the moment ( Or organizations ), The executable it publishes ( Such as software installation package 、 The driver 、 Security Patch ), They all have digital signatures . You can go and see for yourself .

It is suggested that before installing the software , Let's see if we have a digital signature first ? If there is , Just follow the above steps to verify . Once the digital signature is bad , Don't pretend that .

1.3 Public key infrastructure (PKI)

The specification of certificate alone is not enough to support the practical application of public key , We also need many other specifications , For example, who should issue the certificate , How to award , How to void the certificate when the private key is compromised , What format should be adopted for data exchange between computers . In this section, we will introduce the public key infrastructure that can make the use of public keys more effective .

1.3.1 What is public key infrastructure

Public key infrastructure (Public-Key infrastructure) It is the general name of a series of specifications and specifications formulated to make more effective use of public key . Public key infrastructure is generally abbreviated to... According to its English abbreviation PKI.

PKI Just a general term , It does not refer to a single specification or specification . for example ,RSA Formulated by the company PKCS(Public-Key Cryptography Standards, Public Key Cryptography Standard ) Series specifications are also PKI A kind of , And the Internet specification RFC(Requestfor Comments) There are also many with PKI Related documents . Besides ,X.509 Such specifications are also PKI A kind of . Developing PKI The program is written by various companies API(Application Programming Interface, Application programming interface ) Specifications and design documents can also be regarded as PKI Relevant specifications of .

therefore , According to the specifications adopted ,PKI There will also be many variations , This is also difficult for many people to understand as a whole PKI One of the reasons .

In order to help everyone understand PKI, Let's summarize briefly PKI The basic components of ( user 、 Certification body 、 Warehouse ) And the work of the certification body .

1.3.2 PKI The components of

PKI There are three main components of :

  • user — Use PKI People who
  • Certification body — The person who issued the certificate
  • Warehouse — The database that holds the certificate

Insert picture description here

user

Users are like Alice、Bob Use this way PKI People who . There are two types of users : One is to use PKI People who register their public keys , The other is the person who wants to use the registered public key . Let's take a look at the operations to be performed by these two users .

  • The operation performed by the user who registers the public key

    • Generate key pair ( It can also be generated by the certification authority )
    • Register the public key with the certification authority
    • Apply to the certification body for a certificate
    • Apply for cancellation of the registered public key as required
    • Decrypt the received ciphertext
    • Digitally sign messages

  • The operation performed by the user who has registered the public key

    • Encrypt the message and send it to the receiver
    • Verify the digital signature 
    /* 
====================  Little knowledge points  ==================== 
 How do browsers verify SSL certificate 
1.  stay IE Click... From the browser menu “ Tools  /Internet Options ”, choice “ Content ” label , Click on “ certificate ” Button , And then you can see IE
    Browsers have trusted a lot “ Intermediate certification authority ” and “ Trusted root certificate issuer   structure . When we visit the website , browser 
    Will automatically download the website SSL certificate , And check the security of the certificate .
2.  Because the certificate is graded , The site owner may receive a certificate from the root certification authority , It may also be from the next level of the root certificate ( Like a country 
    The certification center of , Or a certificate issued by a province ) Get the certificate . Suppose we are accessing a use   了  SSL Technology website ,IE Liu 
    The browser will receive a SSL certificate , If the certificate is issued by the root certification authority ,IE The browser will follow these steps 
    Check : Browser usage   Set the public key in the root certificate to authenticate the received certificate , If the same , This means that the security certificate is trusted by 
    Issued by any certification authority , This website is safe and reliable ; If it's time to SSL Certificates are not root servers   Issued by the server , The browser will automatically check 
    Check the license issuing authority at the next higher level , Until the corresponding root certification authority is found , If the root certification authority is trusted , Of this website SSL Prove 
    Books are also believable .
*/
Certification body (CA)

Certification body (Certification Authority,CA) It is the person who manages certificates . In the picture above, we named it Trent. The specific operations of the certification body are as follows :

  • Generate key pair ( It can also be generated by the user )

    There are two ways to generate key pairs : One is by PKI User generated , One is generated by the certification authority . When the authentication authority generates a user key pair , The certification authority needs to send the private key to the user , It needs to be used PKCS#12(Personal Information Exchange Syntax Standard) Other norms .

  • Authenticate your identity when registering the public key , Generate and issue certificates

    When the user generates the key pair by himself , The user will request the certification authority to generate the certificate . The specifications used in applying for the certificate are from PKCS#10(Certification Request Syntax Standard) Defined .

    The certification body shall, in accordance with its certification business guidelines (Certification Practice Statement,CPS) Authenticate the user's identity , And generate certificates . When generating the certificate , You need to use the private key of the certification authority to digitally sign . The format of the generated certificate is determined by PKCS#6 (Extended-Certificate Syntax Standard) and X.509 Defined .

  • Void certificate

    When the user's private key is lost 、 When stolen , The certification body needs to invalidate the certificate (revoke). Besides , Even if the private key is safe , Sometimes it is necessary to invalidate the certificate , For example, a user loses the right to use the private key because he leaves the company , Or it is the name change that results in inconsistency with the contents recorded in the certificate .

    The paper certificate can be invalid as long as it is torn up , But the certificate here is digital information , Even if it is deleted from the warehouse, it cannot be voided , Because the user will save a copy of the certificate , But the certification body can not invade the user's computer to delete the copy .

    To void a certificate , The certification body needs to produce a certificate == Void list (Certificate Revocation List), Referred to as CRL==.

    CRL List of certificates declared invalid by certification authority , say concretely , It is a list of the serial numbers of the voided certificates , And digitally signed by the certification authority . The certificate serial number is the number given by the certification authority when issuing the certificate , It will be recorded in the certificate .

    PKI Users need to obtain the latest information from the certification authority CRL, And query the signature you want to use to verify ( Or for encryption ) Whether the public key certificate of has been invalidated is a very important step .

    Suppose we have Bob Certificate , The certificate is signed by a legal certification authority , And also within the validity period , But these alone do not mean that the certificate must be valid , You also need to check the latest CRL, And confirm whether the certificate is valid . Generally speaking , This check is not done by the user himself , Instead, it should be done by the software that processes the certificate , But there are a lot of software that doesn't get better in time CRL.

In the work of the certification body , Public key registration and personal identity authentication can be performed by the registration authority (Registration Authority,RA) To share . thus , Certification bodies can focus on issuing certificates , Thus, the burden of certification bodies is reduced . however , The introduction of registration agencies also has drawbacks , For example, the certification body needs to certify the registration body itself , And with the increase of constituent elements , The communication process can also become complicated , Vulnerable points will also increase .

Warehouse

Warehouse (repository) Is a database that stores certificates ,PKI Users can obtain certificates from them when they need them . Its function is a bit like a phonebook for making phone calls . In the example at the beginning of this chapter , Although not specifically mentioned , but Alice obtain Bob The certificate of , You can use the warehouse . The warehouse is also called a certificate catalog .

1.3.3 All kinds of PKI

Public key infrastructure (PKI) The name always causes some misunderstandings , for instance “ There is only one authoritative certification body for the public ", perhaps “ The public key of the world is ultimately a root CA To certify ", In fact, these are not correct . The certification authority only needs to digitally sign the public key , So anyone can become a certification body , In fact, there are countless certification bodies in the world .

Country 、 Local government 、 The hospital 、 Public organizations and groups such as libraries can set up certification bodies to achieve PKI, The company can also implement it internally for business needs PKI, Even you and your friends can build for experimental purposes PKI.

For internal use in the company , The level of the certification body can correspond to the organizational level of the company as in the previous section , It may not correspond to each other . for example , If the company is in Tokyo 、 Osaka 、 Both Hokkaido and Kyushu have set up branches , It can also adopt the structure of mutual authentication between branches . In terms of the operation of the certification body , Can be purchased to build PKI Our software products are operated by our own company , You can also use VeriSign And other external authentication services . What specific measures should be taken , Depending on the purpose and scale , There is no set rule .

2.Fabric - ca

2.1 brief introduction

Fabric CA The project is a super ledger Fabric Internal MemberService Components , Manage the identity certificates of various entities in the network , The main implementation :

  • be responsible for Fabric All entities in the network (Identity) Identity management , Including identity registration 、 Write off, etc

  • The server supports the command line based on the client RESTful API How to interact

  • Responsible for certificate management , Include ECerts( Certificate of identity )、TCerts( Transaction certificate ) Etc

    Fabric CA use Go Language writing

stay fabric-ca Three certificate types in

1. Certificate of registration (ECert): Verify the identity of the entity

2. Communication Certificate (TLSCert): Ensure the safety of the communication link , Verify the remote identity

3. Transaction certificate (TCert): Issue to user , Control the authority of each transaction

The following figure describes CA The server Fabric How it works in a framework architecture :

Insert picture description here

CA The server structure is a tree structure , The root node of the whole tree structure is root CA(Root Server), There are multiple intermediaries CA(Intermediate CA), Each middle in the figure CA One can be configured on the server CA Service cluster ,CA The service cluster passes through the front HA Load balancing .

Fabric CA There are two ways to call Server service , One is through Client call , The other is through SDK call . Both calls are REST Style . This article uses the method of Client call .

2.2 Basic components

Fabric CA A typical C/S framework , There are currently two basic components , Realize the server-side function and client-side function respectively

  • Server side : fabric-ca-server Implement the core PKI(Public Key Infrastructure: Public key infrastructure ) service function , Support a variety of database background ( Include SQlite3、MySQL、PostgreSQL etc. ), And support integration LDAP Use the registration management function for users

  • client : fabric-ca-client Encapsulates the server side RESTful API, Provide commands to access the server , For users to interact with the server

2.3 install

Install the server and client binary commands to $GOPATH/bin Under the table of contents 

$ go get -u github.com/hyperledger/fabric-ca/cmd/...

Switch to the source directory :

$ cd $GOPATH/src/github.com/hyperledger/fabric-ca/1

Use make Command compilation :

$ make fabric-ca-server
$ make fabric-ca-client

Generate bin Catalog , The catalog contains fabric-ca-client And fabric-ca-server Two executables

2.4 initialization & Quick start

Return to the user directory 

1.$ cd ~
2.$ mkdir fabric-ca
3.$ cd fabric-ca

fabric-ca start-up :

1.  Use init To initialize 
2.  Use start start-up

initialization 

$ fabric-ca-server init -b admin:pass

Generate the configuration file to the current directory

  • fabric-ca-server-config.yaml: Default profile
  • ca-cert.pem: PEM Format CA Certificate file , Self signed
  • fabric-ca-server.db: Storing data sqlite database
  • msp/keystore/: Path to store the private key file of personal identity (_sk file ), Corresponding signing certificate

Quickly start and initialize a fabric-ca-server service 

$ fabric-ca-server start -b admin:pass

-b : Provide the name and password of the registered user , If not used LDAP, This option is required . The default configuration file name is fabric-ca-server-config.yaml

If the initialization command has not been executed before , The initialization operation will be performed first automatically during the startup process . That is, search for relevant certificates and configuration files from the main configuration directory , If it does not exist, it will automatically generate

2.5 Server configuration file parsing

fabric-ca-server-config.yaml The configuration file includes the general configuration , TLS To configure , CA To configure , Register management configuration , Database configuration , LDAP To configure , Organizational structure configuration , Signature , Certificate application, etc 

version: 1.1.1-snapshot-e656889
port: 7054 #  Specify the listening port of the service 
debug: false #  Is it enabled? DEBUG Pattern ,  Output more debugging information 
crlsizelimit: 512000

#  Whether to enable TLS, If enabled TLS After authentication, the certificate and the signed private key 
tls:    
  enabled: false #  Is it enabled? TLS,  Not enabled by default 
  certfile:         # TLS Certificate file 
  keyfile:          # TLS The key file 
  clientauth:   #  Client authentication configuration 
    type: noclientcert      #  No authentication by default 
    certfiles:      #  When client authentication is performed ,  List of trusted certificate files 

#  Include the name of the instance 、 Sign private key file 、 Authentication certificates and certificate chain files ; These private keys and certificate files will be used as the generation ECert、TCert Root certificate of 
ca:     
  name:         # CA The service name .  Can support multiple services 
  keyfile:      #  The key file ( Default : ca-key.pem)
  certfile:     #  Certificate file ( Default : ca-cert.pem)
  chainfile:    #  Certificate chain file ( Default : chain-cert.pem)

crl:
  expiry: 24h

#  When fabric-ca-server It can be used for user registration management ,  In this case, you need to disable LDAP function ,  otherwise fabric-ca-server Registration management data will be forwarded to LDAP The query 
registry:
  #  Allow the same user name and password to enrollment The maximum number of times , -1 For unlimited , 0 Registration is not supported 
  maxenrollments: -1 
  identities:   #  Registered entity information ,  Can be done enroll.  Only when LDAP Works when not enabled 
     - name: admin
       pass: adminpw
       type: client
       affiliation: ""
       attrs:
          hf.Registrar.Roles: "peer,orderer,client,user"
          hf.Registrar.DelegateRoles: "peer,orderer,client,user"
          hf.Revoker: true
          hf.IntermediateCA: true #  The id Whether it is an intermediate layer of CA
          hf.GenCRL: true
          hf.Registrar.Attributes: "*"
          hf.AffiliationMgr: true

#  Database support SQLite3、MySQL、Postgres.  The default is SQLite3 Type of local database .  If you want to configure a cluster ,  You need to choose MySQL or Postgres Back end database ,  And deploy load balancers on the front end ( Such as Nginx or HAProxy)
db:
  type: sqlite3
  datasource: fabric-ca-server.db       # SQLite3 File path 
  tls:
      enabled: false #  Is it enabled? TLS To connect to the database 
      certfiles:        # PEM Format of the database server TLS Root certificate ,  You can specify multiple ,  Separated by commas 
      client:
        certfile:       # PEM Client certificate file format 
        keyfile:        # PEM Format client certificate private key file 

#  Configure to use remote LDAP For registration management ,  authentication enrollment User and password ,  And get user attribute information .  here ,  The server will follow the specified usrfilter from LDAP Get the corresponding user ,  Using its unique identifier (distinguidhed name) Verify with the given password . 
#  When LDAP When the function is enabled , registry Configuration in will be ignored 
ldap:
   enabled: false #  Is it enabled? LDAP,  Not enabled by default 
   url: ldap://<adminDN>:<adminPassword>@<host>:<port>/<base>   # LDAP Service address of 
   tls:
      certfiles:    # PEM Format LDAP Server's TLS Root certificate ,  Can be for more than one ,  Separated by commas 
      client:
         certfile:  # PEM Client certificate file format 
         keyfile:   # PEM Format client certificate private key file 
   attribute:    
      names: ['uid','member']     
      converters:
         - name:
           value:      
      maps:
         groups:
            - name:
              value:

#  Organizational structure configuration 
affiliations:
   org1:
      - department1
      - department2
   org2:
      - department1

#  The configuration associated with issuing a certificate includes the signature method 、 Certificate timeout, etc . fabric-ca-server It can be used as the issuance of user certificates CA( By default ),  it_can_also_be_used_as_a_root_ CA To further support other intermediaries CA
signing:
    default:    #  By default , Used to sign Ecert
      usage:    #  Of the certificate issued KeyUsage extension Domain 
        - digital signature
      expiry: 8760h
    profiles:   #  Different sign off configurations 
      ca:   #  Sign the middle tier CA The configuration template for certificates 
         usage:
           - cert sign  #  Of the certificate issued KeyUsage extension Domain 
           - crl sign
         expiry: 43800h
         caconstraint:
           isca: true
           maxpathlen: 0 #  Limit the middle tier CA Unable to further sign the middle tier CA
      tls:
         usage:
            - signing
            - key encipherment
            - server auth
            - client auth
            - key agreement
         expiry: 8760h

# CA Configuration of application request for own certificate .  When CA As a root certificate service ,  A self signed certificate will be generated based on the request ;  When CA As an intermediate certificate service ,  Send the request to the root certificate of the upper layer for signing 
csr:
   cn: fabric-ca-server     #  It is recommended to be consistent with the server name 
   names:
      - C: US
        ST: "North Carolina"
        L:
        O: Hyperledger
        OU: Fabric
   hosts:
     - kevin-hf
     - localhost
   ca:      #  After configuration, it will be added to the extension field of the certificate 
      expiry: 131400h       #  Timeout time 
      pathlength: 1 #  The depth of intermediate certificates allowed to be generated 

#  Configure the selected cipher Library 
bccsp:
    default: SW
    sw:
        hash: SHA2
        security: 256
        filekeystore:
            keystore: msp/keystore      #  The path to store the key file 

#  Auto create except default CA Many outside CA example ,  Such as ca1、ca2 etc. 
cacount:

#  You can specify multiple CA Profile path ,  Each profile starts one CA service , Note that conflicts need to be avoided between different configuration files ( Such as service port 、TLS Certificates, etc )
cafiles:


#  When CA As the middle layer CA Relevant configuration during service .  Including the father CA Address and name of 、 Registration information 、TLS Configuration etc. .
#  Be careful :  When intermediate.parentserver.url When is not empty ,  It means Ben CA It's the middle layer CA service , Otherwise it's the root CA service 
intermediate:
  parentserver:     #  Father CA Related information 
    url:
    caname:

  enrollment:       #  In the father CA Side registration information 
    hosts:          #  Certificate host name list 
    profile:        #  Issued by profile
    label:          # HSM Label information in operation 

  tls:      # TLS Related configuration 
    certfiles:      #  The root of trust CA certificate 
    client:         #  Related files when client validation is enabled 
      certfile:
      keyfile:

2.6 Client command parsing

fabric-ca-client The command can interact with the server , It includes five subcommands :

  • enroll: Log in to get ECert
  • getcacert: obtain CA Certificate chain of service
  • reenroll: Log in again
  • register: Register user entity
  • revoke: Revoke the issued entity certificate

CRL verification

CRL It is generally used to verify the validity of digital certificates , When executed revoke After the operation, a CRL Certificate revocation list

CRL Is a CA Signed certificate revocation list , Used for certificate freezing and revocation

The general certificate will have CRL Address , for HTTP perhaps LDAP Access to , Through analysis, we can get CRL Address , Then download CRL To verify

CRL It will update automatically , It's not something that doesn't change after generation

2.7 see AKI And serial number

AKI: Public key identification number , Represents the identity of the authority issuing the certificate

View the root certificate AKI And serial number information :

$ openssl x509 -in .fabric-ca-client/msp/signcerts/cert.pem -text -noout

The output is as follows :

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:  #  Serial number 
            74:48:88:33:70:1a:01:a0:ad:32:29:6e:c5:ab:5a:fa:3b:91:25:a4
   ......
        X509v3 extensions:
           ......
            X509v3 Authority Key Identifier:    # keyid The following content is  AKI
                keyid:45:B1:50:B6:CD:8A:8D:C5:9B:9E:5F:75:15:47:D6:C0:AD:75:FE:71

    ......

Get... Alone AKI

$ openssl x509 -in .fabric-ca-client/msp/signcerts/cert.pem -text -noout | awk '/keyid/ {gsub (/ *keyid:|:/,"",$1);print tolower($0)}'

The output is as follows :

45b150b6cd8a8dc59b9e5f751547d6c0ad75fe71

Get the serial number separately 

$ openssl x509 -in .fabric-ca-client/msp/signcerts/cert.pem -serial -noout | cut -d "=" -f 2

The output is as follows :

74488833701A01A0AD32296EC5AB5AFA3B9125A4

er: # Serial number
74:48:88:33:70:1a:01:a0:ad:32:29:6e:c5?5a:fa:3b:91:25:a4

X509v3 extensions:

X509v3 Authority Key Identifier: # keyid The following content is AKI
keyid:45:B1:50:B6:CD:8A:8D:C5:9B:9E:5F:75:15:47:D6:C0:AD:75:FE:71

......


 Get... Alone AKI

````shell
$ openssl x509 -in .fabric-ca-client/msp/signcerts/cert.pem -text -noout | awk '/keyid/ {gsub (/ *keyid:|:/,"",$1);print tolower($0)}'

The output is as follows :

45b150b6cd8a8dc59b9e5f751547d6c0ad75fe71

Get the serial number separately 

$ openssl x509 -in .fabric-ca-client/msp/signcerts/cert.pem -serial -noout | cut -d "=" -f 2

The output is as follows :

74488833701A01A0AD32296EC5AB5AFA3B9125A4
原网站

版权声明
本文为[Boiled soybeans in brine]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/02/202202270545188725.html

边栏推荐

猜你喜欢

随机推荐