[精选]Cryptoki到CryptoAPI安全生产协议与标准管理klp.pptx

《[精选]Cryptoki到CryptoAPI安全生产协议与标准管理klp.pptx》由会员分享，可在线阅读，更多相关《[精选]Cryptoki到CryptoAPI安全生产协议与标准管理klp.pptx（93页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、 安全协议与标准2009,10 PKCS#11 and moreOverviewAPI Usage:SessionFunctions Summary Functions Detail/ExampleMechanisms:Algorithm,ProtocolComparison Implementation GSS-APIGCS-API CDSAMS-CAPI DEP OverviewIn cryptography,PKCS#11 is one of the family of standards called Public-Key Cryptography Standards(PKCS),pu

2、blished by RSA Laboratories.It defines a platform-independent API to cryptographic tokens,such as Hardware Security Modules and smart cards.(The PKCS#11 standard names the API Cryptoki,but is often used to refer to the API as well as the standard that defines it.)Since there isnt a real standard for

3、 cryptographic tokens,this API has been developed to be an abstraction layer for the generic cryptographic token.The PKCS#11 API defines most commonly used cryptographic object types(RSA keys,X.509 Certificates,DES/Triple DES keys,etc.)and all the functions needed to use,create/generate,modify and d

4、elete those objects.-PKCS#11 is largely adopted to access smart cards and HSMs.Most commercial Certification Authority software uses PKCS#11 to access the CA signing key or to enroll user certificates.Cross-platform software that needs to use smart cards uses PKCS#11,such as Mozilla Firefox and Open

5、SSL(using an extension).NSS(in Firefox)“pkcs-11v2-20.doc”BackgroundPortable computing devices such as smart cards,PCMCIA cards,and smart diskettes are ideal tools for implementing public-key cryptography,as they provide a way to store the private-key component of a public-key/private-key pair secure

6、ly,under the control of a single user.With such a device,a cryptographic application,rather than performing cryptographic operations itself,utilizes the device to perform the operations,with sensitive information such as private keys never being revealed.As more applications are developed for public

7、-key cryptography,a standard programming interface for these devices becomes increasingly valuable.This standard addresses this need.kaMemory cardSmart cardPCMCIA/CardBusUSB flash driveUSB KeyExpressCardPCI Express 口令之外口令登录指纹登录智能卡登录登录次数的限制PIN和lock功能SSO 其他生物识别认证技术 抽象：TokenThe primary goal of Cryptoki

8、 was a lower-level programming interface that abstracts the details of the devices,and presents to the application a common model of the cryptographic device,called a“cryptographic token”(or simply“token”).A token is a device that stores objects and can perform cryptographic functions.（cryptoki是toke

9、n的接口）General Cryptoki Model Object HierarchyCryptoki defines three classes of object UsersThis version of Cryptoki recognizes two token user types.One type is a Security Officer(SO).The other type is the normal user.The role of the SO is to initialize a token and to set the normal users PIN,and poss

10、ibly to manipulate some public objects.Only the normal user is allowed access to private objects on the token,and that access is granted only after the normal user has been authenticated.SessionCryptoki requires that an application open one or more sessions with a token to gain access to the tokens

11、objects and functions.A session provides a logical connection between the application and the token.Cryptoki supports multiple sessions on multiple tokens.A session can be a read/write(R/W)session or a read-only(R/O)session.Session eventsSession events cause the session state to change.The following

12、 table describes the events:EventOccurs when.Log In SOthe SO is authenticated to the token.Log In Userthe normal user is authenticated to the token.Log Outthe application logs out the current user(SO or normal user).Close Sessionthe application closes the session or closes all sessions.Device Remove

13、d the device underlying the token has been removed from its slot.Read-Only Session States Read/Write Session States Access to Different Types Objects by Different Types of Sessions Type of sessionType of objectR/O PublicR/W PublicR/O UserR/W UserR/W SOPublic session objectR/WR/WR/WR/WR/WPrivate sess

14、ion objectR/WR/WPublic token objectR/OR/WR/OR/WR/WPrivate token objectR/OR/W with fork()Consider a UNIX process P which becomes a Cryptoki application by calling C_Initialize,and then uses the fork()system call to create a child process C.if C needs to use Cryptoki,it needs to perform its own C_Init

15、ialize call.(and then C_Finalize after some other operations)if it has no need to use Cryptoki,it should immediately call C_Initialize and then call C_Finalize.with multi-threadCryptoki enables applications to provide information to libraries so that they can give appropriate support for multi-threa

16、ding.In particular,when an application initializes a Cryptoki library with a call to C_Initialize,it can specify one of four possible multi-threading behaviors for the library:Summary of Cryptoki Functions CategoryFunctionDescriptionGeneralpurposeFunctionsC_Initializeinitializes CryptokiC_Finalizecl

17、ean up miscellaneous Cryptoki-associated resourcesC_GetInfoobtains general information about CryptokiC_GetFunctionListobtains entry points of Cryptoki library functions Slot and token anagement functionsSlot andtokenmanagementfunctionsC_GetSlotListobtains a list of slots in the systemC_GetSlotInfoob

18、tains information about a particular slotC_GetTokenInfoobtains information about a particular tokenC_WaitForSlotEventwaits for a slot event(token insertion,removal,etc.)to occurC_GetMechanismListobtains a list of mechanisms supported by a tokenC_GetMechanismInfoobtains information about a particular

19、 mechanismC_InitTokeninitializes a tokenC_InitPINinitializes the normal users PINC_SetPINmodifies the PIN of the current user Session Management FunctionsSession managementFunctionsC_OpenSessionopens a connection between an application and a particular token or sets up an application callback for to

20、ken insertionC_CloseSessioncloses a sessionC_CloseAllSessionscloses all sessions with a tokenC_GetSessionInfoobtains information about the sessionC_GetOperationStateobtains the cryptographic operations state of a sessionC_SetOperationStatesets the cryptographic operations state of a sessionC_Loginlo

21、gs into a tokenC_Logoutlogs out from a token Object management functionsObjectmanagementfunctionsC_CreateObjectcreates an objectC_CopyObjectcreates a copy of an objectC_DestroyObjectdestroys an objectC_GetObjectSizeobtains the size of an object in bytesC_GetAttributeValueobtains an attribute value o

22、f an objectC_SetAttributeValuemodifies an attribute value of an objectC_FindObjectsInitinitializes an object search operationC_FindObjectscontinues an object search operationC_FindObjectsFinalfinishes an object search operation Encryption/Decryption functionsEncryptionfunctionsC_EncryptInitinitializ

23、es an encryption operationC_Encryptencrypts single-part dataC_EncryptUpdatecontinues a multiple-part encryption operationC_EncryptFinalfinishes a multiple-part encryption operationDecryptionfunctionsC_DecryptInitinitializes a decryption operationC_Decryptdecrypts single-part encrypted dataC_DecryptU

24、pdatecontinues a multiple-part decryption operationC_DecryptFinalfinishes a multiple-part decryption operation Message digesting functionsMessagedigestingfunctionsC_DigestInitinitializes a message-digesting operationC_Digestdigests single-part dataC_DigestUpdatecontinues a multiple-part digesting op

25、erationC_DigestKeydigests a keyC_DigestFinalfinishes a multiple-part digesting operation Signing and MACing functionsSigningand MACingfunctionsC_SignInitinitializes a signature operationC_Signsigns single-part dataC_SignUpdatecontinues a multiple-part signature operationC_SignFinalfinishes a multipl

26、e-part signature operationC_SignRecoverInitinitializes a signature operation,where the data can be recovered from the signatureC_SignRecoversigns single-part data,where the data can be recovered from the signature Functions for verifying signatures and MACsFunctionsfor verifyingsignaturesand MACsC_V

27、erifyInitinitializes a verification operationC_Verifyverifies a signature on single-part dataC_VerifyUpdatecontinues a multiple-part verification operationC_VerifyFinalfinishes a multiple-part verification operationC_VerifyRecoverInitinitializes a verification operation where the data is recovered f

28、rom the signatureC_VerifyRecoververifies a signature on single-part data,where the data is recovered from the signature Dual-purpose cryptographic functionsDual-purposecryptographicfunctionsC_DigestEncryptUpdatecontinues simultaneous multiple-part digesting and encryption operationsC_DecryptDigestUp

29、datecontinues simultaneous multiple-part decryption and digesting operationsC_SignEncryptUpdatecontinues simultaneous multiple-part signature and encryption operationsC_DecryptVerifyUpdatecontinues simultaneous multiple-part decryption and verification operations Key management functionsKeymanagemen

30、tfunctionsC_GenerateKeygenerates a secret keyC_GenerateKeyPairgenerates a public-key/private-key pairC_WrapKeywraps(encrypts)a keyC_UnwrapKeyunwraps(decrypts)a keyC_DeriveKeyderives a key from a base key Random number generation functionsRandomnumbergenerationfunctionsC_SeedRandommixes in additional

31、 seed material to the random number generatorC_GenerateRandomgenerates random data Parallel function management FunctionsParallel function managementFunctionsC_GetFunctionStatuslegacy function which always returns CKR_FUNCTION_NOT_PARALLELC_CancelFunctionlegacy function which always returns CKR_FUNC

32、TION_NOT_PARALLEL Callback functionCallback functionapplication-supplied function to process notifications from Cryptoki Functions detailCK_DEFINE_FUNCTION(CK_RV,C_Initialize)(CK_VOID_PTR pInitArgs);CK_DEFINE_FUNCTION(CK_RV,C_Finalize)(CK_VOID_PTR pReserved);ExampleCK_INFO info;CK_RV rv;CK_C_INITIAL

33、IZE_ARGS InitArgs;InitArgs.CreateMutex=&MyCreateMutex;InitArgs.DestroyMutex=&MyDestroyMutex;InitArgs.LockMutex=&MyLockMutex;InitArgs.UnlockMutex=&MyUnlockMutex;InitArgs.flags=CKF_OS_LOCKING_OK;InitArgs.pReserved=NULL_PTR;rv=C_Initialize(CK_VOID_PTR)&InitArgs);assert(rv=CKR_OK);rv=C_GetInfo(&info);as

34、sert(rv=CKR_OK);if(info.version.major=2)/*Do lots of interesting cryptographic things with the token*/.rv=C_Finalize(NULL_PTR);assert(rv=CKR_OK);Mechanisms:AlgorithmRSA/DSA/EC/D-HKEA/Key derivation HMACRC2/RC4/RC5/AES/2/3DES/SKIPJACK/BATON/JUNIPER/Blowfish/Twofish MD2/MD5/SHA-1/SHA-256/SHA-384/SHA-5

35、12/FASTHASH/RIPE-MDPKCS#5/PKCS#12/LYNKS Mechanisms:ProtocolSETSSL/TLS/WTLSCMS Comparison of Cryptoki and other APIs:GCS-API vs.Cryptoki GCS-APICryptoki implementationretrieve_CCrelease_CCgenerate_hashC_DigestInit,C_Digestgenerate_random_numberC_GenerateRandomgenerate_checkvalueC_SignInit,C_Sign,C_Si

36、gnUpdate,C_SignFinalverify_checkvalueC_VerifyInit,C_Verify,C_VerifyUpdate,C_VerifyFinaldata_encipherC_EncryptInit,C_Encrypt,C_EncryptUpdate,C_EncryptFinaldata_decipherC_DecryptInit,C_Decrypt,C_DecryptUpdate,C_DecryptFinal create_CCderive_keyC_DeriveKeygenerate_keyC_GenerateKeystore_CCdelete_CCreplic

37、ate_CCexport_keyC_WrapKeyimport_keyC_UnwrapKeyarchive_CCC_WrapKeyrestore_CCC_UnwrapKeyset_key_stategenerate_key_pattern verify_key_patternderive_clear_keyC_DeriveKeygenerate_clear_keyC_GenerateKeyload_key_partsclear_key_encipherC_WrapKeyclear_key_decipherC_UnwrapKeychange_key_contextload_initial_key

38、generate_initial_keyset_current_master_keyprotect_under_new_master_keyprotect_under_current_master_key initialise_random_number_generatorC_SeedRandominstall_algorithmde_install_algorithmdisable_algorithmenable_algorithmset_defaults ImplementationPKCS#11 ProviderPKCS#11 Wrapper Implementation Firefox

39、+opencryptokiin ubuntu NSS NSS:Proven Application Security ArchitectureNSS provides a complete open-source implementation of the crypto libraries used by AOL,Red Hat,Sun,and other companies in a variety of products,including the following:The Mozilla client products,including Mozilla Suite,Firefox,a

40、nd Thunderbird.The Netscape browsers AOL Communicator and AOL Instant Messenger(AIM)Open source client applications such as Evolution,Gaim,and OpenOffice.Server products from Red Hat:Red Hat Directory Server,Red Hat Certificate System,and the mod_nss SSL module for the Apache web server.Server produ

41、cts from the Sun Java Enterprise System,including Sun Java System(SJS)Web Server,SJS Directory Server,SJS Portal Server,SJS Messaging Server,and SJS Application Server.Build Firefox with NSSWindows XPVisual Studio 6/7.1/8MozillaBuildMozilla/Firefox Source Codemozillasecuritynss制作配置文件.mozconfig（备注行）运

42、行 start-msvc71.bat$make-f client.mk build耗时编译好的在.ff-opt-staticdistbin绿色版 PKCS#11 wrappersSince PKCS#11 is a complex C API many wrappers exist that let the developer use the API from various languages.PyKCS11-A wrapper for PythonPython object-oriented wrapper for PKCS11(Cryptoki)Java 5.0 includes a w

43、rapper for PKCS#11 APIpkcs11-helper-A simple open source C interface to handle PKCS#11 tokens.GSS-API by IETFGeneric Security Services Application Programming InterfaceGSS-API is an application programming interface for programs to access security services.The GSSAPI is an IETF standard that address

44、es the problem of many similar but incompatible security services in use today.-compatible interfaceThe GSSAPI,by itself,does not provide any security.Instead,security service vendors provide GSSAPI implementations usually in the form of libraries installed with their security software.These librari

45、es present a GSSAPI-compatible interface to application writers who can write their application to use only the vendor-independent GSSAPI.If the security implementation ever needs replacing,the application need not be rewritten.GSSAPI tokensThe definitive feature of GSSAPI applications is the exchan

46、ge of opaque messages(tokens)that hide the implementation detail from the higher level application.The client and server sides of the application are written to convey the tokens given to them by their respective GSSAPI implementations.GSSAPI tokens can be sent over an insecure network because the m

47、echanisms guarantee inherent message security.After some number of tokens have been exchanged,the GSSAPI at both ends inform their local application that a security context has been established.security contextOnce a security context is established,sensitive application messages can be wrapped(encry

48、pted)by the GSSAPI for secure communication between client and server.Typical protections guaranteed by GSSAPI wrapping include confidentiality(secrecy)and integrity(authenticity).The GSSAPI can also provide local guarantees about the identity of the remote user or remote host.History of the GSS-API

49、July 1991:IETF Common Authentication Technology(CAT)Working Group meets in Atlanta,led by John Linn September 1993:GSSAPI version 1(RFC 1508,RFC 1509)May 1995:Windows NT 3.51 released,includes SSPI June 1996:Kerberos mechanism for GSSAPI(RFC 1964)January 1997:GSSAPI version 2(RFC 2078)October 1997:S

50、ASL published,includes GSSAPI mechanism(RFC 2222)January 2000:GSSAPI version 2 update 1(RFC 2743,RFC 2744)August 2004:KITTEN working group meets to continue CAT activities May 2006:Secure Shell use of GSSAPI standardised(RFC 4462)GSS-API in RFCRFC 2743 The Generic Security Service API Version 2 upda