Presentation is loading. Please wait.

Presentation is loading. Please wait.

XML Security September 13, 2006 Robert Richards

Similar presentations


Presentation on theme: "XML Security September 13, 2006 Robert Richards"— Presentation transcript:

1 XML Security September 13, 2006 Robert Richards

2 Digital Signatures and Encryption Canonicalization Canonicalization A standard form of data A standard form of data Digital Signatures Digital Signatures Provides proof of identity and authenticity which the sender cannot deny. Provides proof of identity and authenticity which the sender cannot deny. Encryption Encryption Protection of data from being accessed by unauthorized parties. Protection of data from being accessed by unauthorized parties.

3 Existing Tools/Technologies Secure Sockets Layer (SSL) Secure Sockets Layer (SSL) Transport Layer Security (TLS) Transport Layer Security (TLS) Pretty Good Privacy (PGP) Pretty Good Privacy (PGP) GNU Privacy Guard (GnuPG) GNU Privacy Guard (GnuPG) OpenPGP OpenPGP S/MIME S/MIME x.509 x.509

4 XML Security Standards Canonical XML Canonical XMLhttp://www.w3.org/TR/xml-c14n/ Exclusive XML Canonicalization Exclusive XML Canonicalizationhttp://www.w3.org/TR/xml-exc-c14n/ XML Signature XML Signaturehttp://www.w3.org/TR/xmldsig-core/ XML Encryption XML Encryptionhttp://www.w3.org/TR/xmlenc-core/ XML Key Management XML Key Managementhttp://www.w3.org/TR/xkms2/

5 Transmitting Data Over SSL/TLS

6 XML Security in PHP A library based on the xmlsec library is currently in the works A library based on the xmlsec library is currently in the works Provides granular control for working with XML Digital Signatures and XML Encryption Provides granular control for working with XML Digital Signatures and XML Encryption PHP based libraries are available PHP based libraries are available Model libraries for designing xmlsec wrapper Model libraries for designing xmlsec wrapper Not officially mainitained and may not be backwards compatible with xmlsec based extension Not officially mainitained and may not be backwards compatible with xmlsec based extension Requires PHP 5.1+ (5.2 is recommended) Requires PHP 5.1+ (5.2 is recommended) Requires DOM, OpenSSL and Mcrypt Requires DOM, OpenSSL and Mcrypt

7 Benefits of XML Security Standards XML is a structured format XML is a structured format Allows for secure storage of documents Allows for secure storage of documents Leverages existing technologies Leverages existing technologies Provides granularity Provides granularity

8 XML Canonicalization A standard serialization of an XML document or XPath node set

9 Canonical XML (C14N) XML declaration and DTD are removed XML declaration and DTD are removed The document is encoded in UTF-8 The document is encoded in UTF-8 Line breaks normalized to #xA (linefeed) on input, before parsing Line breaks normalized to #xA (linefeed) on input, before parsing Empty elements are converted to start-end tag pairs Empty elements are converted to start-end tag pairs Whitespace outside of the document element and within start and end tags is normalized Whitespace outside of the document element and within start and end tags is normalized Attribute value delimiters are set to double quotes Attribute value delimiters are set to double quotes Superfluous namespace declarations are removed from each element Superfluous namespace declarations are removed from each element Lexicographic order is imposed on the namespace declarations and attributes of each element Lexicographic order is imposed on the namespace declarations and attributes of each element

10 Canonical XML Example #1 Canonical Form of Document (uncommented)

11 Canonical XML Example #1 Canonical Form of Document (uncommented)

12 Canonical XML Example #1 Canonical Form of Document (uncommented)

13 Canonical XML Example #1 Canonical Form of Document (uncommented)

14 Canonical XML Example #2 Canonical Form of Nodeset (uncommented) (//. | | //namespace::*)[ancestor-or-self::d:e2]

15 Canonical XML Example #2 Canonical Form of Nodeset (uncommented) (//. | | //namespace::*)[ancestor-or-self::d:e2]

16 Canonical XML Example #2 Canonical Form of Nodeset (uncommented) (//. | | //namespace::*)[ancestor-or-self::d:e2]

17 Problem with Re-Enveloping content content content content content xmlns:ns0="www.example.org/ns0">content content content content xmlns:ns1="www.example.org/ns1">content

18 Exclusive XML Canonicalization Follows the same rules as Canonical XML, except… Follows the same rules as Canonical XML, except… Attributes in the xml namespace are not imported into orphan nodes Attributes in the xml namespace are not imported into orphan nodes Namespaces not specially told to be added are only added on the starting element for which they are visible and not currently in scope within the output. Namespaces not specially told to be added are only added on the starting element for which they are visible and not currently in scope within the output.

19 Re-Enveloping using Exclusive content content content content content content content content content content

20 Exclusive Canonical XML Example Exclusive Canonical Form of Nodeset (uncommented) (//. | | //namespace::*)[ancestor-or-self::d:e2]

21 XML Digital Signature (XMLDSIG) Insure that a message has not been altered or tampered with. (integrity) Insure that a message has not been altered or tampered with. (integrity) Protection against attacks that alter a message but maintain integrity. (message authentication) Protection against attacks that alter a message but maintain integrity. (message authentication) Provide a means for message auditing so that messages may not be repudiated. (signer authenticity) Provide a means for message auditing so that messages may not be repudiated. (signer authenticity)

22 XML Signature Structure ( ( ( )? ( )? )+ )+ ( )? ( )? ( )* ( )* xmlns="http://www.w3.org/2000/09/xmldsig#"

23 XML Signature: Types of Signatures Enveloping Signature Enveloping Signature Data lives within the XML Signature structure Data lives within the XML Signature structure Good for signing data being packaged within an XML payload Good for signing data being packaged within an XML payload Enveloped Signature Enveloped Signature Data lives outside of and contains the XML Signature structure Data lives outside of and contains the XML Signature structure Good for signing portions or all of an XML document Good for signing portions or all of an XML document Detached Signature Detached Signature Data lives outside and DOES NOT contain the XML Signature structure Data lives outside and DOES NOT contain the XML Signature structure Data may reside at a remote location addressable by URI Data may reside at a remote location addressable by URI

24 Enveloping Signature Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n "/> Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> C2g9BLcGyGPCVKuF2byR1Ym+6pE= C2g9BLcGyGPCVKuF2byR1Ym+6pE= +R/XEOHDvR/jbmmpiuH4ZcRqC6c= +R/XEOHDvR/jbmmpiuH4ZcRqC6c= Hello World! Hello World!

25 Enveloped Signature content content Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> MMMkB0ZPp82XrUvJMFqDIEuXy0o= MMMkB0ZPp82XrUvJMFqDIEuXy0o= mVPvfcVSXi9elKL+IcSCAzD4Jbk= mVPvfcVSXi9elKL+IcSCAzD4Jbk=

26 Detached Signature Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> oLZZOWcLwsAQ9NXWoLPk5FkPuSs= oLZZOWcLwsAQ9NXWoLPk5FkPuSs= O9ykpFMXmkddzJ3CySrpzHBUW/Q=

27 XML Signature Generation 1. Apply any transforms to the data 2. Calculate the digest value 3. Create the Reference Element 4. Repeat steps 1 – 3 for each piece of data to be included 5. Create SignedInfo element with SignatureMethod, CanonicalizationMethod and Reference elements 6. Canonicalize the SignedInfo element 7. Calculate the SignatureValue over the canonicalized SignedInfo based the SignatureMethod 8. Assemble the Signature element

28 SOAP Request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> tel: tel: xx xx yy yy

29 SOAP Request: WS-Security (Signature) MIIE3zCCBEigAwIBAg... MIIE3zCCBEigAwIBAg Yd1TGIjOb3q4UcQkUBuM3Q6Zs3G... Yd1TGIjOb3q4UcQkUBuM3Q6Zs3G

30 SOAP Request: WS-Security Generation require('soap-wsse.php'); define('PRIVATE_KEY', 'private_key.pem'); define('CERT_FILE', 'cert.pem'); class mySoap extends SoapClient { public function __doRequest($request, $location, $saction, $version) { $doc = new DOMDocument('1.0'); $doc->loadXML($request); /* WS-Security Specific code here */ return parent::__doRequest($wsseRequest, $location, $saction, $version); }

31 SOAP Request: WS-Security Generation $objWSSE = new WSSESoap($doc->loadXML($request)); /* add Timestamp with default expiration timestamp */ $objWSSE->addTimestamp(); /* $objWSSE->addUserToken('username', 'password', TRUE); */ /* create new XMLSec Key using RSA SHA-1 and type is private key */ $objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private')); /* load private key from file - last arg is bool if key in file (TRUE) or is string (FALSE) */ $objKey->loadKey(PRIVATE_KEY, TRUE); /* Sign the message - also signs appropraite WS-Security items */ $objWSSE->signSoapDoc($objKey); /* Add certificate (BinarySecurityToken) to the message and attach pointer to Signature */ $token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE)); $objWSSE->attachTokentoSig($token); $wsseRequest = $objWSSE->saveXML();

32 SOAP Request: signSoapDoc() $objDSig = new XMLSecurityDSig(); $objDSig->setCanonicalMethod(XMLSecurityDSig::EXC_C14N); $arNodes = array(); /* $this->secNode refers to wsse:Security node within tree */ foreach ($this->secNode->childNodes AS $node) { if ($node->nodeType == XML_ELEMENT_NODE) $arNodes[] = $node; } foreach ($this->envelope->childNodes AS $node) { if ($node->namespaceURI == $this->soapNS && $node->localName == 'Body') { $arNodes[] = $node; break;}} $arOptions = array('prefix'=>WSSESoap::WSUPFX, 'prefix_ns'=>WSSESoap::WSUNS); $objDSig->addReferenceList($arNodes, XMLSecurityDSig::SHA1, NULL, $arOptions); $objDSig->sign($objKey); $objDSig->appendSignature($this->secNode, TRUE);

33 XML Signature Validation 1. Obtain the verification keying information 2. Apply the CanonicalizationMethod to the SignedInfo element 3. Verify the SignatureValue using the canonical form of the SignatureMethod 4. For each Reference element within SignedInfo: Obtain the data to be digested Obtain the data to be digested Digest the data using the DigestMethod within its Referece element Digest the data using the DigestMethod within its Referece element Compare the computed value to that of the un-encoded value from the DigestValue element Compare the computed value to that of the un-encoded value from the DigestValue element

34 XML Encryption (XMLENC) Encrypted data is maintained. Encrypted data is maintained. All information needed to decrypt a document is contained within the document. All information needed to decrypt a document is contained within the document. Session can be secured on the document level and shared between multiple parties. Session can be secured on the document level and shared between multiple parties. Sensitive data is easily interchanged between applications. Sensitive data is easily interchanged between applications.

35 XML Encryption Structure ? ? ? ? ? ? xmlns:enc="http://www.w3.org/2001/04/xmlenc#"

36 XML Encryption: Encrypting 1. Select the algorithm (and parameters) to use in encrypting the item. 2. Obtain the key and create ds:KeyInfo if necessary 3. Encrypt the data and prepend any appropriate initialization vector (IV). 4. Build CipherData element If to be stored within CipherValue element, then encrypted data is base64 encoded. If to be stored within CipherValue element, then encrypted data is base64 encoded. If encrypted data is external, then create CipherReference with URI and any transforms. If encrypted data is external, then create CipherReference with URI and any transforms. 5. Build EncryptedData or EncryptedKey structure

37 XML Encryption Example 1001 Joe Smith

38 XML Encryption Example Element / Shared Secret Key 1001 Joe Smith C5X1I65RCX…

39 XML Encryption Example: Code require('xmlseclibs.php'); /* Using a shared secret key for encryption */ $key = 'secret'; $doc = new DOMDocument(); $xpath = new DOMXPath($doc ->load('payment.xml')); $creditcard = $xpath->query("//creditcard")->item(0); $enc = new XMLSecEnc(); $enc->setNode($creditcard); $enc->type = XMLSecEnc::Element; /* Use the libraries to encrypt the credit card element within the document */ $objKey = new XMLSecurityKey(XMLSecurityKey::TRIPLEDES_CBC); $objKey->loadKey($key); $encNode = $enc->encryptNode($objKey); print $encNode->ownerDocument->saveXML();

40 XML Encryption Example Element Content / Shared Secret Key 1001 Joe Smith C5X1I65RCX…

41 XML Encryption Example Arbitrary Data with Shared Secret Key ...C5X1I65RCX...

42 XML Encryption: Decrypting 1. Determine encryption algorithm and parameters. 2. Obtain the decryption key information. 3. Obtain the data to decrypt. If CipherData has a CipherValue child then base-64 decode its contents. If CipherData has a CipherValue child then base-64 decode its contents. If CipherData has a CipherReference child, retrieve the data and apply any Transforms. If CipherData has a CipherReference child, retrieve the data and apply any Transforms. 4. Depending upon algorithm and parameters, strip any IV from the data to use for decryption. 5. Decrypt the cipher data with the encryption algorithm, parameters, and keying material.

43 XML Encryption: Decrypting Example (Infocard) Type="http://www.w3.org/2001/04/xmlenc#Element"> kXja26CSDKssMeqJcsJttLg… kXja26CSDKssMeqJcsJttLg… eIreM+S35Q+=… eIreM+S35Q+=…

44 XML Encryption: Code (Infocard) require('xmlseclibs.php'); define('PRIVATE_KEY', 'site_sslprivate.key'); define('SAML_ASSERT_NS', 'urn:oasis:names:tc:SAML:1.0:assertion'); $encdom = new DOMDocument(); $encdom->loadXML($xmlToken); $objenc = new XMLSecEnc(); $encData = $objenc->locateEncryptedData($encdom); if (! $encData) { throw new Exception("Cannot locate Encrypted Data"); }$objenc->setNode($encData); $objenc->type = $encData->getAttribute("Type");

45 XML Encryption: Code (Infocard) $key = NULL; $objKey = $objenc->locateKey(); if ($objKey) if ($objKeyInfo = $objenc->locateKeyInfo($objKey)) if ($objKeyInfo->isEncrypted) { $objencKey = $objKeyInfo->encryptedCtx; $objKeyInfo->loadKey(PRIVATE_KEY, TRUE); $key = $objencKey->decryptKey($objKeyInfo); } if (empty($objKey) || empty($key)) throw new Exception("Error loading key to handle Decryption"); $objKey->loadKey($key); $token = NULL; if ($decrypt = $objenc->decryptNode($objKey, FALSE)) { $token = new DOMDocument(); $token->loadXML($decrypt);}

46 XML Encryption: Code (Infocard) eHLrK4QSEkrDhHXZYHgGJMkPAU4= eHLrK4QSEkrDhHXZYHgGJMkPAU4= 0uDR9pr/TusV... 0uDR9pr/TusV... 8llAGAvlPuG... 8llAGAvlPuG... AQAB AQAB

47 XML Encryption: Code (Infocard) /* Validate the SAML token */ $objXMLSecDSig = new XMLSecurityDSig(); $objXMLSecDSig->idKeys[] = 'AssertionID'; $objDSig = $objXMLSecDSig->locateSignature($token); /* Canonicalize the signed info */ $objXMLSecDSig->canonicalizeSignedInfo(); $retVal = NULL; if ($objDSig) { $retVal = $objXMLSecDSig->validateReference(); } if (! $retVal) { throw new Exception("SAML Validation Failed"); } $objKey = $objXMLSecDSig->locateKey(); /* Additional Key handling here */ if (empty($objKey)) throw new Exception("Error loading key to handle Signature"); if (! $objXMLSecDSig->verify($objKey)) throw new Exception("Unable to validate Signature");

48 Signing and Encrypting Sign and then Encrypt Sign and then Encrypt Provides signature protection Provides signature protection Allows for encryption algorithm to be changed without affecting signature Allows for encryption algorithm to be changed without affecting signature Incurs additional overhead as you must decrypt before you can verify Incurs additional overhead as you must decrypt before you can verify Encrypt and then Sign Encrypt and then Sign Immediately know if data has been tampered with Immediately know if data has been tampered with Document can no longer be shared with other parties without revealing decryption key Document can no longer be shared with other parties without revealing decryption key Sender identity is revealed Sender identity is revealed

49 Questions?

50 XML Encryption in WS-Security xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">

51 XML Signature using Digital Certificate Hello, World! HjY8ilZAIEM2tBbPn5mYO1ieIX4= SIaj/6KY3C... SIaj/6KY3C... MIIE3zCCBEjAUB9... MIIE3zCCBEjAUB9...

52 XML Encryption w/ Digital Certificate Type="http://www.w3.org/2001/04/xmlenc#Element"> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> rsakey.pem rsakey.pem IPiEu9Nv+EsGyvV... IPiEu9Nv+EsGyvV... xrfPSA+BEI+8... xrfPSA+BEI+8...


Download ppt "XML Security September 13, 2006 Robert Richards"

Similar presentations


Ads by Google