1. Foreword
I have been really busy recently. There is an SM2 cooperative signature algorithm that needs to be implemented in java. I have thought about this for a very, very long time, but I have almost solved this project recently, and I am waiting for the later docking. After the project is successfully completed, I will share what I have learned in the project. I think this technology is really worth sharing, because it is really difficult to find from the information. Although the magical gpt can provide ideas, it does not meet the ideas given to me. The standard of the paper, so I can only translate the paper line by line into java code and write it out, and I also got the help of many big guys.
I will continue to study ES when I have time later, and recently, in addition to the above projects, I have accepted a project to verify the validity of X509 certificates. This project has a lot of professional knowledge, such as OCSP and CRL, which I didn’t know at all before. , so share what I have learned through this article. This article is more about concepts, and interested friends can learn more about it.
2. PKI
- PKI refers to Public Key Infrastructure (Public Key Infrastructure), which is a security framework based on asymmetric encryption technology and digital certificate management system. In PKI, users use a pair of keys: a private key and a public key. The private key is known only to the user, while the public key can be shared publicly.
- PKI uses digital certificates to verify user identity and protect the security of data transmission. A digital certificate is issued by a certification authority (CA), which contains elements such as the user’s public key, user information, and the digital signature of the CA. During network communication, the receiver can use the sender’s public key to encrypt data and use the sender’s digital certificate to verify its identity. That way, even if the data is stolen, hackers cannot crack the encrypted information because they don’t have the private key.
- PKI is widely used in security protocols such as SSL/TLS, IPSec, and S/MIME. It provides a reliable, secure and scalable solution to ensure the confidentiality and integrity of network communications.
- Among them, the more important contents of PKI include digital certificates, certificate authority (CA), digital signatures, and SSL/TLS protocols. We will mainly talk about digital certificates here, and you can refer to the information to learn by yourself. I have previously talked about the basic knowledge of cryptography, which involves some knowledge of digital signatures.
If we have done a little study in related fields, we should be very familiar with the following classes in java. In fact, they are all related to PKI:
java.security.KeyPair: Represents a public and private key pair that can be used to encrypt and decrypt data.
java.security.PublicKey: Indicates a public key, which can be used to verify digital signatures or encrypt data.
java.security.PrivateKey: Represents a private key, which can be used to create digital signatures or decrypt data.
java.security.cert.Certificate: Indicates digital certificates, including X509 certificates.
java.security.cert.X509Certificate: Indicates the X509 digital certificate, which is often used in the SSL/TLS security protocol.
javax.net.ssl.SSLContext: Provides an access point to the Secure Sockets Protocol (SSL/TLS).
javax.net.ssl.KeyManagerFactory: A factory class for managing keys.
javax.net.ssl.TrustManagerFactory: Factory class for managing trust.
javax.crypto.Cipher: Classes that provide encryption and decryption functionality.
javax.crypto.KeyGenerator: A class that provides a key generator. Here is the quote
These classes provide the basic API needed to handle PKI-related tasks. Using these classes and APIs, developers can build secure applications and services that ensure the confidentiality, integrity, and authentication of network communications.
2.1, what is a digital certificate
- A digital certificate is a digital credential used in public key infrastructure (PKI) to verify identity. It contains information about a user or entity, and a digital signature between that entity and its public key. Digital certificates are usually issued by a third-party certification authority (CA) to ensure their authenticity and trustworthiness.
- The information contained in a digital certificate usually includes elements such as the certificate holder’s name, public key, validity period, certificate authority’s name, and digital signature. Digital certificates can be used for encrypted communications, digital signatures, identity verification, and other applications. For example, in browsers, digital certificates are used to establish HTTPS connections to ensure secure data transmission.
- Digital certificates are implemented through public key encryption technology, and digital signatures can ensure the integrity and authenticity of certificate information. When a client receives a digital certificate, it checks the digital signature to see if the certificate was signed by a trusted CA, and uses the public key in it to verify the signature. If the digital signature is valid, the certificate can be trusted and a secure communication connection can be established.
- The core principle of digital certificates is public key infrastructure (PKI). In PKI, a Certificate Authority (CA) is responsible for issuing digital certificates and maintaining a Certificate Revocation List (CRL). When a user connects to a server, the client will obtain a digital certificate from the server and verify its validity to ensure the security of the connection with the server.
2.2, PKCS
PKCS is the abbreviation of Public-Key Cryptography Standards (Public-Key Cryptography Standards), which is a series of cryptography standards jointly issued by RSA Security Company and some other security companies.
PKCS includes many different standards, some of the most common are:
PKCS#1: defines the RSA encryption algorithm, digital signature algorithm, and hash function.
PKCS#7: Defines the Cryptographic Message Syntax (CMS), which is used to transmit encrypted data over the network.
PKCS#8: defines the syntax standard of private key information, which is used to transmit private keys on the network.
PKCS#9: Defines extended certificate attributes and related information based on PKI applications.
PKCS#10: Defines a certificate request syntax standard for requesting digital certificates from a certificate authority (CA).
PKCS#11: Defines the encryption device API standard, allowing applications to interact with encryption devices such as security tokens and smart cards.
PKCS#12: Defines the syntax standard for personal information exchange, which is used to exchange personal identity information, private keys and certificates, etc. between different platforms.
Maybe everyone is more familiar with p1, p7, p10, p12
2.2.1, PKCS#1
- PKCS#1 is a public key cryptography standard, which defines the RSA encryption algorithm, digital signature algorithm and hash function, etc..
- Originally released in 1991, it has since undergone many versions of updates and improvements. Among them, PKCS#1 v2.0 is an important version, which introduces a more secure RSA algorithm, and combines the RSA digital signature algorithm with a hash function to provide better security and reliability.
- PKCS#1 defines encryption and decryption formats, padding schemes and parameter settings using the RSA algorithm. It also defines the format, padding scheme, and parameter settings for digital signatures and verifications using the RSA algorithm.
- When using RSA for encryption, PKCS#1 stipulates the use of a random padding scheme to prevent attackers from cracking the encryption algorithm by analyzing the relationship between the plaintext and the encryption result. In addition, PKCS#1 also stipulates the format of encrypted data to ensure that the receiver can decrypt the data correctly.
- When using RSA for digital signature, PKCS#1 stipulates the use of RSA algorithm and hash function for digital signature, and specifies the format of digital signature. In addition, PKCS#1 also specifies how to perform digital signature verification to ensure the validity of digital signatures.
- In summary, PKCS#1 provides a clear framework for using the RSA algorithm, and defines common formats, padding schemes, and parameter settings, making implementations from different vendors more interoperable.
2.2.2, PKCS#7
- PKCS#7 (Public Key Cryptography Standards#7) is a set of cryptography standards for digital signature, encryption and certificate management. PKCS#7 was originally developed by RSA Security and has now become an international standard.
- PKCS#7 defines a Secure Message Syntax (CMS), which is a general format for encrypting, signing, and compressing messages. CMS provides a scalable way to create digitally signed and encrypted data, and allows multiple participants to add content to the message after completing the operation. In practice, PKCS#7 is mainly used to digitally sign and encrypt messages. Digital signatures ensure message integrity and authenticity, while encryption protects message confidentiality.
- In summary, PKCS#7 is a widely used cryptography standard for encrypting, signing, and managing secure messages. A CMS, at its core, is a general-purpose message format that allows multiple participants to add content to a message after they have completed an action.
In java, we are generally familiar with the PdfPKCS7 class
PdfPKCS7 is a class in the iText library for digitally signing and encrypting PDF files. This class provides the following main methods:
getEncodedPKCS7(byte[] hash, PdfSigner.CryptoStandard subfilter, Certificate[] chain, OcspClient ocspClient, CrlClient crlClient, TSAClient tsaClient) //Use the specified hash value to digitally sign the PDF document and return the DER of the signature result Encoding format. getAuthenticatedAttributeBytes(byte[] hash, PdfSigner.CryptoStandard subfilter, byte[] ocsp, byte[] crlBytes, long signingTime) //Get authenticated attribute data. getTimestampToken(byte[] imprint) //Add a timestamp to the signature using the timestamp mechanism.
Among them, the getEncodedPKCS7() method accepts parameters such as the hash value of the data to be signed, signature type, certificate chain, OCSP client, CRL client, and TSA client, uses the private key to sign the hash value, and returns the result of the signature DER encoding format.
The getAuthenticatedAttributeBytes() method is used to create the signed authentication attributes. This method accepts parameters such as the hash value of the data to be signed, signature type, OCSP response, CRL byte array, and signature time, and returns the authenticated attribute data.
The getTimestampToken() method is used to add a timestamp to the signature. This method accepts a hash of the data to be signed and returns a timestamp token signed by a timestamp authority.
The PdfPKCS7 class is an important part of the digital signature in the iText library. It realizes the function of encrypting and signing PDF documents by providing the core algorithm and related parameters of the digital signature.
2.2.3, PKCS#10
- PKCS#10 is Public-Key Certificate Request Syntax, also known as Certificate Signing Request (CSR). It defines a format for requesting a digital certificate from a certificate authority (CA), which we generally abbreviate as P10.
- The PKCS#10 specification defines a common certificate request format that contains information about the identity of the certificate requester and the type of certificate required. The format also specifies the signing algorithm for the certificate request and embeds the certificate requestor’s public key into the request.
- When using PKCS#10 to generate a certificate request, you first need to generate a key pair, including a public key and a private key. Then, the certificate request is sent to the certificate authority. At this time, we will sign the certificate request with the private key of the key pair to prove that the certificate request is indeed from the requester. During this process, the private key remains only on your local computer and is not transferred to the certificate authority. Therefore, private keys are not included in PKCS#10.
- PKCS#10 is widely used to create X.509 digital certificate requests that can be used in applications such as SSL/TLS and VPN connections on the Internet.
Let’s take the PKCS#10 request generated by SM2 online as an example. The following example creates a P10 request for the SM2withSM3 algorithm:
In java, we can generally be divided into the following steps:
1. Select the manufacturer of the key pair. For example, in the first line of the code, we choose BC as the initialization key
2. Generate a key pair, including public key and private key
3. Generate Dn, which mainly contains customer information, which is mainly reflected in the following X500Name construction process in java
4. Through the public key, Dn generates a certificate request CSR
5. Sign the certificate request CSR with the private key to ensure that the certificate request is indeed from me
6. Structure P10
public static void main(String[] args) throws Exception {<!-- -->
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
KeyPairGenerator localKeyPairGenerator = KeyPairGenerator. getInstance("EC", new BouncyCastleProvider());
localKeyPairGenerator.initialize(256);
KeyPair localKeyPair = localKeyPairGenerator.genKeyPair();
X500NameBuilder localX500NameBuilder = new X500NameBuilder(BCStyle. INSTANCE);
localX500NameBuilder.addRDN(BCStyle.CN, "39dian test");
localX500NameBuilder.addRDN(BCStyle.C, "CN");
localX500NameBuilder.addRDN(BCStyle.O, "39dian blog");
localX500NameBuilder.addRDN(BCStyle.L, "shanghai");
localX500NameBuilder.addRDN(BCStyle.ST, "shanghai");
localX500NameBuilder.addRDN(BCStyle.EmailAddress, "[email protected]");
X500Name localX500Name = localX500NameBuilder.build();
JcaPKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(localX500Name, localKeyPair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SM3WITHSM2");// signature algorithm
ContentSigner signer = csBuilder.build(localKeyPair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);// PKCS10 request
System.out.println(Base64.encodeBase64String(csr.getEncoded()));
}
2.2.4, PKCS#12
- PKCS#12 is a cryptographic standard for storing secure elements such as public keys, private keys, and certificates in a single file for easy transmission and backup. This standard was originally developed by the RSA Security company and has now become an international standard (RFC 7292).
- PKCS#12 files usually have a .pfx or .p12 extension, we are more familiar with pfx, and can contain multiple certificate chains and key pairs. These files can be encrypted with a passphrase to protect sensitive information within them. When using a PKCS#12 file, you need to provide the correct password to access the private key and certificate in it.
- PKCS#12 files are widely used in security applications such as server authentication and client authentication, VPN connections, and digital signatures in the HTTPS protocol.
However, during transmission, if the PKCS#12 file is not properly protected, the content of the file may be intercepted and sensitive information such as the private key may be accessed by malicious parties. Therefore, before transmitting PKCS#12 files, a series of measures need to be taken to ensure their security, such as using secure protocols (such as HTTPS) for transmission, using encryption algorithms to encrypt files, and so on.
However, we generally transfer pfx files internally, and there is almost no possibility of external transfer, or we only use a storage backup function to prevent the loss of important information such as private keys. For example, store pfx files in db, and limit the scope of personnel who can access these data, so as to ensure that sensitive information such as private keys and certificates will not be lost.