3. Web Service Security 3.1 WS-Security. Jörg Schwenk Lehrstuhl für Netz- und Datensicherheit

Transkript

1 XML- und Webservice- Sicherheit 3. Web Service Security 3.1 WS-Security

2 Gliederung 1. SOAP 2. WS-Security: Der SOAP Security Header 3. Security Tokens in WS-Security S 4. XML Signature in WS-Security 5. XML Encryption in WS-Security Literatur: J. Rosenberg and D. Remy, Securing Web Services with WS-Security. SAMS Publishing, Indianapolis, USA, 2004.

3 1. SOAP Bewährte Aufteilung in Header und Body Header: Metainformationen Sicherheit Empfänger Sender... Body: Nutzdaten Abgrenzung nicht ganz einfach

4 1. SOAP: Das role -Attribut Verarbeitet und löscht Headerelemente mit role= Log Initial Sender Intermediary 1 Intermediary 2 role= Log Ultimate Receiver Verarbeitet und löscht Headerelemente mit role= next role= none : Nur Lesen, (optional) kein Löschen Verarbeitet und löscht Headerelemente mit role= UltimateReceiver oder ohne role-attribut

5 2. WS-Security Security = SOAP Security Header <?xml version="1.0" encoding="utf-8"?> <env:envelope xmlns:env="..."> <env:header> <wsse:security xmlns:wsse="..." xmlns:xenc="..." xmlns:ds="..."> <!-- Security Token --> <xxx:customtoken wsu:id="myid" ID" xmlns:xxx="..."> "> FHUIORv... </xxx:customtoken> <!-- XML Signature --> <ds:signature>... </ds:signature> <!-- XML Encryption --> <xenc:encryptedkey>... </xenc:encryptedkey> y </wsse:security> </env:header> <env:body wsu:id="msgbody">...</env:body> </env:envelope>

6 3. Security Tokens in WS-SecuritySecurity Username Token: Übertragung von Username/Password im Klartext (oder ggf. mit XML Encryption verschlüsselt) <env:envelope> <env:header>... <wsse:security xmlns:wsse="..."> <wsse:usernametoken> <wsse:username> Jörg </wsse:username> <wsse:password> geheim42 </wsse:password> </wsse:usernametoken> </wsse:security> </env:header> <env:body wsu:id="msgbody">... </env:body> </env:envelope>

7 3. Security Tokens in WS-SecuritySecurity Username Token: Übertragung von Password als Hashwert von Password, Nonce und Zeit <env:envelope> <env:header>... <wsse:security xmlns:wsse="..."> <wsse:usernametoken> <wsse:username> Jörg </wsse:username> <wsse:password Type=" #PasswordDigest"> AF6B469EEC73FFD4CA42 </wsse:password> <wsse:nonce> 6F34D7E87FA </wsse:nonce> <wsu:created> T08:00:00Z </wsu:created> </wsse:usernametoken> </wsse:security> </env:header> <env:body wsu:id="msgbody">... </env:body> </env:envelope>

8 3. Security Tokens in WS-SecuritySecurity Binary Security Token: X.509-Zertifikat <env:envelope> <env:header>... <wsse:security xmlns:wsse="..."> <wsse:binarysecuritytoken ValueType=...#X509v3 wsu:id= mycert EncodingType=...#Base64Binary > affg45dgtehjrr76s5kkd83hr6hjs0d0egks9fehrgfb7gx... </wsse:binarysecuritytoken> </wsse:security> </env:header> <env:body wsu:id="msgbody"> d "... </env:body> </env:envelope>

9 3. Security Tokens in WS-SecuritySecurity Binary Security Token: X.509-Zertifikat kann als Referenz im <KeyInfo>- Element verwendet werden.... <ds:keyinfo> <wsse:securitytokenreference> <wsse:reference URI= #mycert /> </wsse:securitytokenreference> </ds:keyinfo>...

10 3. Security Tokens in WS-SecuritySecurity Binary Security Token: Kerberos Token <env:envelope> <env:header>... <wsse:security xmlns:wsse="..."> <wsse:binarysecuritytoken ValueType=...#Kerberosv5TGT wsu:id= mytgt EncodingType=...#Base64Binary > affg45dgtehjrr76s5kkd83hr6hjs0d0egks9fehrgfb7gx... </wsse:binarysecuritytoken> </wsse:security> </env:header> <env:body wsu:id="msgbody"> d "... </env:body> </env:envelope>

11 3. Security Tokens in WS-SecuritySecurity XML Security Tokens: SAML Token: Security Assertion Markup Language XrML Token: Extensible Rights Markup Language XCBF Token: XML Common Biometric Format

12 4. XML Signature in WS-SecuritySecurity Custom Token: Realisierung mit XML Signature <?xml version="1.0" encoding="utf-8"?> <S11:Envelope xmlns:s11="..." xmlns:wsse="..." xmlns:wsu="... xmlns:ds="..."> <S11:Header> <wsse:security xmlns:wsse="..."> <wsse:binarysecuritytoken ValueType= EncodingType="...#Base64Binary" wsu:id=" MyID "> FHUIORv... </wsse:binarysecuritytoken>

13 4. XML Signature in WS-SecuritySecurity Custom Token: Realisierung mit XML Signature <ds:signature> <ds:signedinfo> <ds:canonicalizationmethod i i Algorithm=" <ds:signaturemethodalgorithm=" <ds:reference URI="#MsgBody"> <ds:digestmethod Algorithm=" <ds:digestvalue>lylsf0pi4wpu...</ds:digestvalue> </ds:digestvalue> </ds:reference> </ds:signedinfo> <ds:signaturevalue>djbchm5gk...</ds:signaturevalue>

14 4. XML Signature in WS-SecuritySecurity Custom Token: Realisierung mit XML Signature <ds:keyinfo> <wsse:securitytokenreference> <wsse:reference URI="#MyID"/> </wsse:securitytokenreference> </ds:keyinfo> </ds:signature> </wsse:security> </S11:Header> <S11:Body wsu:id="msgbody"> <tru:stocksymbol xmlns:tru=" QQQ </tru:stocksymbol> </S11:Body> </S11:Envelope>

15 4. XML Signature in WS-SecuritySecurity Custom Token: Zusammenfassung <S11:Envelope> <S11:Header> <wsse:security> <wsse:binarysecuritytoken wsu:id="myid"> <ds:signature> <ds:signedinfo> <ds:reference URI="#MsgBody"> <ds:signaturevalue> <ds:keyinfo> <wsse:securitytokenreference> <wsse:reference URI="#MyID"/> <S11:Body wsu:id="msgbody">

16 4. XML Signature in WS-SecuritySecurity Besonderheiten: Es kommen nur detached signatures vor In <ds:keyinfo> soll eine Referenz auf das entsprechende Security Token im <wsse:security>-header stehen Signierte Elemente sollen über ID-Attribute referenziert werden Wird ein SecurityTokenReference-Element mit signiert, so kann dieses VOR der Hashwertbildung durch Anwendung der STR Dereference Transform zum Bytestrom des eigentlichen Security Tokens hin aufgelöst werden.

17 5. XML Encryption in WS-SecuritySecurity <S11:Envelope xmlns:s11="..." xmlns:wsse="..." xmlns:wsu="..." xmlns:ds="..." xmlns:xenc="..."> <S11:Header> <wsse:security> <xenc:referencelist> <xenc:datareference URI="#bodyID"/> </xenc:referencelist> </wsse:security> </S11:Header> <S11:Body> <xenc:encrypteddata Id="bodyID"> <ds:keyinfo> <ds:keyname>cn=hiroshi Maruyama, C=JP</ds:KeyName> </ds:keyinfo> <xenc:cipherdata> <xenc:ciphervalue>...</xenc:ciphervalue> </xenc:cipherdata> </xenc:encrypteddata> </S11:Body> </S11:Envelope>

18 5. XML Signature/Encryption in WS-SecuritySecurity Beispiele (erzeugt mit WSS4J): enc_wss.xml encsign_wss.xml sign_wss.xml signenc_wss.xml

19 SSL Handshake

20 SSL-over-SOAP SOAP Problem 1: Shall we place the handshake messages in the SOAP header or the SOAP body? Solution: Handshake messages must be placed in the body, because SSL requires that a new handshake can be performed encryted. Thus for encrypted handshakes, the header is needed to store the key info and the message authentication code (according to WS- Security)

21 SSL-over-SOAP SOAP Problem 2: How can we describe the different Handshake messages in XML? Solution: Use WS-Trust (e.g. wst in handhake message 1 below) <soap:envelope> <soap:body> <wst:requestsecuritytoken tls:id='uuid:uuid-msg1'> <wst:tokentype>.../sc/sct</> <wst:requesttype>.../trust/ket</> <wst:requestket/> <wst:keyexchangetoken> <tls:clienthello> <tls:version>3.2</> <tls:ciphersuites> <tls:ciphersuite>...#tls_rsa_with_aes256_sha1</> <tls:compressionmethods> th <tls:compressionmethod>...#compression_null</> <wst:entropy> <wst:binarysecret Type='.../Nonce'>M7o9...MO0o MO0o=</>

22 SSL-over-SOAP SOAP Problem 3: How can we compute the cryptographic checksum? (In SSL-over-TCP, this is simply the checksum over a byte stream.) Solution: Compute the checksum over (parts of) the SOAP body In the SSL framework, the exchanged messages are those visible at the handshake layer and do not include record layer headers. Hence in SSL-over-SOAP, SOAP the exchanged messages are the SOAP bodies in messages 1 and 2, and the SOAP body except the <tls:finished> in this message. The SOAP bodies are first canonicalized with the algorithm Exclusive C14N and then concatenated.