标签归档:OpenSSL

从RSA迁移到ec

听闻了除了RSA和DSA以外,出现了新的加密算法,ecc(椭圆曲线加密算法),于是打算来尝尝鲜。

openssl目前的版本已经支持ecc,可以直接升成ecc的密钥和签署ecc的证书。用法大概是这样:

root@vultr:/tmp# openssl ecparam help
unknown option help
ecparam [options] <infile >outfile
where options are
 -inform arg       input format - default PEM (DER or PEM)
 -outform arg      output format - default PEM
 -in  arg          input file  - default stdin
 -out arg          output file - default stdout
 -noout            do not print the ec parameter
 -text             print the ec parameters in text form
 -check            validate the ec parameters
 -C                print a 'C' function creating the parameters
 -name arg         use the ec parameters with 'short name' name
 -list_curves      prints a list of all currently available curve 'short names'
 -conv_form arg    specifies the point conversion form
                   possible values: compressed
                                    uncompressed (default)
                                    hybrid
 -param_enc arg    specifies the way the ec parameters are encoded
                   in the asn1 der encoding
                   possible values: named_curve (default)
                                    explicit
 -no_seed          if 'explicit' parameters are chosen do not use the seed
 -genkey           generate ec key
 -rand file        files to use for random number input
 -engine e         use engine e, possibly a hardware device

首先检查一下当前openssl支持的密钥长度

 root@vultr:/tmp# openssl ecparam -list_curves
 secp112r1 : SECG/WTLS curve over a 112 bit prime field
 secp112r2 : SECG curve over a 112 bit prime field
 secp128r1 : SECG curve over a 128 bit prime field
 secp128r2 : SECG curve over a 128 bit prime field
 secp160k1 : SECG curve over a 160 bit prime field
 secp160r1 : SECG curve over a 160 bit prime field
 secp160r2 : SECG/WTLS curve over a 160 bit prime field
 secp192k1 : SECG curve over a 192 bit prime field
 secp224k1 : SECG curve over a 224 bit prime field
 secp224r1 : NIST/SECG curve over a 224 bit prime field
 secp256k1 : SECG curve over a 256 bit prime field
 secp384r1 : NIST/SECG curve over a 384 bit prime field
 secp521r1 : NIST/SECG curve over a 521 bit prime field
 prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
 prime192v2: X9.62 curve over a 192 bit prime field
 prime192v3: X9.62 curve over a 192 bit prime field
 prime239v1: X9.62 curve over a 239 bit prime field
 prime239v2: X9.62 curve over a 239 bit prime field
 prime239v3: X9.62 curve over a 239 bit prime field
 prime256v1: X9.62/SECG curve over a 256 bit prime field
 sect113r1 : SECG curve over a 113 bit binary field
 sect113r2 : SECG curve over a 113 bit binary field
 sect131r1 : SECG/WTLS curve over a 131 bit binary field
 sect131r2 : SECG curve over a 131 bit binary field
 sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
 sect163r1 : SECG curve over a 163 bit binary field
 sect163r2 : NIST/SECG curve over a 163 bit binary field
 sect193r1 : SECG curve over a 193 bit binary field
 sect193r2 : SECG curve over a 193 bit binary field
 sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
 sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
 sect239k1 : SECG curve over a 239 bit binary field
 sect283k1 : NIST/SECG curve over a 283 bit binary field
 sect283r1 : NIST/SECG curve over a 283 bit binary field
 sect409k1 : NIST/SECG curve over a 409 bit binary field
 sect409r1 : NIST/SECG curve over a 409 bit binary field
 sect571k1 : NIST/SECG curve over a 571 bit binary field
 sect571r1 : NIST/SECG curve over a 571 bit binary field
 c2pnb163v1: X9.62 curve over a 163 bit binary field
 c2pnb163v2: X9.62 curve over a 163 bit binary field
 c2pnb163v3: X9.62 curve over a 163 bit binary field
 c2pnb176v1: X9.62 curve over a 176 bit binary field
 c2tnb191v1: X9.62 curve over a 191 bit binary field
 c2tnb191v2: X9.62 curve over a 191 bit binary field
 c2tnb191v3: X9.62 curve over a 191 bit binary field
 c2pnb208w1: X9.62 curve over a 208 bit binary field
 c2tnb239v1: X9.62 curve over a 239 bit binary field
 c2tnb239v2: X9.62 curve over a 239 bit binary field
 c2tnb239v3: X9.62 curve over a 239 bit binary field
 c2pnb272w1: X9.62 curve over a 272 bit binary field
 c2pnb304w1: X9.62 curve over a 304 bit binary field
 c2tnb359v1: X9.62 curve over a 359 bit binary field
 c2pnb368w1: X9.62 curve over a 368 bit binary field
 c2tnb431r1: X9.62 curve over a 431 bit binary field
 wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
 wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
 wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
 wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
 wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
 wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
 wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
 wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
 wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
 wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
 wap-wsg-idm-ecid-wtls12: WTLS curvs over a 224 bit prime field
 Oakley-EC2N-3:
 IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
 Not suitable for ECDSA.
 Questionable extension field!
 Oakley-EC2N-4:
 IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
 Not suitable for ECDSA.
 Questionable extension field!

然后就挑其中一个来制作ecc密钥

 openssl ecparam -genkey -name prime256v1 -noout -out ecc.key

参数中的noout是指不输出ec参数,genkey是生成密钥。

ecc密钥生成之后,就可以按照老方法来生成证书了。先生成证书请求:

openssl req -new -key ecc.key -out ecc.csr

再对其进行签署,可以自签署,或者交给其他的CA进行签署,或者自己用自己的CA证书进行签署:
自签署:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

自己用自己的CA证书进行签署:

 openssl ca -cert ca.crt -extensions server_cert -days 375 -notext -md sha256 -in ecc.csr -out ecc.crt

签署服务器证书用server_cert插件,签署客户端证书用usr_cert插件。

大功告成。

在Nginx中使用客户端证书认证

其实这个东西很久以前就想搞的了,一直没动手,直到最近总在外面跑,有时候就考虑连回家里,于是稍微动了一下手。

选nginx是因为这个服务器够轻型,做前端最好了,而且做前端的话以前也做过,有经验。

上连接:

http://blog.csdn.net/kunoy/article/details/8239653



http://blog.csdn.net/jinhill/article/details/2573777
签证书什么的感觉略微有点麻烦了,于是果断的用了openvpn的easyrsa,这套脚本帮我很轻松的完成了证书的签署。主要用到了build-ca build-key-server build-key,根据名字就看出来了,生成ca证书,生成服务器证书,生成私有证书。这部分根据不用的系统,生成的证书在不同的位置,详情再自行Google之。我是在openwrt上做的,签好的证书在/etc/easyrsa/keys下。

如果真心想认真学习签证书的话还是去做多点的Google吧。

证书和密钥到手,这时候比较推荐导出一下客户端证书,使用以下命令

openssl pkcs12 -export -inkey client.key -in client.crt -CAfile ca.crt -chain -out client.pfx

就能得到一份可以导入的私有证书了。(暂时我只找到这种笨办法)

 

证书都准备好之后就是服务器的配置了。

先要处理一下openssl.conf,主要是这几行

dir            = /etc/easy-rsa/keys         # top dir  
database       = $dir/index.txt          # index file.  
new_certs_dir  = $dir/newcerts           # new certs dir  

certificate    = $dir/ca.crt         # The CA cert  
serial         = $dir/serial             # serial no file  
private_key    = $dir/ca.key  # CA private key  
RANDFILE       = $dir/.rand      # random number file 

countryName = match  
stateOrProvinceName = match  
organizationName = match  
organizationalUnitName = match  
localityName            = optional  
commonName              = supplied  
emailAddress            = optional

上半部分是证书文件的位置,下半部分是认证哪些内容是相同,自己看着修改。

openssl弄好之后就是重头戏了,nginx本身的配置。

默认的配置文件里有https服务器的实例,参照着就能弄好一个认证服务器端证书的,只要稍微加上几行就能加上私有证书的认证了。

    # HTTPS server

    server {
        listen       443;
        server_name  Router;

	charset utf8;

        ssl                  on;
        ssl_certificate      /etc/easy-rsa/keys/ferrets.imzone.in.crt;
        ssl_certificate_key  /etc/easy-rsa/keys/ferrets.imzone.in.key;

	ssl_client_certificate /etc/easy-rsa/keys/ca.crt; #客户端证书认证所需要的ca证书

        ssl_session_timeout  5m;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
	ssl_verify_client on; #启用客户端证书认证

        location / {
            proxy_pass ;
		proxy_redirect default;
        }
		location /transmission {
			proxy_pass ;
			proxy_redirect default;
		}
    }

嗯,像上面一样的配置文件我就是做的代理服务器,转发到192.168.1.1和192.168.1.1:9091,方便远程管理路由和transmission。

感觉一下子强力了好多啊。

又是好一阵折腾

嘛~因为开了vhosts,所以总出点什么问题……

刚刚把自己签署的证书都换了一遍,因为Google Chrome告诉我说,证书的签署算法太旧了,要被淘汰。于是又重新做了新的CA证书,然后把全部证书都重新做了一遍。中间发生了很多很多事情。

因为是签署算法的问题,所以一直在openssl里面看那些命令,不停地做,不停地做。结果最后签出来的证书都是MD5的。又尝试用DSA来做。可是用DSA做出来的根证书全部都是损坏了,不完整的,上Google搜,也没有相关的信息,结果放弃用DSA了。,老老实实用RSA。

然后又考虑是不是私钥的问题。用openssl genrsa 做了好多次,结果一旦加上什么参数就要我加上密码。我擦嘞,能不能不用密码啊,重启服务器都要输密码的话很麻烦啊。

后来翻来翻去,发现签署证书的时候,算法都是在openssl ca -md 命令里面设置的,终于找到了问题所在。 因为我是用着那个很久以前的sign.sh脚本来签署的,估计参数都在里面。然后打开一看,果真如此。改过之后再一sign,出来的就是sha1的算法,Chrome也没有报错了。于是马上动手全部换了一遍。

换了之后,问题又来了。wordpress的博客进不去了……访问的结果都是“No input file specified.”怎么改都不行,偏偏另外一个vhosts的php脚本没问题,跑phpmyadmin也没问题。php.ini的doc_root已经包括了wordpress的文件夹,可是还是不行。最后一怒之下,把doc_root给注释了,结果就好了……

今天意外多折腾啊