WEB SECURITY USING XML ENCRYPTION

Based on the Apache XML Security Project.

By Ajeya Krishnamurthy

Presentation Overview

• Introduction

• XML Signature

• XML Encryption and Decryption

• The JCE ( Java Cryptography Extensions )

• Code Overview

• Future work

Introduction

The XML Signature technology was developed by the XML-DSig Charter – an IETF/W3C charter – in response to the June16 2000 e-sign act, which made digital signatures legallybinding.

XML Signatures allow you to sign only specified sections of a document. This contrasts to non-XML Signatures that require you to sign all of a document.

XML Signatures are not limited to XML documents and can be applied to all types of electronic data, for example, HTML and GIF files.

Introduction

Basics of cryptography

• Confidentiality - Protecting data from prying eyes while in transit over an insecure communications channel like the Internet

• Integrity - Provides communicating parties with the assurance that a message was not modified while in transit

• Non-repudiation - The recipient should be able to prove that a message actually originated with the purported sender and is not a forgery

Canonical XML

Canonical XML normalizes the physical representation of XML, creating a standard for signature processing. Before the signature digest is created for a document, it is transformed to canonical XML. Then, when the received document is checked for data integrity, it is transformed to canonical XML before a digest is created for it.

Different XML applications may represent XML differently. The digest calculation is sensitive to changes in the physical representation of the XML.

XML Signature

• XML Signatures are human readable and platform independent

• Unlike non-XML digital signatures, XML Signatures include processing information ( ex: Algorithm used to generate the signature )

• XML allows signing only portions of the document. Advantages?

XML Signature Types

Enveloped - The XML Signature is included in the XML document. It is contained within a child element of the XML document

Enveloping - The XML document is included in the XML Signature. It is contained within a a child element of the XML Signature

Detached - The XML Signature is included in a separate document from the signed document. The location of the signed document is referenced in the XML Signature. This type of signature is used for non-XML documents

XML Signature structure

XML Signature structure

<Signature ID><SignedInfo><CanonicalizationMethod/><SignatureMethod/>(<Reference URI><DigestMethod><DigestValue></Reference>)</SignedInfo><SignatureValue>(<KeyInfo>)</Signature>

XML Encryption

• Enables encryption of specified portions of a document, leaving the rest of the document in its original form

• Does not support the encryption of attributes

• Both symmetric and asymmetric encryption can be used

The ability to encrypt partial documents is unique to XML encryption.

XML Encryption Interoperability

XML encryption is interoperable with XML Signature. However, if you want to encrypt and sign a document, you must always encrypt the document before you sign it. This is because the digest, generated for the digital signature, may give clues about the unencrypted content of a document.

XML Encryption structure

<enc:EncryptedData Id="" Type=""><enc:EncryptionMethod/><enc:KeyInfo><enc:EncryptedKey/><enc:KeyRetrievalMethod/></enc:KeyInfo><enc:CipherData URI="">iamscrambled</enc:CipherData> </enc:EncryptedData>

The Java Cryptography Extension

The JCE and the JCA are APIs provided by Java for cryptography.

Tutorials are available at

http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html

XMLSignatureFactory.• XMLSignatureFactory is a standard FactorySingleton. The main purpose is to create allelements of a XMLSignature• It can be instantiated by:─ XMLSignatureFactory.getInstance()─ XMLSignatureFactory.getInstance(“DOM”,new <placeholder_provider>());─ XMLSignatureFactory.getInstance(“DOM”,“<placeholder_provider>”);

Class XMLSignatureFactory -- Main class used to create all elements required for a signature

Code Overview

Code Overview

Main class for interaction

• CreatingXMLSignatureFactory.newInstance()XMLSignatureFactory.unmarshalXMLSignature()

• Important methodssign(XMLSignContext signContext)validate(XMLValidateContextvalidateContext)

Class XMLSignature

XMLSignatureFactory fac = XMLSignatureFactory.getInstance();

Reference ref =fac.newReference(“http://xml.apache.org/",fac.newDigestMethod(DigestMethod.SHA1, null));

Code Overview – Creating the signature

This creates a new XMLSignatureFactory instance…

And this creates a reference to be signed. The reference contains a URI pointing to the data that we wish to sign.

SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod (CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS,null),fac.newSignatureMethod(SignatureMethod.DSA_SHA1,null),Collections.singletonList(ref));

Code Overview

This creates the SignedInfo object we need…

XMLSignature signature = fac.newXMLSignature(si, null);

And this creates a new Signature object.

Code Overview – Creating the signature

Code Overview

Now we generate the key pair using the JCA.

Document doc =dbf.newDocumentBuilder().newDocument();DOMSignContext signContext = newDOMSignContext(kp.getPrivate(), doc);

//Sign the URL. The XML-Signature structure is//appended to the documentsignature.sign(signContext);

KeyPair kp = …

And then we create the document object and sign it

Code Overview – Creating the signature

Code Overview – Verifying the signature

1: Create a XMLSignature from XML

2: Setup a KeySelector

3: Create a XMLValidateContext

4: Validate the Signature

// Parse the documentDocument doc = dbf.newDocumentBuilder().parse(newFileInputStream(args[0]));// Find Signature element. This only checks for a// Signature root element.Node signatureNode =doc.getElementsByTagNameNS(XMLSignature.XMLNS,"Signature").item(0);// Create a XMLSignatureFactoryXMLSignatureFactory fac =XMLSignatureFactory.getInstance();

Code Overview – Verifying the signature

// Create a KeySelectorKeySelector ks =KeySelector.singletonKeySelector(key);// Create a XMLValidateContextDOMValidateContext valContext = newDOMValidateContext(ks, signatureNode);// Unmarshal the XMLSignatureXMLSignature signature =fac.unmarshalXMLSignature(valContext);// Validate the XMLSignature (generated above)boolean coreValidity =signature.validate(valContext);

Code Overview – Verifying the signature

Code Overview – Encryption

Designed to have fewest possible dependencies

Dependencies

• Xalan• Xerces• Commons Logging• Cryptographic service provider

1: Specify key algorithm

2: Initialize KeyCipher

3: Generate encryption key

4: Specify encryption algorithm

5: Initialize XMLCipher

6: Encrypt

Steps to encrypt data

Code Overview – Encryption

Code Overview – Encryption

// get algorithmString algo =XMLCipher.TRIPPELDES_KeyWrap;

// construct XMLCipherXMLCipher c = XMLCipher.getInstance(algo);

1: Specify key algorithm2: Initialize KeyCipher

Code Overview – Encryption

KeyGenerator kg =KeyGenerator.getInstance(“DESede”);SecretKey sk = kg.generateKey();byte[] kb = sk.getEncoded();

3: Generate encryption key4: Specify encryption algorithm

XMLCipher keyCipher =XMLCipher.getInstance(algo);Key symmKey = //as in generate keyencryption keykeyCipher.init(XMLCipher.WRAP_MODE, symmKey);EncryptedKey encryptedKey =keyCipher.encryptKey(document, symmKey);

XMLCipher xmlCipher =XMLCipher.getInstance(XMLCipher.AES_128)xmlCipher.init(XMLCipher.ENCRYPT_MODE,symmKey);

Code Overview – Encryption

5: Initialize XMLCipher

EncryptedData d = xmlCipher.getEncryptedData();KeyInfo keyInfo = new KeyInfo(document);keyInfo.add(encryptedKey);d.setKeyInfo(keyInfo);

Prepare for encryption

xmlCipher.doFinal(document,rootElement,true);

6: Encrypt

Code Overview – Encryption

Code Overview – Decryption

1: Get the element that need to be decrypted

2: Get the key

3: Decrypt

Steps involved in Decryption

Code Overview – Decryption

// Get the element that need to bedecryptedElement e = (Element)document.getElementsByTagNameNS(EncryptionSpecNS, ENCRYPTEDDATA).item(0);// Get the keyKey kek = loadKeyEncryptionKey();

Prepare for encryption

XMLCipher xmlCipher = XMLCipher.getInstance();xmlCipher.init(XMLCipher.DECRYPT_MODE, null);xmlCipher.setKEK(kek);xmlCipher.doFinal(document,encryptedDataElement);

Now perform Decryption

Code Overview – Decryption

Future Work

The Apache foundation will focus next on the XKMS for this project. Currently, the Java API is complete and robust. The C++ library is still evolving.