Autosar's self-signed certificate and CA certificate

1. Secure transmission

1. Framework

2. How to achieve transmission security?

"Encryption + signature + certificate" is essentially a solution for secure data transmission in non-secure channels.

• 1. Encryption - anti-eavesdropping: Convert plaintext to ciphertext, only the desired receiver has the ability to decrypt ciphertext to plaintext, even if the ciphertext is stolen by the attacker, the content of the data cannot be understood;

• 2. Verify integrity - prevent tampering: calculate the summary of the original data, and deliver the data and summary to the communicating party . The receiver also calculates the digest of the data after receiving it, and compares whether it is consistent with the accepted digest, so as to judge whether the received data has been tampered with.
  However, because the received digest may also be tampered with, a more secure method is needed: digital signature (encryption of the digest is digital signature);

• 3. Authenticating the source of data - preventing masquerading: Digital signatures can verify data integrity and at the same time authenticate data sources to prevent masquerading.

3. What is the difference between symmetric encryption and asymmetric encryption?

• 1. Key management: In the symmetric encryption algorithm, the key needs to be sent to the communicating party, and there is a risk of key leakage; the public key of the asymmetric encryption is public, and the private key is kept secret, which prevents the private key from being transmitted;

• 2. Key function: The data encrypted by the public key can only be decrypted by the private key. On the contrary, the data encrypted by the private key can only be decrypted by the public key (note: the data encrypted by the public key cannot be decrypted by the public key, because the public key is public, if the public key can be decrypted, the encryption security will be lost sex);

• 3. Calculation performance: The calculation efficiency of asymmetric encryption algorithm is low, so in practice, a composite algorithm combining two algorithms is often used: first use asymmetric encryption to establish a secure channel to transmit a symmetric key, and then use the key for symmetric encryption;

• 4. Authentication function: In the asymmetric encryption algorithm, only one party holds the private key, which has authentication and non-repudiation (this feature is applied to the digital signature algorithm in Section 3).

Considering performance factors, the "hybrid encryption" scheme combining "symmetric encryption" and "asymmetric encryption" is adopted in the HTTPS protocol: when establishing communication, asymmetric encryption is used to negotiate the "session key", Symmetrically encrypted communication is performed based on the key during the communication process.

4. Pseudo random numbers and true random numbers

Random numbers are a very important point in the field of computer security. In many scenarios, a random number is needed to generate random events, such as key generation, file name, sessionId/orderId/token, etc. The modern random number generation model still uses the random number model designed by von Neumann in 1946:

• 1. Input any number as "seed", and get a random number through random number algorithm;
• 2. Use the generated random number as a new seed and substitute it into the next round of calculation;
• 3. Repeat steps 1 and 2 to generate multiple random numbers with statistical significance.

However, the random numbers generated by this model are not absolutely random. As long as the sampling range is large enough, random results will definitely fall into a cycle, so the random numbers generated by this model can only be called "pseudo-random numbers", and the cycle in which random results fall into a cycle is called "random cycle".

To get real random numbers, hardware level support is required.

• In 1999, Intel integrated the world's first true random number generator on its i810 chipset. Its solution is to use the thermal noise of the circuit (irregular movement of molecules) as a data source. The disadvantage is that the efficiency is too low, so the current The random numbers used in computers are still pseudo-random numbers implemented by software.
• While software cannot be truly random, it can improve the randomness of the generator. For example, use a stronger random algorithm (Java#SecurityRandom), use more complex seeds (system time, mouse position, network speed, hard disk read and write speed), expand the value range of random numbers, combine multiple random algorithms, etc.

5. Digital signature - verify integrity & authenticate data source

Digital Signature, also known as Digital Fingerprint, is a combination of message digest algorithm and asymmetric encryption algorithm, which can verify the integrity of data and authenticate the source of data.

The model of a digital signature algorithm is divided into two main phases:

• 1. Signature: First calculate the [summary] of the data, then use the private key to encrypt the [summary] to generate a [signature], and send the [data + signature] to the receiver;
• 2. Verification: First use the same digest algorithm to calculate the [digest] of the received data, and then use the pre-obtained public key to decrypt the [signature], and compare whether the [decrypted signature digest] and the [calculated digest] are consistent. If they are consistent, it means that the data has not been tampered with.
  

If you use the "public key" to encrypt data and use the "private key" to decrypt it, this is "encryption"; otherwise, use the "private key" to encrypt data and use the "public key" to decrypt it, which is "signature".

• Since everyone holds the public key, "signature" does not guarantee the security of the data, because everyone can use the public key to decrypt it.
• But "signatures" can be used to ensure the accuracy and non-repudiation of messages. Because there is a one-to-one correspondence between the public key and the private key, when a public key can decrypt a ciphertext, it means that the ciphertext must come from the private key holder.

6. Why can a digital signature using a digest algorithm verify integrity?

Verification integrity mainly depends on the characteristics of the message digest algorithm. The principle of the digest algorithm is to extract the information in the original data according to certain operation rules. The extracted information is the message digest of the original data, also known as the data fingerprint.

• Perform a one-way Hash function on a piece of data to generate a fixed-length Hash value, which is the summary of the data
• Famous digest algorithms include MD5 algorithm and SHA series algorithms.

The digest algorithm has the following characteristics:

Consistency: the summaries of multiple calculations of the same data are the same, and the summaries of different data (when collisions are not considered) are different; irreversibility: only the summaries of the
original data can be extracted forward, and the original data cannot be reversed from the summaries ;
Efficiency: The generation process of the abstract is efficient and fast;

The model of the digest algorithm is divided into two main steps:

Generate summary: first calculate the [summary] of the data, and then send [data + summary] to the receiver;
verify the summary: use the same summary algorithm to calculate the [summary] of the received data, compare [received summary] with [ Calculated summary] is consistent. If they are consistent, the data is complete.

Simply relying on digest algorithms cannot strictly verify data integrity. Because in the non-secure channel, both the data and the summary have the risk of tampering, and the attacker can also tamper with the summary when tampering with the data. Therefore, the digest algorithm needs to cooperate with the encryption algorithm to strictly verify the integrity.

Benefits of message digests:

• For example, when we download a file, the data source will provide the MD5 of a file. After the file is downloaded, we calculate the MD5 of the file locally and compare it with the MD5 provided by the data source. If they are the same, the file is complete. However, when the message digest is used independently, it is impossible to ensure that the data has not been tampered with, because there is no guarantee that the MD5 obtained from the data source has not been tampered with halfway.
• Digest algorithms are relatively fast compared to encryption algorithms.

7. Why can digital signatures authenticate data sources?

This is because the sender's private information (private key) is introduced into the signature, and only the "legitimate sender" can generate a digital signature (encrypted string) that cannot be forged by others. This digital signature proves the true source of the data .

• When the receiver obtains the sender's public information (public key) through "legal means" and successfully verifies the digital signature, it means that the data comes from a "legal receiver".
  In addition, the private information of the sender is introduced when signing, and the public information of the sender is used when verifying, which is exactly in line with the characteristics of "asymmetric encryption".
  Because the private information introduced during signature is exactly the private key, the public information used during verification is the official public key.

8. Can I use the private key to sign the original data first, and then digest the signature?

No, for two main reasons:

• 1. Feasibility: The receiver needs to verify the integrity of the data through the digest, but the receiver cannot sign the data , so it cannot verify the consistency of the data digest;
• 2. Time efficiency: It takes too long to sign (encrypt) the original data , and the digest algorithm itself is a compressed map, which can shorten the time consumed by signing.

9. How can the receiver securely obtain the sender's public key? - digital certificate

What is a digital certificate?

• Digital signatures and digital certificates always appear in pairs, and the two cannot be separated. Digital signatures are mainly used to verify data integrity and authenticate data sources, while digital certificates are mainly used to securely issue public keys.
• A digital certificate mainly includes three parts: the user's information, the user's public key, and the CA's signature on the certificate's entity information.

The digital certificate model is mainly divided into two steps:

• 1. Issuing certificates:

(1) The applicant sends the signature algorithm, public key, valid time and other information to the CA organization; (
2) After the CA organization verifies the identity of the applicant, it will make the information sent by the applicant into an entity and calculate the abstract;
(3) The CA organization uses its own private key to encrypt the abstract to generate a certificate signature (Certificate Signature);
(4) The CA organization adds the certificate signature to the digital certificate to form a complete digital certificate.

• 2. Verification certificate

(1) The verifier uses the same digest algorithm to calculate the digest of the digital certificate entity;
(2) Use the public key of the CA authority (the public key information of the CA is integrated in the browser and operating system) to decrypt the digital certificate signature;
(3) Comparison Whether the decrypted data is consistent with the calculated digest, and if so, it is a trusted certificate.

(1) Generate CA root certificate

The root certificate is pre-installed in the operating system, and we believe that the root certificate must be correct.

step:

• 1. Authorities use algorithms such as RSA to generate a pair of public key K1 / private key K2;
• 2. The public key K1, certificate issuing authority, validity period and other information form an original certificate content, which is set to C;
• 3. Use a certain digest algorithm to calculate the digital digest of the original content C, set to H;
• 4. Use the private key S generated in the first step to sign the digest H to obtain the signature content S;
• 5. Combining the original content C and the signed content S, the CA root certificate is obtained.

CA certificate: A certificate issued by a CA organization to others. It mainly includes the following information

• Applicant public key
• Applicant Information
• Issuer (CA) information
• A digital signature of the above information. Digital signature generation rules: first use a digest algorithm, such as SHA256, to generate a digest of the above information, and then CA uses its own private key to encrypt this digest

(2) Generation of business-related certificates

• 1. Enterprises use algorithms such as RSA to generate a pair of public key K3 / private key K4;
• 2. Make the public key K3 and other content of the certificate to form the original certificate content, set it as C, and give it to the authority;
• 3. After the authoritative organization gets C, it uses the summary algorithm to generate summary information 2;
• 4. The authority uses its own private key K2 (this is the key point) to sign the summary information H and obtain the signed content S;
• 5. Combine the original content C2 and the signed content S2 together to obtain a certificate and hand it over to the enterprise.

The difference between the CA root certificate and the business certificate is that: The private key used for signing the certificate for the business application is the private key of the CA institution. This private key corresponds to the public key in the root certificate.

(3) Verification of the authenticity of digital certificates

Using the public key of the root certificate, you can verify that the signatures of other certificates are correct. If the signature is correct, the certificate is authentic and has not been tampered with. Later, the public key contained in the trusted certificate can be used to verify whether the received message is credible.

10. What is a certificate authority CA?

A certificate authority (certifcation authroity, CA) is an authority responsible for the approval, issuance, archiving, and revocation of digital certificates.

• CA institutions are divided into "root CA" and "intermediate CA". In principle, it is necessary to prevent the root CA institution from directly issuing end-entity certificates, and the intermediate CA institutions are required to issue end-entity certificates.
• This is to avoid the impact of certificate invalidation. Once the root certificate is invalid or forged, the entire certificate chain will be problematic.

11. What is a certificate chain?

A certificate chain is a certificate verification chain established by multiple digital certificates.

• A digital certificate mainly includes three parts: user information, user key, and CA authority's signature on the certificate entity.
• In order to verify the legitimacy of the certificate entity, it is necessary to obtain the public key of the CA that issued the certificate, and this public key exists in the upper-level certificate. Therefore, in order to verify the legitimacy of the certificate, it is necessary to trace up the certificate chain until the root certificate.

The root certificate is a self-signed certificate, and the user downloading the root certificate means trusting all the certificates issued by the root certificate. In the operating system or browser, some trusted root certificates are already built in.

12. Standards for digital certificates

A digital certificate mainly includes three parts: the user's information, the user's public key, and the CA's signature on the certificate's entity information. The current digital certificate adopts the X.509 standard formulated by the Public Key Infrastructure (PKI), and there are currently three versions, among which the third version of the X.509 standard is more common.

• The main format is as follows:
  

Second, openssl generates a self-signed certificate

basic process

Create a virtual CA organization, generate a certificate,
generate your own key, then fill in the certificate authentication application, and take it to the above CA organization for signature,
and then get a self-signed certificate (certified by the self-built CA organization)

• The root certificate is built in the https client and generated by the private key of the https server
  

First, a fictitious CA certification authority comes out

# 生成CA认证机构的证书密钥key
# 需要设置密码，输入两次
openssl> genrsa -des3 -out ca.key 1024

# 去除密钥里的密码(可选)
# 这里需要再输入一次原来设的密码
openssl> rsa -in ca.key -out ca.key

# 用私钥ca.key生成CA认证机构的证书ca.crt
# 其实就是相当于用私钥生成公钥，再把公钥包装成证书
openssl> req -new -x509 -key ca.key -out ca.crt -days 365
# 这个证书ca.crt有的又称为"根证书",因为可以用来认证其他证书

Generate a certificate for the website

• Use the fictitious CA organization above to authenticate

# 生成自己网站的密钥server.key
# genra	生成RSA私钥
# -des3	des3算法
# -out server.key 生成的私钥文件名
# 1024 私钥长度
openssl> genrsa -des3 -out server.key 1024

# 生成自己网站证书的请求文件
# 如果找外面的CA机构认证，也是发个请求文件给他们
# 这个私钥就包含在请求文件中了，认证机构要用它来生成网站的公钥，然后包装成一个证书
# req 生成证书签名请求
# -new 新生成
# -key 私钥文件
# -out 生成的CSR文件
# -subj 生成CSR证书的参数
openssl> req -new -key server.key -out server.csr -subj "/C=CN/ST=Guangdong/L=Guangzhou/O=xdevops/OU=xdevops/CN=gitlab.xdevops.cn"

# 使用虚拟的CA认证机构的证书ca.crt，来对自己网站的证书请求文件server.csr进行处理，生成签名后的证书server.crt
# 注意设置序列号和有效期（一般都设1年）
# -days 证书有效期
openssl> x509 -req -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt -days 365 

So far, the private key server.key and the certificate server.crt have all been generated and can be used in the website source code

• The subj parameter description is as follows:
  

3. Android application signature

Gradle (10) an article to understand the v1/v2/v3 signature mechanism

https://duanqz.github.io/2017-01-04-Package-Manage-Mechanism

4. HTTPS mutual authentication (Mutual TLS authentication)

HTTPS mutual authentication (Mutual TLS authentication)

reference:

• Encryption, digest, signature, certificate, explain clearly at once!
• Talking about the CA certificate and self-signed certificate of Https in seconds
• What are digests, signatures, and digital certificates?
• openssl generates a self-signed certificate (full version)
• Generate a Self-Signed SSL Certificate Using OpenSSL
• Create a self-signed certificate using openssl
• Gradle (10) an article to understand the v1/v2/v3 signature mechanism