Research on security issues involved in e-commerce system platform development

Compared with system security, information security focuses on encryption, decryption, digital signature, verification, and certificates. system Security focuses on whether the system has security vulnerabilities, such as the buffer overflow caused by imperfect software design.

JCE (Java crypto extenstion) is a part of the encryption function in Java. It uses open ideas and allows users to write specific implementation modules of encryption algorithms. these are called JCE providers and JCE providers. sun itself provides some providers. however, I recommend bouncy castle provider. the reason is that it implements many encryption algorithms and even newer elliptic curve (ECC) algorithms. go to http://www.bouncycastle.org/to find what you want. Bouncy castle not only provides the provider itself, but also includes a S/MIME and an open PGP jar package. Only the provider itself is necessary, the last two packages are provided for programming convenience. for example, with the S/MIME package, you no longer need to write a lot of code for a very realistic application such as "encrypt a string or an article and then sign, you just need to reference several classes in the S/MIME package, and you will soon be able to handle it. the existence of open PGP makes it much easier for you to write programs that interact with PGP/GPG in Java.

The preparations for writing information security programs in Java have been clearly stated. now, assume that you are already familiar with the Java language and can write some programs in Java, and the downloaded jar packages have been downloaded.

The security. addprovider (New bouncycastleprovider (); Add the provider of bouncycaslte to the system, so that the system will call the encryption algorithm in this provider when running the relevant program.

Then we can start opening the CA. first, a CA must have its own public key and private key. First, we must generate such a pair. you can use the keypairgenerator object to call keypairgenerator. the getinstance method can generate an appropriate instance based on the key type to be generated, such as common RSA and DSA. call the initialize method and generatekeypair method of the object to generate a keypair object. then, call the corresponding method in the keypair object to obtain the public key and private key in the generated key pair.

With the public key and private key pair, the following is a very practical problem: how to store them. we usually need to encode these security objects, such as public keys, private keys, certificates, and so on. the purpose of encoding is to convert a complex security object into a byte stream for storage and reading, such as DER encoding. in addition, the byte stream after DER encoding is usually base64-encoded again to convert all the bytes in the byte stream into printable bytes.

In Java, these security objects basically have the getencoded () method. For example:

Byte [] keybytes = privatekey. getencoded ();

In this way, the DER-encoded result of a private key is saved to a byte array. then you can save the byte array to any media. if necessary, you can use the base64 decoder class in the BC provider for encoding, as shown in the following code:

Byte data [] = base64.encode (keybytes );

To read the private key from a file, you should:

Pkcs8encodedkeyspec spec = new pkcs8encodedkeyspec (keydata );
Keyfactory kfac = keyfactory. getinstance ("RSA ");
Privatekey = kfac. generateprivate (SPEC );

The RSA private key is automatically encoded according to pkcs8. therefore, you can use the encoded byte array as the constructor parameter of the pkcs8encodedkeyspec object to generate an object of this type. create a key factory object to generate an RSA private key as required. obviously, the keydata here should be the same as the above keybytes content.

To improve system security, a password is usually used to encrypt the private key after it is encoded by der and then stored in the file system. if you do not have the correct password when using the private key, the private key cannot be restored.

Saving the certificate is similar to saving the private key. The certificate object also has a getencoded method.

This time I will talk about this. you should be able to skillfully move these security objects back and forth between the file system and the memory. this is important for implementing CA in the future. next I will talk about the method used to indicate the subject in the certificate: DN.

The above describes how to generate a key pair and how to convert security objects such as public keys, private keys, and certificates between the file system and memory. these are the basic skills for preparing to open a ca. Now let's talk about the basic principles of Ca and how to use the subject name structure DN (distinguish name) to represent the subject in each certificate.

A certificate is a proof that an authority confirms the identity of a subject. A certificate indicates that an authority confirms that a subject is itself, rather than another impersonator. the subject can be individual or not. For example, when security services are required, a certificate must be issued to the server of a website. The subject of such a certificate is a server. the authority that signs the certificate is ca, which is also a subject. an authority signs a digital signature of a certificate (TBS, to be signed) that contains a series of information about the subject to be authenticated. a tbs that contains the information about the subject to be authenticated, and ca uses its own private key to generate the byte exile generated by the signature, constitutes a standard X509 Certificate.

A tbs contains the following main information:

Certificate version, usually 3 (x509v3)

The serial number of the Certificate. rfc3280 specifies that each CA must ensure that the serial number of each certificate issued by the certificate is unique and that the serial number can only be a non-negative integer.

The name of the issuer (CA), a dn object.

The validity period of the certificate. It indicates the validity period of the certificate. It indicates the time when the certificate takes effect and expires.

The name of the subject to be authenticated. It is also a dn object.

The public key of the subject to be authenticated. After verifying the validity of the certificate, any security application can start to use the public key of the subject for secure communication.

If it is an x509v3 certificate, that is, the version number is 3, there is a certificate Extension Information Field, you can add some other information in the certificate.

Let's take a look at the structure of the Subject name: DN. this knot is a set of attributes. each attribute has a property name and a property value. it is used to indicate "who I am", that is, who issued the certificate to, and who owns the public key corresponding to the certificate.

A string is usually used to represent the DN structure. This string describes the types and values of each attribute in this structure:

C = cn; S = Beijing ; L = Beijing ; O = PKU; ou = ICST; Cn = Wolfenstein

Here c is the country and region code, S and l are both regional codes, S is equivalent to the level of province or state, L is equivalent to the city level, O is the name of the organization, ou is the name of the secondary organization, and CN is the common name of the subject ). here, the types of attributes such as C, S, and l are relatively fixed. For example, C is generally used to indicate country and region code, some other types of information can be added to the DN structure, which is generally expressed as "xxx = xxx.

The following describes how to create a subject name object in Java.

In BC provider, the x509name object is used to represent the DN. The procedure for constructing an x509name is as follows:

First, construct two vector objects to indicate the attribute names and attribute values:

Vector oids = new vector ();
Vector attributes = new vector ();

In the oids vector object that represents the property name, add the property name one by one:

Oids. addelement (x509name. C );

......

Oids. addelement (x509name. cn );

The x509name object contains several constants. For example, the above x509name. C. and x509name. St can all correspond to the above example.

Then, add the attribute value to the attributes object:

Attributes. addelement ("cn ");

......

Attributes. addelement ("Wolfenstein ");

Finally, we can construct an x509name object:

X509name subjectdn = new x509name (oids, attributes );

In this way, the subject name structure is established.

Next we can talk about the key part, that is, how to use Java programs to complete the most important ca functions and sign certificates.

To do ca, first prepare your certificate and private key. How to read the private key from the file. The code for reading the certificate from the file system is as follows:

Certificatefactory certcf = certificatefactory. getinstance ("X.509 ");
X509certificate cacert = certcf. generatecertificate (certbis );

Cerbis is an inputstream object. For example, an input stream formed by a standard x509v3 Certificate file.

The second step is to get the input from the user, and then construct the subject name structure DN. How to Construct the DN which has been said last time and how to obtain the input from the user is not covered in this article.

The next step is to obtain the user's public key and match it with the required certificate. there are also a lot of CA practices to generate a pair of key pairs for the user site here, and then put the public key in the certificate to sign the user. this depends on the actual needs to select the appropriate method.

Now that all information is ready, you can issue a certificate. The following code illustrates the process:

// Construct a certificate generator object

X509v3certificategenerator certgen = new x509v3certificategenerator ();

// Obtain the issuer's Subject name (DN) from the CA certificate)
// Here is a little trick. We need to define
// The object used to represent the DN x500principal is converted
// The corresponding object x509name in the BC provider
// Read the CA's DN from the CA certificate for DER encoding.
Derinputstream dnstream =
New derinputstream (
New bytearrayinputstream (
Cacert. getsubjectx500principal ().
Getencoded ()));
// Read the DER encoded object from the encoded byte stream immediately.
Derconstructedsequence dnsequence =
(Derconstructedsequence) dnstream. readobject ();
// Create an x509name using the read DER encoding object
// Object and set it to "issuer DN" in the certificate Generator"
Certgen. setissuerdn (New x509name (dnsequence ));
// Set "receiver DN" in the certificate Generator"
Certgen. setsubjectdn (subjectdn );
// Set some extension fields, including the issuer and
// Public key ID of the receiver
Certgen. addextension (x509extensions. subjectkeyidentifier, false,
Createsubjectkeyid (keytocertify ));
Certgen. addextension (x509extensions. authoritykeyidentifier, false,
Createauthoritykeyid (cacert. getpublickey ()));
// Set the certificate validity period and serial number
Certgen. setnotbefore (startdate );
Certgen. setnotafter (enddate );
Certgen. setserialnumber (serialnumber );
// Set the signature algorithm. In this example, the RSA after md5hash is used.
// Signature and set the public key of the subject
Certgen. setsignaturealgorithm ("md5withrsa ");
Certgen. setpublickey (keytocerkey );

// If everything above is normal, you can generate a certificate.
X509certificate Cert = NULL;
CERT = certgen. generatex509certificate (caprivatekey );

Here is the function used to generate the issuer's Public Key Identity:

Protected authoritykeyidentifier createauthoritykeyid (publickey pubkey)
{
Authoritykeyidentifier authkeyid = NULL;

Try
{
Bytearrayinputstream bin = new bytearrayinputstream (pubkey. getencoded ());
Subjectpublickeyinfo info = new subjectpublickeyinfo (
(Derconstructedsequence) New derinputstream (BIN). readobject ());
Authkeyid = new authoritykeyidentifier (Info );
}
Catch (ioexception E)
{
System. Err. println ("error generating subjectkeyidentifier:" +
E. tostring ());
System. Exit (1 );
}

Return authkeyid;
}

The function used to generate the primary public key identifier is similar to the above. Replace authoritykeyidentifier with subjectkeyidentifier.

Note that the CA Public Key is also in a certificate. This certificate features the same issuer DN as the receiver DN, that is, this certificate is a self-issued certificate by the CA, that is, a "self-signed certificate". The public key above it is the CA's own public key, the private key used for signature is the private key corresponding to the public key. generally, each CA must have such a certificate, unless the CA is not a Root CA, that is, its authority is not proved by itself, but by its superior ca. however, there is always a Root CA, Which is trusted by users of various security applications.

Here we have finished the basic functions of CA in Java. The following describes how to read user information from the PKCS #10 format certificate request file and then issue the Public Key directly.

How to implement a CA in Java is basically finished. however, they all have a feature that the user information is obtained on site and cannot be separated from the application and issue. now we want to talk about the PKCS #10 certificate request file. its function is to separate the application from the issue.

PKCS #10 the main information in the certificate request structure contains the subject name (DN) and its public key of the issuer (certificate applicant. therefore, after a ca obtains a PKCS #10 certificate request, it can obtain any information related to the certificate issuance and then issue the certificate with its own private key.

Use BC provider to construct a certificate request format object in Java and call its constructor. This function is as follows:

Pkcs10certificationrequest (Java. Lang. String signaturealgorithm, x509name subject, java. Security. publickey key, asn1set attributes, java. Security. privatekey signingkey)

Its parameters are self-Signed algorithms, certificate requester's DN, certificate requester's public key, additional attribute set (that is, the extended information of the certificate to be applied), and the requester's private key. the private key of the requester is only used for self-signature and does not appear in the certificate request. The purpose of Self-signature is to ensure that the public key is indeed owned by the applicant.

You can call the getencoded () method of the object to encode it by der and store it. The object also has another constructor:
Pkcs10certificationrequest (byte [] bytes)
The role of this constructor is to directly restore this object from the stored DER encoding.

The code for issuing a certificate using the certificate request structure is as follows. Here we assume that the CSR is a obtained pkcs10certificationrequest structure:

Publickey subjectpublickey = CSR. getpublickey ();
Certifrequrequestinfo csrinfo = CSR. getcertifrequrequestinfo ();
X509name subjectdn = csrinfo. getsubject ();
Asn1set attributes = csrinfo. getattributes ();

In this way, the applicant's subject DN, the applicant's public key, and the attributes that the applicant wants to fill in the certificate Extension Information are all the same as those entered by the user at the site, other information is generally not determined by the applicant. in addition, the same information in the certificate request format is not explicitly provided, that is, the validity period of the certificate. This should be separately asked to the user or saved in other ways.