summaryrefslogtreecommitdiffstats
path: root/design
diff options
context:
space:
mode:
authord3llf <d3llf@hackerspace.pl>2017-02-05 17:15:28 +0100
committerd3llf <d3llf@hackerspace.pl>2017-02-05 17:15:28 +0100
commite44a25b64378eddbe5c0c402e8def082b2c65fa6 (patch)
treefc4e69c67fbfc5fa55b591cc2b8f0d47dab21a4c /design
parentf5c69eaf0b7359d0ce9be655d9fdce9212b57352 (diff)
downloadhs_pki-e44a25b64378eddbe5c0c402e8def082b2c65fa6.tar.gz
hs_pki-e44a25b64378eddbe5c0c402e8def082b2c65fa6.tar.bz2
hs_pki-e44a25b64378eddbe5c0c402e8def082b2c65fa6.tar.xz
hs_pki-e44a25b64378eddbe5c0c402e8def082b2c65fa6.zip
RootCA Init; Interesting external resources
Diffstat (limited to 'design')
-rw-r--r--design/hs_pki_architecture113
-rw-r--r--design/hs_pki_ldap6
-rw-r--r--design/hs_pki_policy2
-rw-r--r--design/hs_pki_templates43
-rw-r--r--design/hs_pki_uc33
-rw-r--r--design/hs_pki_uc+req62
6 files changed, 181 insertions, 78 deletions
diff --git a/design/hs_pki_architecture b/design/hs_pki_architecture
index 6931e94..1e928cb 100644
--- a/design/hs_pki_architecture
+++ b/design/hs_pki_architecture
@@ -50,13 +50,27 @@ Components:
- Monitor ICC (javacard + NXP)
Roles:
- - Root CA: Issue CA ceritifcates and KC certificates (at least N>2)
- - CA: Issues end-user/device certificates (N>2)
- - Key Custodian: PKI peptide control interface (N>2)
- - Key Custodian: CA KC performing action in ceremony.
+ - CA: Certificate Authority.
+ Issues end-user/device certificates (N>2)
+ CA is online, connected to infrastructure.
+
+ - Root CA: Issue CA ceritifcates and KC certificates (at least N>2).
+ Root CA is offline, airgapped device.
+
+ - AIA: Authority Information Access - CA certificates repo (ldap/https)
+
+ - CRL: Certificate Revocation List. List of certificates that CA issued
+ but must be revoked (i.e. compromised) before end of it's
+ lifetime.
+ - CDP: CRL distribution point.
+
+ - Key Custodian: PKI peptide control interface (N>2).
+
- Master of Ceremony: PKI meta-peptide control interface for CA ceremonies.
Should not be Key Custodian during ceremony. N=1
+
- Key Manager: Spin all this shit around.
+
- Auditor: Looking at others hands.
I Bootstrap
@@ -65,7 +79,7 @@ A KC cards
?> First 2 KCs generate their keys and CSR's on KC ICC using KC tools.
This can be done on their workstation, but doing it on Root CA will be more convinient.
-># KC init
+># kc init
<# Set PIN
># ****
<# PIN set
@@ -73,33 +87,82 @@ A KC cards
># cn=<username>,ou=pki,ou=Services,dc=hackerspace,dc=pl
<# KC ICC done
-<- KC1_ICC:KC1PK
-<- KC1.csr
-<- KC2_ICC:KC2PK
-<- KC2.csr
+<- KC1_ICC:KC1_sigPK #Used for issuing commands to CA/RootCA
+<- KC1_ICC:KC1_CAzmkPK #Used to protect backups of CA private keys
+<- KC1_sigPK.csr #Export to RootCA to get KC certificate
+<- KC1_zmkPK.csr #Export for CA to encrypt it's private keys
-B Root_CA_1
+<- KC2_ICC:KC2_sigPK #Same as above for KC2
+<- KC2_ICC:KC2_CAzmkPK
+<- KC2_sigPK.csr
+<- KC2_zmkPK.csr
+ ...
+<- KCN_ICC:KCN_sigPK #Same as above for KCN
+<- KCN_ICC:KCN_CAzmkPK
+<- KCN_sigPK.csr
+<- KCN_CAzmkPK.csr
- CA_N1
--> Key manager initiates self-generation of asymmetric crypto keys on 1st CA ICC and
- sets two initial KC:
+B Root_CA_N1
-># ca init -a KC1.csr -a KC2.csr
-<# CA
-
-<- CA_N1_ICC:CA_sigPK
-<- CA_N1_ICC:CA_srvPK
-<- CA_N1_ICC:CA_admPK
-<- CA_N1_InitCAsig.crt
-<- CA_N1_InitCAsrv.crt
-<- CA_N1_InitCAadm.crt
-<- CA1_KC1.crt
-<- CA1_KC2.crt
+-> Key manager initiates self-generation of asymmetric crypto keys on 1st CA ICC and
+ sets two (or more) initial KC's:
+
+># ca root init -kc KC1*.csr -kc KC2*.csr [-kc KCN*.csr]
+
+<- Root_CA_N1_ICC:RootCA_sigPK:pub #Will be used in CA cert but also for integrity
+<- Root_CA_N1_ICC:RootCA_sigPK:priv #Used for issuing CA and KC certificates
+<- Root_CA_N1_ICC:RootCA_KC_zmkPK:pub #Will be used by KC to send recovery share to CA
+<- Root_CA_N1_ICC:RootCA_KC_zmkPK:priv #Will be used by CA to decrypt share from KC
+
+
+<- (Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key) #Option: generate AES key for protection
+ # of CA signing key
+<- (Root_CA_N1_ICC:RootCA_sigPK:priv.encr.aes) #Option: Encrypt signing key with AES
+<- Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_1..N # Split signing key (or it's
+ # encryption key) into shares
+ # for each KC
+
+<- Root_CA_N1_sigPriv_SSSS_1_KC1_zmk.enc #Encrypt CA private key share1 with KC1
+ #encryption key
+
+<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_1 #Remove share1
+<- Root_CA_N1_sigPriv_SSSS_2_KC2_zmk.enc #Share2 for KC2
+<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_2 #Remove share2
+ ...
+<- Root_CA_N1_sigPriv_SSSS_N_KCN_zmk.enc #ShareN for KCN
+<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_N #Remove shareN
+
+<- Root_CA_N1_sigPriv_SSSS_1_KC1_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig
+<- Root_CA_N1_sigPriv_SSSS_2_KC2_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig
+ ...
+<- Root_CA_N1_sigPriv_SSSS_N_KCN_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig
+
+<- Root_CA_N1_sigPriv_SSSS_1_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc
+<- Root_CA_N1_sigPriv_SSSS_2_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc
+ ...
+<- Root_CA_N1_sigPriv_SSSS_N_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc
+
+<- Root_CA_N1_ICC:RootCA_KC1_encPK # CA encryption public key for KC to send
+ # their encrypted shares
+<- Root_CA_N1_KC1.kc.crt # KC1 certificate issued with Root_CA
+ # This will be used to issue commands to RootCA
+<- Root_CA_N1_KC2.kc.crt # Same as above for KC2 ...
+ ...
+<- Root_CA_N1_KCN.crt.kc # ... and KCN
+<- Root_CA_N1.crt # Issue self-signed certificate
+<- Root_CA_N1.csr # Issue CSR for root cross-signing
+<x Root_CA_N1_ICC:RootCA_sigPK:priv # Destroy signing private key
+
+===================================
+Root_CA_N1_ICC:
+ RootCA_sigPK:pub # Retain it or not?
+ RootCA_KC_zmkPK:priv # Decrypt CA signing private key shares from KC
+
C CA_N2
-> Key manager initiates key generation on 2nd CA ICC
-># ca
+># ca root init -ca
.B same as 1.A but on 2nd CA ICC and any further CA ICC
diff --git a/design/hs_pki_ldap b/design/hs_pki_ldap
index 16e8a3f..8b8c378 100644
--- a/design/hs_pki_ldap
+++ b/design/hs_pki_ldap
@@ -15,12 +15,6 @@ cn=CA1,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
cn=CA2,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
...
-# PKI KC certs store (rw for servers, ro for KC):
-cn=KC,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
-uid=enleth,cn=KC,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
-uid=cranix,cn=KC,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
-uid=q3k,cn=KC,cn=AIA,cn=PKI,ou=Services,dc=hackerspace,dc=pl
-
# CRL Distribution Points - each CA has its own
cn=CDP,cn=PKI,ou=Services,dc=hackerspace,dc=pl
cn=CA1,cn=CA1,cn=PKI,ou=Services,dc=hackerspace,dc=pl
diff --git a/design/hs_pki_policy b/design/hs_pki_policy
index b90e145..5f22b2c 100644
--- a/design/hs_pki_policy
+++ b/design/hs_pki_policy
@@ -1,3 +1,5 @@
+Serial numbers: sequence or *hash*?
+
Root CA cert valid for 6y
Root CA CRL valid for 14m
* need ceremony at least once per y to renew CRL
diff --git a/design/hs_pki_templates b/design/hs_pki_templates
index 3196fc6..b4f1f5d 100644
--- a/design/hs_pki_templates
+++ b/design/hs_pki_templates
@@ -1,19 +1,34 @@
-End user:
- End user split in:
- - soft stored certs
- - obfuscated certs
- - hardware secured certs
+Category depending on how keys are protected
+ - soft stored certs
+ - obfuscated certs
+ - hardware secured certs
+ - fips secured certs
- End user:
- - Client certs (auth)
- - E-mail certs (signing)
- - Encryption
+Usage:
+ - Signing
+ * Code
+ * E-Mails
+ * WS Requests / RPC / Messages
+ - Authentication
+ * TLS
+ * SSH(?)
- Device:
- - TLS certs (encr/auth)
- * server
- * client
- * server+client(?)
+ * Server
+ * Client
+ * Server + Client (?)
+
+ - Encryption
+ * Recovery
+
+Algos:
+ -Encrypt / auth: RSA, EC
+ -Integrity: SHA-1,SHA-2,SHA-3
+
+Network Zone:
+ - External (public certificates)
+ - DMZ
+ - Internal
+ - Core
All above should be issued per application or generally applications should
leverage main user certificate
diff --git a/design/hs_pki_uc b/design/hs_pki_uc
deleted file mode 100644
index 7a40901..0000000
--- a/design/hs_pki_uc
+++ /dev/null
@@ -1,33 +0,0 @@
-UC1. Bootstraping itself
-UC2. Issuing new certificates
-UC2.1 Key Generation + Archival
-UC2.2 Signing external CRL's
-UC3. Revoking existing keys (CRL)
-UC3.1 Renewing CRL (no need of KC interaction if there was no additional certs)
-UC3.2? DeltaCRL
-UC4. Monitoring
-UC5. Backup
-UC5.1 Backup verification
-UC6 High availability (cluster)
-UC6.1 Adding/decomissioning new Root CA node to PKI cluster
-UC6.2 Adding/decomissioning new CA node to PKI cluster
-UC6.3 Adding/decomissioning new Monitor
-UC7 RA
-UC7.1 RA notifies KC on new requests (ra@pki.hackerspace.pl?)
-UC Agent(?) to request/renew certificates from end device
-UC ICC deployment agent (for issuing member cards)
-UC Renewing member certificate / lost password (other 2 members is enough,
- no KC need to be involved)
-UC ICC for servers (how to secure?)
-UC Agent(?) to fetch CRL
-UC Enrollment agent for stupid devices (ansible/salt)
-
-
-SR1. CA Private key is never under control of single user or device (SPOF)
-SR2. Low level verification if CA is issuing only end-user certificates
-SR2.1 Policy constraints with certificate depth for CA
-SR3. Auditing
-SR3.1 Non repudative audit log (merkle trees)
-SR4 Adding new KC
-SR4.1 Revoking KC
-SR5 Mass revoke/renew certificates
diff --git a/design/hs_pki_uc+req b/design/hs_pki_uc+req
new file mode 100644
index 0000000..b96031d
--- /dev/null
+++ b/design/hs_pki_uc+req
@@ -0,0 +1,62 @@
+UC1. Bootstraping itself
+UC2. Issuing new certificates
+UC2.1 Key Generation + Archival (encryption certs)
+UC2.2 Signing external CRL's
+UC2.3 End user certificates
+UC2.4 Applications
+UC2.4.1 Device certificates
+UC2.4.1.1 Servers
+UC2.4.1.1.1 Linux
+UC2.4.1.1.2 Hypervisors
+UC2.4.1.1.2.1 Kubernetes
+UC2.4.1.1.2.1.1 POD
+UC2.4.1.2 Network devices
+UC2.4.1.3 HS Access
+UC2.4.2 Dedicated user certificates (if main user certificate is not suitable)
+UC2.4.3 Other certificates (?)
+UC2.5 Certificate templates
+UC2.5.1 Device certificate templates
+UC2.5.2 End user certificate templates (US CAC format preferred)
+UC2.5.3 Other certificates (?)
+UC3. Revoking existing keys (CRL)
+UC3.1 Renewing CRL (no need of KC interaction if there was no additional certs)
+UC3.2? DeltaCRL
+UC4. Monitoring
+UC5. Backup
+UC5.1 Backup verification
+UC5.2 Backup of encryption certificates
+UC6 High availability (cluster)
+UC6.1 Adding/decomissioning new Root CA node to PKI cluster
+UC6.2 Adding/decomissioning new CA node to PKI cluster
+UC6.3 Adding/decomissioning new Monitor
+UC7 RA
+UC7.1 RA notifies KC on new requests (ra@pki.hackerspace.pl?)
+UC8 Enrollment
+UC8.1 Agent(?) to request/renew certificates from end device (a'la certbot)
+UC8.2 ICC deployment agent
+UC8.2.1 for member cards
+UC8.2.2 for devices
+UC8.2.2.1 support device migration between hosts
+UC8.2.3 Enrollment agent for stupid devices (ansible/salt)
+UC8.3 Manage certificates issued by external CA
+UC8.3.1 Notify about expiry
+UC8.3.2 Manage renewal (if possible) & redeploy (letsencrypt)
+UC9 Certificate renewal
+UC9.1 Renewing member certificate / lost password (other 2 members is enough,
+ no KC need to be involved)
+UC9.2 Plain renewal - use plain cert authentication, to ask for renewal
+UC9.2.1 Consider signing / encryption certs without auth extensions
+UC10 Agent(?) to fetch CRL
+UC11 List of all certificates
+UC11.1 Certificate status from whole infrastructure on demand
+UC12 Support for PKCS#11 interface
+
+SR1. CA Private key is never under control of single user or device (SPOF)
+SR2. Low level verification if CA is issuing only end-user certificates
+SR2.1 Policy constraints with certificate depth for CA
+SR3. Auditing
+SR3.1 Non repudative audit log (merkle trees with pbkdf2)
+SR3.2 COINKS?
+SR4 Adding new KC
+SR4.1 Revoking KC
+SR5 Mass revoke/renew certificates