Versions Compared

Old Version 8

changes.mady.by.user Kim Christensen

Saved on

compared with

New Version 9

changes.mady.by.user Kim Christensen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Excerpt

To ensure messages are transmitted untampered signature based authentication is used.

Authentication

The process of authentication have two purposes:

  1. To ensure that the message was sent by someone allowed to do so, and
  2. To establish that the message was not tampered with

To authenticate a message a signature is required and a the set of trusted certificates. The former is described in the following section, the later is obtained from RepositorySettings as certificates having either an OperationPermission or the InfrastructurePermission MessageSigner

Components participating in a Bit Repository where RequireMessageAuthentication in RepositorySettings have been set to true is required to:

  1. Sign any message that they send
  2. Authenticate any message that they receive. If a message cannot be authenticated either due to missing signature or because it has been tampered with, the message should be disregarded and an Alarm sent

Signing messages

All messages in the system must be signed to ensure that the senders of the messages are who they claim they are and that the messages have not been tampered with.

Because messages are exchanged encapsulated in XML, there are two well defined ways to handle signing of the messages. One is XML Signatures, the other - and somewhat simpler - is Cryptographic Message Syntax - also known as PKCS#7. As one of the objectives is to prevent message tampering, there is no need for the granularity of XML Signatures. Therefore Cryptographic Message Syntax - or CMS for short - is chosen for signing and optionally encrypting messages. The identity of the signer is embedded in the public certificate

...

The message signature is calculated on the message xml interpreted as a utf-8-encoded byte stream and transmitted, base 64-encoded, in the message header org.bitrepository.messages.signature

Signature generation and verification

...

  • message is a file with the message to create a signature for
  • new.sig is a file containing the signature (binary data, not base64 encoded)
  • cert.pem is a file containing the signers certificate (ID of the certificate used for signing can be extracted from the signature it self. This can be used to obtain the signing certificate from the components trust). 

User and role modelling

...


Child pages (Children Display)
depth3
styleh3
excerpttrue
excerptTypesimple