SmartCardPKI

原文 http://code.google.com/p/seek-for-android/wiki/SmartCardPKI

 

SmartCardPKI  

Add smart card based PKI functionality

1 Introduction¶

1.1 Smart Card based PKI (Public Key Infrastructure)¶

PKI is the common way to authenticate a message sender or to encrypt/decrypt messages in a secure way. It is typically used by eMails (S/MIME), data encryption and secure authentication (VPN, SSL/TLS). It is based on public/private keys (typically RSA) and certificates, which bind a user identity to a public key.

PKI is based on the secrecy of the private key, so the private key is often stored on a smart card, where the smart card performs the cryptographic operations to avoid the risk that the private key can become public or copied in any way.

The most common API to access cryptographic smart card functions is the PKCS#11 interface, published by RSA Labs . It is used in Mozilla Firefox, Thunderbird and many other applications, e.g. PGP. Corresponding to the PKCS#11 interface, the PKCS#15 specification defines a file structure and description syntax for keys and certificates on the smart card.

1.2 OpenSC¶

OpenSC is a widely-used Open Source development, which provides a set of libraries and tools for accessing smart cards for management and cryptographic operations. It provides a PKCS#11 interface and already supports smart cards from different vendors. OpenSC provides smart card access according to the PKCS#15 standard. A good overview about OpenSC can be found here

1.3 Muscle Card Applet¶

The Muscle Card Applet is an Open Source Java Card applet, originally developed by the M.U.S.C.L.E project The Muscle Card applet can be loaded on smart cards with Java Card OS and allow to securely store keys and other objects, (e.g. certificates) on the smart card and use them for cryptographic functionality, like signature generation or decryption with RSA keys. The Muscle Card Applet is supported by OpenSC (http://www.opensc-project.org/opensc/wiki/MuscleApplet )

To provide PKI functionality on the Android OS, we use OpenSC with modifications for the Android platform. To store cryptographic keys on the smart card and perform cryptographic operations, we use the Muscle Card Applet for smart cards with Java Card OS.

2 Add PKI support with OpenSC to Android¶

2.1 Prerequisites¶

• Android 2.2 (froyo) sources with smart card related patches (see Building the system )
• Secure Element with Java Card OS in microSD format (e.g. G&D Mobile Security Card ), for using it on a real hardware device.
• Tool to load a Java Card applet onto the Secure Element (e.g. G&D JLoad for G&D Mobile Security Card )

From the download page get:

• OpenSC 0.11.13 package: external_opensc.tar.gz
• Patch for OpenSC for Android: opensc_android.patch
• Muscle Card Applet 0.9.12: MCardApplet-0912.tar.gz
• sample RSA key with certificate: azur1024bit_password_12345678.pfx

The system environment for porting the PKI functionality to the Android 2.2 (froyo) was an Ubuntu 10.04 with gcc 4.4.3.
As Secure Element a G&D Mobile Security Card and for loading the Java card applet, the G&D JLoad was used, provided within the G&D Mobile Security Developers Kit https://www.cardsolutions-shop.com/shop/gi-de/ .
As phone, there was a HTC Magic (Sapphire) used.

2.2 Add OpenSC to the froyo sources¶

To add the support for OpenSC to your froyo sources, you need to build your system with smart card support according to the description Building the system and additionally add the patches for OpenSC to your sources.

After you performed the step "Patching the source" as described in Building the system add the patches for OpenSC.

Apply the patches for OpenSC in the root directory of the froyo source then continue to build your system as described in Building the system

$ tar xvzf  external_opensc
.
tar
.
gz
$ patch 
-
p1 
<
 
<path_to_patch>
/
opensc_android
.
patch

Once the system was built successfully and flashed to the phone, there will be additional components available:

directory
:
 
/system/
bin
 opensc
-
tool 
(
command line utility 
for
 smart card operations
,
 e
.
g
.
 sending commands
)

 pkcs15
-
init 
(
command line utility to initialise a smart card 
with
 the PKCS
#15 structure)

 pkcs15
-
tool 
(
command line utility to explore
/
access PKCS
#15 file structure)

 pkcs11
-
tool 
(
command line utlity to access smart cards 
using
 a PKCS
#11 library, e.g. to perform a signature)

directory
:
 
/system/
lib
 opensc
-
pkcs11
.
so  
(
PKCS
#11 library)

 pkcs11
-
spy
.
so  
(
dummy PKCS
#11 library, when used, it logs all calls to the PKS#11 library for debugging purposes)

directory
:
 
/
etc
 opensc
.
conf  
(
OpenSC
 config file
)

 pkcs15
.
profile  
(.
profile files contain information about the file structure to create during initialisation of the smart card
)

 jcop
.
profile
 muscle
.
profile
 oberthur
.
profile
 cyberflex
.
profile

2.3 Load the Muscle Java Card Applet onto the smart card¶

Unpack the package containing the Muscle Card Applet.

tar xvzf 
MCardApplet
-
0912.tar
.
gz

The package contains the Muscle Java Card Applet 0.9.12, which consist of the sources of 0.9.11 and the Ant script from version 0.9.12 for easy compile and convert it. There is already a compiled and converted cap file added to the package, which can be directly loaded onto a smart card with Java Card OS. It is located in the following directory:

/MCardApplet/
GD
/
com
/
musclecard
/
CardEdge
/
javacard
/
CardEdge
.
cap

The Java card applet was converted using the Sun Java Card Development Kit 2.2.1, so there is no need to perform the compilation and conversion for the Muscle Java Card applet. Nevertheless it is possible to perform this steps, therefore a Sun JDK and the Sun Java Card Development Kit is required. If you compile and convert the Muscle Java Card Applet, you need to download the Sun Java Card Development Kit 2.2.1 from the internet (due to licensing conditions it is not included) and copy it to the directory /MCardApplet/depends/jc221 ). Then you can perform the compile/convert process for the applet by running Ant : ant <target> (e.g. "ant GD" ). The process is also described in the INSTALL file included in the package.

For loading the cap-File CardEdge.cap onto the smart card you need to use an appropriate tool, which is typically provided from the manufacturer of the smart card (e.g. G&D JLoad for the G&D Mobile Security Card ).

2.4 Use OpenSC on the phone¶

Once you have flashed your phone with the modified sources and inserted the secure element (e.g. G&D Mobile Security Card) in the device, the first step is to intialise the applet and the PKCS#15 structure on the applet, which sets the initial PIN values and creates all the data structures required.

Additionally there are further examples shown, how to use some of the functionality of the OpenSC Tools (e.g, import keys/certificates, create signature, logging of PKCS#11 calls). For a description of OpenSC Tools and its parameters refer to the OpenSC project http://www.opensc-project.org/opensc Calling the commandline tools without a parameter shows the parameters available.

2.4.1 Initialise Muscle Card Applet¶

To initialise the Muscle Card Applet there is required to send a proprietary command, setting the initial PIN values. Therefore you need to connect your Android phone to the computer and open a connection to the device with the Android adb tool. Then you can use the OpenSC opensc-tool utility to perform the initialisation of the JavaCard Applet.

$ adb shell

# cd /system/bin


# opensc-tool -s 00:A4:04:00:06:A0:00:00:00:01:01 -s B0:2A:00:00:38:08:4D:75:73:63:6C:65:30:30:10:10:08:31:32:33:34:35:36:37:38:08:31:32:33:34:35:36:37:38:10:10:08:31:32:33:34:35:36:37:38:08:31:32:33:34:35:36:37:38:00:00:10:00:00:00:00

The initial values of all PINs/passwords are set to "12345678"

A description of the initialisation command can be found here: http://www.opensc-project.org/opensc/wiki/MuscleApplet

2.4.2 Create PKCS#15 structure¶

To create the PKCS#15 structure on the smart card use the pkcs15-tool

# pkcs15-init -r 0 -C

During initalisation process you will be asked to enter the values for PINs/passwords. Further information to the pkcs15-init tool can be found here: CardPersonalisation

2.4.3 Dump PKCS#15 content on the card.¶

The pkcs15-tool allows to show the PKCS#15 content stored on the smart card. The content of the smart card can be listet by using the following command:

# pkcs15-tool --dump

2.4.4 Import a RSA key and certificate.¶

One way to put a key and certificate onto the smart card, is to import it from an encrypted PKCS#12 container. A sample PKCS#12 container file can be downloaded here: azur1024bit_password_12345678.pfx It contains a 1024 bit RSA key and a corresponding certificate for a dummy user named "azur". To import it into the smart card, you need to copy the file to the phone by using the adb push command. then you can import it with the pkcs15-init utility. The import process requires you to enter the password of the container file, which is "12345678" and the password of the smartcard you set during intialisation.

$ adb push azur1024bit_password_12345678
.
pfx 
/
data
$ adb shell

# cd /system/bin


# pkcs15-init -S /data/azur1024bit_password_12345678.pfx -f PKCS12 -a FF -i 10

2.4.5 Dump smart card content¶

After successful import of the key and certificate you can see the new objects by dumping the content of the smart card

# pkcs15-tool --dump

2.4.6 Perform a signature using the PKCS#11 library.¶

With the pkcs11-tool it is possible to perform cryptographic operations with the PKCS#11 library opensc-pkcs11.so . The PKCS#11 library is the standard interface typically used by applications (e.g. Firefox) to perform PKI functionality. Here we use the pkcs11-tool to generate a digital signature for a file. The signature is created by the smart card with the private key stored onto it.

Here we compute the digital signature for the file azur1024bit_password_12345678.pfx , but we can use any other file also. The result is stored in the output file. The output file created has a length of 128 Bytes and contains the digital signature computed by the smart card. (The signature has the same length as the Private key on the smart card, which is 1024 bit). As signature algorithm we use the SHA1-RSA-PKCS, which performs both, a SHA-1 hash and signature according to the RSA algorithm in one step.

# pkcs11-tool --sign --slot 0 -m SHA1-RSA-PKCS --input-file /data/azur1024bit_password_12345678.pfx --output-file /data/signature

2.4.7 Logging the PKCS#11 calls¶

To see the PKCS#11 calls sent to the PKCS#11 library it is possible to load the pkcs11-spy.so libary and log the calls before forwarding it to the real PKCS#11 library opensc-pkcs11.so .

In this example we call the digital signature operation as described before, but we explicitely load the pkcs11-spy.so library to log the PKCS#11 calls. With the environment variable PKCS11SPY we advise the pkcs11-spy.so library to forward the calls to the real PKCS#11 library opensc-pkcs11.so . This will display all the PKCS#11 calls including sensitive information like PIN values entered. This is useful for debugging with applications using the PKCS#11 interface.

# PKCS11SPY=/system/lib/opensc-pkcs11.so ./pkcs11-tool --module /system/lib/pkcs11-spy.so ./pkcs11-tool --sign --slot 0 -m SHA1-RSA-PKCS --input-file /data/azur1024bit_password_12345678.pfx --output-file /data/signature

3 Future Perspective¶

Standard PKCS#11 interface with smart card access is one step to standard PKI infrastructure on Android. It requires also standard applications, e.g. Browsers, eMail-Clients supporting this interface on Android.

Other PKI Open Source projects/developments that should be investigated:

• Firefox Browser for Android / "fennec" Project. Is there PKCS#11 Support like in Firefox available ?
• Java Interface/Wrapper for access of PKI functionality from Java Applications (e.g IAIK PKC#11 Wrapper).