PQC 工具包设置指南

引言

DigiCert 的后量子加密 (PQC) 工具包包含创建混合 TLS 证书所需的一切信息。该混合证书结合使用后量子加密算法和传统加密算法。这使得您能够测试部署后量子混合 TLS 证书的可行性,并保持向后兼容性。

对于第一个迭代,后量子加密算法与椭圆曲线加密算法配对。

该设置指南向您介绍如何使用 DigiCert PQC 工具包执行以下任务:

  • 对 OpenSSL 源文件应用 ISARA PQC 补丁。
  • 编译您修改的 OpenSSL 程序。
  • 生成后量子加密密钥。
  • 创建完整的混合证书链,包括根证书、中间证书和服务器证书。
  • 使用 OpenSSL 的 s_servers_client 实用工具测试证书。

DigiCert PQC 工具包可供所有 Secure Site Pro 客户下载。了解有关每个 Secure Site Pro 证书所含项目的更多信息

PQC 工具包内容

DigiCert PQC 工具包包含以下文件:

  • ISARA Catalyst OpenSSL Connector
  • 修改的 openssl.cfg
  • 证书配置文件
  • 示例混合证书链

先决条件

在使用此指南之前,请确保满足以下先决条件:

  • 访问 DigiCert PQC 工具包资源文件的权限
  • 64 位 Ubuntu 16.04 或更高版本(本指南使用 Ubuntu 18.04 LTS 编写)
  • 具有 sudo 访问权限的非根用户

做好环境准备

在下载任何补丁文件之前,请做好环境准备。

首先,安装必需的依赖项和工具。

bash
sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get -y install libssl-dev
sudo apt-get -y install curl unzip make cmake gcc wget zlib1g-dev libjansson-dev

接下来,创建要将源文件和工具包资源下载到其中并进行编译的目录结构。

bash
mkdir -p /app/digicert-pqc/connector
mkdir -p /app/digicert-pqc/certs/configs
mkdir /app/resources

下载并提取工具包

现在可以下载 DigiCert PQC 工具包并提取其内容。

现在 PQC 工具包

  1. 登录 CertCentral 帐户。

  2. 在侧栏菜单中,单击证书 > 订单

  3. 在“订单”页面上找到您的 Secure Site Pro 证书订单并单击其订单编号。

  4. 在证书的订单详细信息页上,单击 PQC 工具包

  5. 在“后量子加密 (PQC)”页上,单击下载 ISARA PQC 工具包并将工具包保存到 /app/resources 目录。

提取 PQC 工具包文件

接下来,从工具包提取内容。

bash
cd /app/resources
unzip ./digicert-pqc-toolkit_2019-07-26.zip

PQC 工具包包含 ISARA OpenSSL Connector 存档。将其提取到 /app/digicert-pqc/connector

bash
cd /app/digicert-pqc/connector
tar xzvf /app/resources/digicert-pqc-toolkit_2019-07-26/openssl_connector-Linux-2019-05-27.tgz

修补和编译 OpenSSL

设置环境并提取所有文件后,修补和编译 OpenSSL。

首先,将 OpenSSL 版本 1.0.2r 下载到 /app/resources 目录。

bash
cd /app/resources
wget https://www.openssl.org/source/old/1.0.2/openssl-1.0.2r.tar.gz

接下来,将源文件提取到 /app/digicert-pqc 目录。

bash
cd /app/digicert-pqc
tar xzvf /app/resources/openssl-1.0.2r.tar.gz

现在,将 ISARA OpenSSL 补丁应用到提取的源文件。这会对 OpenSSL 进行所有必要的修改,以生成并解释量子安全的加密算法。

bash
cd openssl-1.0.2r/
patch -p2 < ../connector/OpenSSL_1_0_2r_ISARA.patch

修补完成后,将现有的 openssl.cfg 文件替换为工具包中的修改版本。修改后的配置文件包含指向 ISARA OpenSSL IQREngine 的动态引擎入口 (/app/digicert-pqc/connector/lib)。

bash
cp /app/resources/digicert-pqc-toolkit_2019-07-26/openssl.cnf ./apps

由于您创建的是共享 OpenSSL 库,因此您需配置非标准路径后,才能编译源文件。

bash
./config --prefix=/app/digicert-pqc/pqpki-openssl-1.0.2r --openssldir=/app/digicert-pqc/pqpki-openssl-1.0.2r shared

现在,依次执行下面的每一个命令,以编译修改后的源文件。

bash
make depend
make all
make test
sudo make install

成功编译修改后的 OpenSSL 源文件后,使用 LD_LIBRARY_PATH 变量指定两个动态库位置。这将告知您的系统在哪里可以找到两个修改后的 OpenSSL 共享库以及用于处理量子安全的加密算法的 ISARA PQC 引擎。

bash
export LD_LIBRARY_PATH=/app/digicert-pqc/pqpki-openssl-1.0.2r:/app/digicert-pqc/connector/lib

如果系统已经使用了 LD_LIBRARY_PATH 变量,您可以将 :$LD_LIBRARY_PATH 追加到上面的命令以非破坏性地添加新路径。

创建混合证书链

现在,您拥有可以生成和解码量子安全的加密算法的 OpenSSL 程序。您可以创建完整的混合证书链(根证书、中间证书和服务器证书),以便测试其功能。

首先,将包括在 PQC 工具包的证书配置文件复制到 /app/digicert-pqc/certs 目录。这些配置文件包含生成每个证书请求和证书所需的一切必要信息。

bash
cd /app/digicert-pqc/certs
cp /app/resources/certificates/root_req.cfg ./configs
cp /app/resources/certificates/intermediate_req.cfg ./configs
cp /app/resources/certificates/server_req.cfg ./configs

接下来,为证书链中的每个证书生成量子安全的私钥,确保使用修改的 OpenSSL 程序和 IQREngine。

根证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl genpkey -engine IQREngine -algorithm xmss -pkeyopt tree_height:10 -pkeyopt strategy:cpu_constrained -pkeyopt state_filename:xmss_catalyst_mixed_chain_root_private_key_state.bin -out xmss_catalyst_mixed_chain_root_private_key.pem

中间证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl genpkey -engine IQREngine -algorithm dilithium -pkeyopt parameter_set:A -out dilithium_catalyst_mixed_chain_intermediate_private_key.pem

服务器证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl genpkey -engine IQREngine -algorithm rainbow -pkeyopt parameter_set:A -out rainbow_catalyst_mixed_chain_private_key.pem

生成每个证书的私钥后,提取其公钥。

根证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl pkey -engine IQREngine -in xmss_catalyst_mixed_chain_root_private_key.pem -pubout -out xmss_catalyst_mixed_chain_root_public_key.pem

中间证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl pkey -engine IQREngine -in dilithium_catalyst_mixed_chain_intermediate_private_key.pem -pubout -out dilithium_catalyst_mixed_chain_intermediate_public_key.pem

服务器证书:

bash
/app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl pkey -engine IQREngine -in rainbow_catalyst_mixed_chain_private_key.pem -pubout -out rainbow_catalyst_mixed_chain_public_key.pem

要确认是否正确创建了所有内容,请执行 ls 命令。如果成功,应该可以看到如下输出:

bash
configs
dilithium_catalyst_mixed_chain_intermediate_private_key.pem
dilithium_catalyst_mixed_chain_intermediate_public_key.pem
dilithium_ecdsa_x509_catalyst_mixed_chain_intermediate_certificate.pem
dilithium_ecdsa_x509_catalyst_mixed_chain_intermediate_req.pem
ecdsa_catalyst_mixed_chain_parameters.pem
ecdsa_without_dilithium_catalyst_mixed_chain_intermediate_private_key.pem
ecdsa_without_dilithium_x509_catalyst_mixed_chain_intermediate_certificate.pem
ecdsa_without_dilithium_x509_catalyst_mixed_chain_intermediate_req.pem
ecdsa_without_rainbow_catalyst_mixed_chain_private_key.pem
ecdsa_without_rainbow_x509_catalyst_mixed_chain_certificate.pem
ecdsa_without_rainbow_x509_catalyst_mixed_chain_req.pem
ecdsa_without_xmss_catalyst_mixed_chain_root_private_key.pem
ecdsa_without_xmss_x509_catalyst_mixed_chain_root_certificate.pem
ecdsa_without_xmss_x509_catalyst_mixed_chain_root_req.pem
rainbow_catalyst_mixed_chain_private_key.pem
rainbow_catalyst_mixed_chain_public_key.pem
rainbow_ecdsa_x509_catalyst_mixed_chain_server_certificate.pem
rainbow_ecdsa_x509_catalyst_mixed_chain_server_req.pem
xmss_catalyst_mixed_chain_root_private_key.pem
xmss_catalyst_mixed_chain_root_private_key_state.bin
xmss_catalyst_mixed_chain_root_public_key.pem
xmss_ecdsa_x509_catalyst_mixed_chain_root_certificate.pem

测试证书链

要测试量子安全的混合证书链,请使用 OpenSSL 的 s_servers_client 实用工具。要同时使用两个实用工具,请打开两个终端会话:一个用于服务器,另一个用于客户端。

首先,将服务器证书的 CN 值添加到主机文件。

bash
echo "$(hostname -I) digicert.pqc" | sudo tee -a /etc/hosts

接下来,确保进入 /app/digicert-pqc/certs 目录。

bash
cd /app/digicert-pqc/certs

然后在其中一个打开的终端中启动服务器。

bash
env LD_LIBRARY_PATH=/app/digicert-pqc/pqpki-openssl-1.0.2r:/app/digicert-pqc/connector/lib /app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl s_server -engine IQREngine -cert dilithium_ecdsa_x509_catalyst_mixed_chain_intermediate_certificate.pem -certform PEM -key dilithium_catalyst_mixed_chain_intermediate_private_key.pem -keyform PEM -debug -tls1_2

执行上述命令后,应该可以看到此输出:

bash
engine "IQREngine" set.
Using default temp DH parameters
ACCEPT

接下来,切换到另外一个终端窗口,确保进入 /app/digicert-pqc/certs 目录。

bash
cd /app/digicert-pqc/certs

然后使用 s_client 实用工具连接正在运行的服务器。

bash
env LD_LIBRARY_PATH=/app/digicert-pqc/pqpki-openssl-1.0.2r:/app/digicert-pqc/connector/lib /app/digicert-pqc/pqpki-openssl-1.0.2r/bin/openssl s_client -engine IQREngine -CAfile xmss_ecdsa_x509_catalyst_mixed_chain_root_certificate.pem -showcerts -tls1_2 -cipher 'ECDHE-NHDH-DILM-AES256-GCM-SHA384'

如果全部配置正确,在运行 s_client 实用工具的终端窗口中应该可以看到此输出:

bash
engine "IQREngine" set.
CONNECTED(00000003)
depth=1 C = US, ST = Utah, L = Lehi, O = "DigiCert, Inc.", OU = DigiCert PQC, CN = DigiCert PQC Root
verify return:1
depth=0 C = US, ST = Utah, L = Lehi, O = "DigiCert, Inc.", OU = DigiCert PQC, CN = DigiCert PQC Test Intermediate CA
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Utah/L=Lehi/O=DigiCert, Inc./OU=DigiCert PQC/CN=DigiCert PQC Test Intermediate CA
   i:/C=US/ST=Utah/L=Lehi/O=DigiCert, Inc./OU=DigiCert PQC/CN=DigiCert PQC Root
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
---
Server certificate
subject=/C=US/ST=Utah/L=Lehi/O=DigiCert, Inc./OU=DigiCert PQC/CN=DigiCert PQC Test Intermediate CA
issuer=/C=US/ST=Utah/L=Lehi/O=DigiCert, Inc./OU=DigiCert PQC/CN=DigiCert PQC Root
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 9868 bytes and written 2331 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-NHDH-DILM-AES256-GCM-SHA384
Server public key is 521 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-NHDH-DILM-AES256-GCM-SHA384
    Session-ID: {{Session-ID}}
    Session-ID-ctx: 
    Master-Key: {{Master-Key}}
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    [...]


    Start Time: 1563994600
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

在运行 s_server 实用工具的终端窗口中应该可以看到此输出:

bash
read from 0x5581e0750b80 [0x5581e07656f3] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 96                                    .....
read from 0x5581e0750b80 [0x5581e07656f8] (150 bytes => 150 (0x96))
0000 - 01 00 00 92 03 03 d9 c0-5a 73 35 d0 4e f2 31 f6   ........Zs5.N.1.
[...]
write to 0x5581e0750b80 [0x5581e076e100] (71 bytes => 71 (0x47))
0000 - 16 03 03 00 42 02 00 00-3e 03 03 c2 3b df 2f 01   ....B...>...;./.
[...]
write to 0x5581e0750b80 [0x5581e0769c43] (4953 bytes => 4953 (0x1359))
0000 - 16 03 03 13 54 0b 00 13-50 00 13 4d 00 13 4a 30   ....T...P..M..J0
[...]
write to 0x5581e0750b80 [0x5581e0769c43] (4609 bytes => 4609 (0x1201))
0000 - 16 03 03 11 fc 0c 00 11-f8 03 00 17 41 04 0d 97   ............A...
[...]
write to 0x5581e0750b80 [0x5581e076e100] (9 bytes => 9 (0x9))
0000 - 16 03 03 00 04 0e 00 00-00                        .........
read from 0x5581e0750b80 [0x5581e07656f3] (5 bytes => 5 (0x5))
0000 - 16 03 03 08 48                                    ....H
read from 0x5581e0750b80 [0x5581e07656f8] (2120 bytes => 2120 (0x848))
0000 - 10 00 08 44 41 04 29 0a-07 84 0c f3 a4 e4 3e d1   ...DA.).......>.
[...]
read from 0x5581e0750b80 [0x5581e07656f3] (5 bytes => 5 (0x5))
0000 - 14 03 03 00 01                                    .....
read from 0x5581e0750b80 [0x5581e07656f8] (1 bytes => 1 (0x1))
0000 - 01                                                .
read from 0x5581e0750b80 [0x5581e07656f3] (5 bytes => 5 (0x5))
0000 - 16 03 03 00 28                                    ....(
read from 0x5581e0750b80 [0x5581e07656f8] (40 bytes => 40 (0x28))
0000 - e1 d7 30 8b 12 ef d1 dc-31 90 97 d0 0e 54 9c aa   ..0.....1....T..
[...]
write to 0x5581e0750b80 [0x5581e076e100] (175 bytes => 175 (0xAF))
0000 - 16 03 03 00 aa 04 00 00-a6 00 00 1c 20 00 a0 02   ............ ...
[...]
write to 0x5581e0750b80 [0x5581e076e100] (6 bytes => 6 (0x6))
0000 - 14 03 03 00 01 01                                 ......
write to 0x5581e0750b80 [0x5581e076e100] (45 bytes => 45 (0x2D))
0000 - 16 03 03 00 28 d0 99 97-94 6d a1 5c f8 b0 c0 65   ....(....m.\...e
[...]
-----BEGIN SSL SESSION PARAMETERS-----
[...]
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-NHDH-DILM-AES256-GCM-SHA384:ECDHE-NHDH-SIDH-DILM-AES256-GCM-SHA384
Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1:HSS+SHA512:XMSS+SHA512:XMSSmt+SHA512:DILITHIUM+SHA512:DILITHIUM+SHA512:0xE0+SHA512
Shared Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1:HSS+SHA512:DILITHIUM+SHA512:DILITHIUM+SHA512
Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Supported Elliptic Curves: P-256:P-521:brainpoolP512r1:brainpoolP384r1:P-384:brainpoolP256r1:secp256k1:B-571:K-571:K-409:B-409:K-283:B-283:0xFE01
Shared Elliptic curves: P-256:P-521:brainpoolP512r1:brainpoolP384r1:P-384:brainpoolP256r1:secp256k1:B-571:K-571:K-409:B-409:K-283:B-283:UNDEF
CIPHER is ECDHE-NHDH-DILM-AES256-GCM-SHA384
Secure Renegotiation IS supported

恭喜!您已使用 DigiCert 的 PQC 工具包和 ISARA Catalyst OpenSSL Connector 引擎成功创建量子安全的混合证书链。