[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] Client authentication - Meaning of the 3 args to getCertificate() method

The certificateTypes parameter of ClientTrustDecider´s getCertificate method denotes the types of certificates the server requests, in the server´s preference order.
Except for rsa_fixed_dh and dss_fixed_dh types, where the client certificate has to contain fixed DH parameters, all the other types indicate certificates that have signing capability and therefore require a CertificateVerify message.
So, for instance, rsa_sign only requests a certificate containing a RSA public key; and you don´t need a byte of the X509Certificate class to be compared againts the type byte (1a).
The differance between rsa_sign and rsa_fixed_dh is that rsa_sign requests a certificate with a RSA public key, whereas rsa_fixed_dh requies a certificate with DH parameters and therefore has no signing capability. rsa_ephemaral_dh and dss_ephemeral_dh denote certificates containing a public RSA/DSA (signing capability) key; the DH parameters are sent with a Client Key Exchange message.
2) Yes, the keyExchangeAlgorithm denotes the key exchange algorithm of the currently active cipherSuite set at the beginning of the handshake phase.
3) Principal[] certificateAuthorities denotes the subjectDNs
Dieter Bratko
-----Ursprüngliche Nachricht-----
Von: Sundar Krishnan
An: Dieter Bratko ; iaik-ssl@iaik.tu-graz.ac.at ; iaik-jce@iaik.tu-graz.ac.at
Gesendet: Samstag, 05. Juni 1999 12:45
Betreff: [iaik-jce] Client authentication - Meaning of the 3 args to getCertificate() method

Mr Dieter Bratko,

Thanks for your suggestions on how to create separate DER and PEM files
and for confirmation about PrivateKey vs PrivateKeyInfo.

I had also sent some queries earlier on the interpretation of the arguments
of the getCertificate() method for Client Authentication :
certificateTypes, certificateAuthorities and keyExchangeAlgorithm.
I have made those queries much shorter here.
Most important are 1-a and 1-b. 2 and 3 are just requests for confirmations.

Eagerly waiting for comments/confirmation on these.

We have to implement Client Authentication in our project. We therefore
seek clarifications mainly wrt getCertificate() method of

1) When coding for Client Authentication, I assume that we have to check
if each of the Client Certificates in the Chain matches with any of the
byte[]  certificateTypes sent by the Server in the getCertificate()

1-a) Which method in iaik.x509.X509Certificate
(or java.security.cert.X509Certificate or Certificate) will return a byte
which we can use to check for a match with one of the certificateTypes
in byte [] certificateTypes sent by the server ?

1-b) I would like to know the difference in the KeyEchangeAlgorithm part
of the CipherSuite for certificateTypes =  rsa_sign and dss_sign ( ????
in table below).

c) Pl let me know the difference between :
rsa_sign and rsa_fixed_dh
dss_sign and dss_fixed_dh

The table below is Table 1.3 of iSaSiLk 2.0 Final User Manual
superimposed with ClientTrustDecider constants.

Pl confirm if the foll is true :-
KeyExchange Algorithm                     ClientTrustDecider Constant byte

    DH_RSA/DH_RSA_EXPORT        rsa_fixed_dh                 = 3

    DHE_RSA/DHE_RSA_EXPORT    rsa_ephemeral_dh        = 5

    DH_DSS/DH_DSS_EXPORT        dss_fixed_dh                =  4

    DHE_DSS/DHE_DSS_EXPORT    dss_ephemeral_dh        = 6

    RSA_EXPORT   ????                      rsa_sign                       = 1

    DSS_EXPORT   ????                       dss_sign                      =  2

2) I earlier thought (wrongly) that keyExchangeAlgorithm is sent by the
Server as part of the CertificateRequest message. But after I went through
the SSL spec, I feel that the only purpose of providing that is to send
to the Server an appropriate Client certificate from a choice of
RSA, or DSA or DH certificates if there are all these types at the Client side.
However, if the we have just RSA type certificate, we do not have to do
anything with this argument, so it seems. Pl confirm this analysis,
and that this argument is NOT sent by the server. It is the negotiated
algorithm which the IAIK implementation adds as an argument
in the getCertificate() method. This implies that the Handshake protocol
betn the Client and the Server would have already arrived at the
negotiated keyExchangeAlgorithm before the Client (IAIK's implementation)
internally calls getCertificate(). Pl confirm/comment if i am wrong.

3) In getCertificate() method above, does the 2nd argument Principal[]
certificateAuthorities refer to IssuerDNs (or SubjectDNs?) of all
certificates in a chain of certificates ? ie, should we check if
getIssuerDN() (or getSubjectDN()?) of each certificate in the client
chain matches with any of the certificateAuthorities sent by the server ?

Thanks in advance

Sundar Krishnan