理解SSL信任策略

huangapple go评论90阅读模式
英文:

Understanding the SSL Trust Strategy

问题

以下是翻译好的部分:

我正在尝试理解在方法loadTrustMaterial中应该采用什么样的TrustStrategy

public SSLContextBuilder loadTrustMaterial(KeyStore truststore,
                                          TrustStrategy trustStrategy)
                                            throws NoSuchAlgorithmException,
                                                   KeyStoreException

我找到了四个不同的示例,我非常想知道这四个示例之间的区别,因为描述太少,很难理解它们之间的差异/用途/优缺点。

以下是这四个不同的代码示例:

TrustStrategy:这似乎是在此处重写了标准的JSSE证书验证过程,但它始终返回true,那么它是否也会信任无效的证书呢?

TrustStrategy trustStrategy = new TrustStrategy() {
    @Override
    public boolean isTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException {
        return true;
    }
};
SSLContextBuilder sslContextBuilder = SSLContexts.custom()
    .loadTrustMaterial(trustStore, trustStrategy);

NULL:我们没有提供任何策略,那么它会做什么?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, null);

TrustAllStrategy:它会信任所有已签名的证书,那么这样安全吗?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, new TrustAllStrategy());

TrustSelfSignedStrategy:这与TrustAllStrategy之间有什么区别?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());

请帮助我理解这四个示例版本之间的区别,谢谢!

英文:

I am trying to understand what TrustStrategy is to adopt for the method loadTrustMaterial.

 public SSLContextBuilder loadTrustMaterial(KeyStore truststore,
                                  TrustStrategy trustStrategy)
                                    throws NoSuchAlgorithmException,
                                           KeyStoreException

I found four different examples and I am very curious to know the difference between these four as the description is too little to understand the differences/usages/advantages/disadvantages.

Here are the four different code examples:

TrustStrategy: This seems like here we are overriding the standard JSSE certificate verification process but it always returning true so does it trust invalid certificates too?

TrustStrategy trustStrategy = new TrustStrategy() {
	@Override
	public boolean isTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException {
	    return true;
	}
	};
SSLContextBuilder sslContextBuilder = SSLContexts.custom()
    .loadTrustMaterial(trustStore, trustStrategy);

NULL: We are NOT giving any Strategy so what it will do?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, null);

TrustAllStrategy: It will trust all singed certificate so is that secure though?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, new TrustAllStrategy());

TrustSelfSignedStrategy: What is the difference between this and TrustAllStrategy?

SSLContextBuilder sslContextBuilder = SSLContexts.custom()
                            .loadTrustMaterial(trustStore, new TrustSelfSignedStrategy());

Help me to understand the difference between these four versions of the example, please? Thanks in Advance.

答案1

得分: 8

首先,强烈不建议信任所有证书。最好是将证书添加到信任存储中。

TrustStrategy 是一个接口,由一些类型实现。

这里的所有方法都来自于 Apache 的 httpclient - 第一个方法(覆盖 isTrusted 方法)与 TrustAllStrategy 几乎相同,只是创建了一个自定义的 TrustStrategy 实例,您可以在其中定义自己的方法来确定是否信任证书。

在这里查看 TrustAllStrategy 的源代码:

public class TrustAllStrategy implements TrustStrategy {

    public static final TrustAllStrategy INSTANCE = new TrustAllStrategy();

    @Override
    public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
        return true;
    }
}

TrustStrategy 设置为 null 将导致没有任何 TrustManager

public SSLContextBuilder loadTrustMaterial(
        final KeyStore truststore,
        final TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyStoreException {
    final TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
            trustManagerFactoryAlgorithm == null ? TrustManagerFactory.getDefaultAlgorithm()
                    : trustManagerFactoryAlgorithm);
    tmfactory.init(truststore);
    final TrustManager[] tms = tmfactory.getTrustManagers();
    if (tms != null) {
        if (trustStrategy != null) {
            for (int i = 0; i < tms.length; i++) {
                final TrustManager tm = tms[i];
                if (tm instanceof X509TrustManager) {
                    tms[i] = new TrustManagerDelegate(
                            (X509TrustManager) tm, trustStrategy);
                }
            }
        }
        for (final TrustManager tm : tms) {
            this.trustManagers.add(tm);
        }
    }
    return this;
}

TrustSelfSignedStrategy 的工作原理如下:

@Override
public boolean isTrusted(
        final X509Certificate[] chain, final String authType) throws CertificateException {
    return chain.length == 1;
}

自签名证书是由证书的目标颁发的。在许多应用程序中,默认生成此类证书,并且通常用于内部网络。

英文:

First of all, trusting all certificates is highly discouraged. Rather add the certificates to the truststore.

The TrustStategy is an interface, implemented by some types.

All these methods here are from the apache httpclient - the first one (overriding the isTrusted method) is more or less equal to the TrustAllStrategy and just creating a custom instance of a TrustStrategy where you could define your own way to determine whether a certificate is trusted or not.

See the sourcecode of the TrustAllStrategy here:

public class TrustAllStrategy implements TrustStrategy {

    public static final TrustAllStrategy INSTANCE = new TrustAllStrategy();

    @Override
    public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
        return true;
    }

Setting the TrustStrategy to null will result in not having any TrustManager:

   public SSLContextBuilder loadTrustMaterial(
            final KeyStore truststore,
            final TrustStrategy trustStrategy) throws NoSuchAlgorithmException, KeyStoreException {
        final TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(
                trustManagerFactoryAlgorithm == null ? TrustManagerFactory.getDefaultAlgorithm()
                        : trustManagerFactoryAlgorithm);
        tmfactory.init(truststore);
        final TrustManager[] tms = tmfactory.getTrustManagers();
        if (tms != null) {
            if (trustStrategy != null) {
                for (int i = 0; i < tms.length; i++) {
                    final TrustManager tm = tms[i];
                    if (tm instanceof X509TrustManager) {
                        tms[i] = new TrustManagerDelegate(
                                (X509TrustManager) tm, trustStrategy);
                    }
                }
            }
            for (final TrustManager tm : tms) {
                this.trustManagers.add(tm);
            }
        }
        return this;
    }

The TrustSelfSignedStrategy works as follows:

@Override
public boolean isTrusted(
        final X509Certificate[] chain, final String authType) throws CertificateException {
    return chain.length == 1;
}

A self singed certificate is issued by the target of the certificate. It's generated by default in many applications and often used for intranet purposes.

huangapple
  • 本文由 发表于 2020年4月6日 16:58:15
  • 转载请务必保留本文链接:https://go.coder-hub.com/61056194.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定