Project

General

Profile

PublicKey Info Base » History » Version 62

Yingdi Yu, 07/21/2014 03:26 PM

1 1 Yingdi Yu
Public key Info Base (PIB) Service
2
==================================
3
4
## Public Key Info Management 
5
6
NDN data packets are secured through digital signatures.
7 2 Yingdi Yu
In order to generate a valid signature, an NDN application needs to know not only the correct key to use but also the correct public key information that should be put into the `KeyLocator` of a data packet. 
8
The information needs to be managed locally on the system where the application is running.
9
10
The information related to keys is managed at three granularities: identities, keys, and certificates. 
11
A key is always associated with a namespace, called "identity".
12 4 Yingdi Yu
An identity however may have more than one keys.
13
Each key is named as `/<Identity>/[KeyId]`. 
14
The `KeyId` uniquely identifies a key which belongs to the `Identity`.
15 2 Yingdi Yu
Among these keys, only one is the default key of the identity.
16
If only identity is provided when signing a packet, the default key of the identity will be used to sign the packet.
17
18
A certificate is always associated with the key in the certificate
19
If a certificate is provided when signing a packet, the corresponding private key should be used to sign the packet 
20
and the name of the certificate name may be put into the `KeyLocator` of the packet.
21
22
A key may have more than one certificates (e.g., certificates may be issued by different parties).
23
Among these certificates, only one is the default certificate of the key.
24
The default certificate of the default key of an identity is the default certificate of the identity.
25
If only identity is provided when signing a packet, the name of the default certificate of the identity may be put into the `KeyLocator` of the packet.
26
27 3 Yingdi Yu
All the information above may be accessed by different APIs and applications on the same system, 
28
therefore it is desirable to make the information provisioning as a system service. 
29 1 Yingdi Yu
30 3 Yingdi Yu
Since public keys and certificates are supposed to be publicly available, 
31
the service also serves as a local storage of certificate and public keys, 
32
besides providing the public key related information.
33 1 Yingdi Yu
34 3 Yingdi Yu
## PIB management model
35 1 Yingdi Yu
36 3 Yingdi Yu
The public key information of each system user is managed separately in PIB.
37
For now, PIB service is a system service (i.e., run by root).
38
PIB service may be separated into several user services (i.e., run by each user) in the future.
39 1 Yingdi Yu
40 3 Yingdi Yu
Each user has three tables in PIB: identity table, key table, and certificate table.
41 1 Yingdi Yu
The public key information of a user is managed in these tables.
42 4 Yingdi Yu
Identity table consists of two columns: `identity` (primary key) and `default_key_id`.
43 16 Yingdi Yu
Identity table schema:
44
45 17 Yingdi Yu
    User_[UserName]_ID(
46 16 Yingdi Yu
        identity             BLOB NOT NULL,        
47
        default_key_id       BLOB,
48
                     
49
        PRIMARY KEY (identity)                     
50
    );                                             
51
52 4 Yingdi Yu
Key Table consists of five columns: `identity`, `key_id`, `key_type`, `key_bits`, and `default_cert_name`. 
53
The combination of `identity` and `key_id` is the primary key of key table.
54 18 Yingdi Yu
Key table schema:
55
56
    User_[UserName]_KEY(
57
        identity             BLOB NOT NULL,        
58
        key_id               BLOB NOT NULL,        
59
        key_type             INTEGER NOT NULL,     
60
        key_bits             BLOB NOT NULL,        
61
        default_cert_name    BLOB,                 
62
        PRIMARY KEY (identity, key_id)             
63
    );
64
65 4 Yingdi Yu
Certificate table consists of four columns: `certificate_name` (primary key), `identity`, `key_id`, and `certificate_data`.
66 18 Yingdi Yu
Certificate table schema:
67
68
    User_[UserName]_CERT(
69
        certificate_name     BLOB NOT NULL,        
70
        identity             BLOB NOT NULL,        
71
        key_id               BLOB NOT NULL,        
72
        certificate_data     BLOB NOT NULL,        
73
        PRIMARY KEY (certificate_name)             
74
    );
75 4 Yingdi Yu
76
Besides the tables for each user, PIB has two more management tables: user table and certificate_publishing table.
77
User table stores user's local management key (we will discuss it later) and user's default identity
78 3 Yingdi Yu
Each user has its own default identity. 
79
From the default identity, the default key and certificate of the user can be derived.
80 1 Yingdi Yu
81 14 Yingdi Yu
User table schema:
82
83
    User(                                       
84
        user_name             BLOB NOT NULL,    
85
        has_default_identity  INTEGER DEFAULT 0,
86
        default_identity      BLOB,             
87
        local_management_cert BLOB NOT NULL,    
88
                                                
89
        PRIMARY KEY (user_name)                 
90
    );
91
92 19 Yingdi Yu
Certificate_Publishing table schema:
93
94
    Certificate_Publishing(
95
        user_name             BLOB NOT NULL,
96
        publish_namespace     BLOB NOT NULL,
97
98
        PRIMARY KEY (user_name, publish_namespace)
99
    );  
100
101 1 Yingdi Yu
The read access to a user's public key information is not restricted,
102
while the write access to a user's public key information requires authentication.
103
The write access is expressed as signed commands. 
104 5 Yingdi Yu
The signing key can be authenticated only if the key already exists in the corresponding user's PIB tables.
105 4 Yingdi Yu
Each key has its own write access privilege which is defined as:
106 3 Yingdi Yu
107 60 Yingdi Yu
* The root user has its own **local management key**. The root user key has the highest privilege, i.e., its owner is allowed to change anything in PIB. The identity of the root key is `/localhost/pib/user`, and the name of the root key should be `/localhost//pib/user/[KeyId]`.
108 61 Yingdi Yu
* Each user has its own **local management key**. The local management key is allowed to change anything in the user's PIB info including the three tables and user's own entry in the user table. The identity of the user local management key is `/localhost/pib/user/[UserName]`, and the name of the key should be `/localhost/pib/user/[UserName]/[KeyId]`.
109 6 Yingdi Yu
* All the other keys are called **regular keys**. A regular key is allowed to change keys/certificates with identities under the key's own namespace, e.g., a key with the identity `/ndn/ucla/alice` is allowed to change a key with the identity `/ndn/ucla/alice/chat` but is not allowed to change a key with the identity `/ndn/ucla/bob`.
110 3 Yingdi Yu
111
## PIB Service Protocol 
112
113
PIB service provides an interface to NDN applications for public key info lookup. 
114 1 Yingdi Yu
The interface is defined in terms of NDN packets (interest/data).
115 32 Yingdi Yu
Depending on the query type, a query to PIB is expressed as a **[signed interest](http://redmine.named-data.net/projects/ndn-cxx/wiki/SignedInterest)** (for Write operation) or normal interest (for Read operation).
116 5 Yingdi Yu
The query interest is defined as:
117
118
    /localhost/pib/[UserName]/[Verb]/[Param]/<signed_interest_security_components>
119 34 Yingdi Yu
                                            |<-- Required for Write operation -->|
120 5 Yingdi Yu
121
`UserName` indicates the tables in which the query should apply.
122
`Verb` indicates the access operation. 
123 42 Yingdi Yu
Five types of operations are defined: 
124 40 Yingdi Yu
125 41 Yingdi Yu
Verb                 | Access Type       | Description
126 42 Yingdi Yu
-------------------- | ----------------- | ----------------------------------------------------------
127
Get                  | Read              | Get a single entity (user, identity, key, or certificate)
128 41 Yingdi Yu
Default              | Read              | Get the default setting of an entity
129
List                 | Read              | List the name of a set of entities
130 1 Yingdi Yu
Update               | Write             | Add/Change an entity
131
Delete               | Write             | Delete an entity
132
133
`Param` is a TLV block containing parameters of the query.
134
Different types of operations have their own parameters.
135
136 42 Yingdi Yu
### Query Responses
137
138
The response to a query interest is a data packet signed by PIB.
139
The public key certificate of PIB is stored in a read-only file and is accessible to all users on the system.
140
141
Several TLVs are defined for the content of query responses.
142
`Identity` TLV:
143
144
    PibIdentity := PIB-IDENTITY-TYPE TLV-LENGTH
145
                   Name
146
147
`PublicKey` TLV:
148
149
    PibPublicKey := PIB-PUBLIC-KEY-TYPE TLV-LENGTH
150
                    Name
151
                    PibBytes
152
153
`Certificate` TLV:
154
155
    PibCertificate := PIB-CERTIFICATE-TYPE TLV-LENGTH
156
                      Data 
157 55 Yingdi Yu
158
`User` TLV:
159
160
    PibUser := PIB-USER-TYPE TLV-LENGTH
161
               Data // local management certificate
162 56 Yingdi Yu
               ...  // Other information to add if exists
163 42 Yingdi Yu
 
164
A response may also be a error code defined a non-negative integer:
165
166 53 Yingdi Yu
     Response := CONTENT-TYPE TLV-LENGTH
167
                 ErrorCode
168
                 Bytes
169
170 42 Yingdi Yu
    ErrorCode := ERROR-CODE-TYPE TLV-LENGTH
171
                 nonNegativeInteger
172
173
Error code                    | Value             | Description
174
----------------------------- | ----------------- | ----------------------------------
175
ERR\_SUCCESS                  | 0                 | No error
176
ERR\_INCOMPLETE\_COMMAND      | 1                 | Incomplete interest
177
ERR\_WRONG\_VERB              | 2                 | Wrong verb in interest
178
ERR\_WRONG\_PARAM             | 3                 | Wrong parameter in interest
179
ERR\_NON\_EXISTING\_USER      | 128               | User does not exist
180
ERR\_NON\_EXISTING\_ID        | 129               | Identity does not exist
181
ERR\_NON\_EXISTING\_KEY       | 130               | Public key does not exist
182
ERR\_NON\_EXISTING\_CERT      | 131               | Certificate does not exist
183
ERR\_NO\_DEFAULT\_ID          | 256               | No default identity is set
184
ERR\_NO\_DEFAULT\_KEY         | 257               | No default public key is set 
185
ERR\_NO\_DEFAULT\_CERT        | 258               | No default certificate is set
186
ERR\_DELETE\_DEFAULT\_SETTING | 384               | Trying to delete default setting
187
188 62 Yingdi Yu
A response is signed by a PIB instance key with the name `/localhost/pib/dsk-...`.
189
The PIB instance key is signed by another key with the name `/localhost/pib/ksk-...` which is the trust anchor of the PIB service.
190
191 11 Yingdi Yu
### `Get` Parameters
192 8 Yingdi Yu
For `get` operation, `Param` is defined as:
193 1 Yingdi Yu
194 42 Yingdi Yu
    PibGetParam := PIB-GET-PARAM-TYPE TLV-LENGTH
195
                   PibType
196
                   Name?
197 1 Yingdi Yu
198
`Type` indicates which table the query will be applied eventually.
199
200 42 Yingdi Yu
    PibType := PIB-TYPE-TYPE TLV-LENGTH
201
               nonNegativeInteger
202 22 Yingdi Yu
203 42 Yingdi Yu
Type constant                               | Assigned value    | Assigned value (hex)
204
------------------------------------------- | ----------------- | --------------------
205
USER                                        | 0                 | 0x00
206
ID                                          | 1                 | 0x01
207
KEY                                         | 2                 | 0x02
208
CERT                                        | 3                 | 0x03
209 30 Yingdi Yu
210 5 Yingdi Yu
211 48 Yingdi Yu
`Name` is the name of the queried entity. It is a TLV defined in [NDN-TLV spec](http://named-data.net/doc/ndn-tlv/name.html#name).
212
Name is ignored if type is USER.
213 5 Yingdi Yu
214 42 Yingdi Yu
If error happens during processing the query, the content of the response is an ErrorCode TLV.
215
If no error happens, the content depends on the `Type`.
216 5 Yingdi Yu
When `Type` is `ID`, the query is actually invalid. 
217 42 Yingdi Yu
The response is an ErrorCode with value `ERR_WRONG_PARAM`.
218
219 57 Yingdi Yu
For `USER`, the content is a `PibUser` TLV.
220 42 Yingdi Yu
For `KEY`, the content is a `PibPublicKey` TLV. 
221 48 Yingdi Yu
For `CERT`, the content is a `PibCertificate` TLV.
222 1 Yingdi Yu
223 42 Yingdi Yu
### `Default` Parameters
224 1 Yingdi Yu
225 42 Yingdi Yu
The parameters of `default` operation is defined as.
226 12 Yingdi Yu
227 42 Yingdi Yu
      PibDefaultParam := PIB-DEFAULT-PARAM-TYPE TLV-LENGTH
228
                         PibType    // target type
229
                         PibType    // origin type
230
                         Name?      // origin name
231 12 Yingdi Yu
232
233 42 Yingdi Yu
The response to a `default` query is the default entity of the "target type" of the "origin".
234 21 Yingdi Yu
235 42 Yingdi Yu
Possible values of target type include `ID`, `KEY`, and `CERT`.
236
Possible values of origin type include `USER`, `ID`, and `KEY`.
237
The target type should be always "below" the origin type (e.g., it is wrong to have a target type `ID` and an origin type `CERT`.)
238
The origin name should be consistent with the origin type.
239
Origin name is ignored if origin type is `USER`.
240
When wrong parameters are supplied, the content of response is an ErrorCode with value `ERR_WRONG_PARAM`.
241 37 Yingdi Yu
242 42 Yingdi Yu
If no error happens in processing the query, the response could be `PibIdentity`, `PibPublicKey`, or `PibCertificate`, depending on the target type.
243 37 Yingdi Yu
244 42 Yingdi Yu
### `List` Parameters
245 36 Yingdi Yu
246 42 Yingdi Yu
The parameters of `list` operation are defined as: 
247 36 Yingdi Yu
248 42 Yingdi Yu
    PibListParam := PIB-LIST-PARAM-TYPE TLV-LENGTH
249
                    PibType // origin type
250
                    Name?   // origin name
251 36 Yingdi Yu
252 42 Yingdi Yu
The response to the `list` query is a list of `Name`, depending on the origin type.
253
Possible values of origin type include `USER`, `ID`, and `KEY`.
254
Origin name is ignored if origin type is `USER`.
255
If the origin type is `USER`, the response is a list of identities of the user.
256
If the origin type is `ID`, the response is a list of names of keys of the identity.
257
If the origin type is `KEY`, the response is a list of names of certificates of the key.
258 1 Yingdi Yu
259 50 Yingdi Yu
    PibNameList := PIB-NAME-LIST-TYPE TLV-LENGTH
260
                   Name+
261
262 42 Yingdi Yu
### `Update` Parameters
263 1 Yingdi Yu
264 42 Yingdi Yu
The parameters of `update` operation are defined as: 
265 1 Yingdi Yu
266 45 Yingdi Yu
    PibUpdateParam := PIB-UPDATE-PARAM-TYPE TLV-LENGTH
267 59 Yingdi Yu
                      (PibUser | PibIdentity | PibPublicKey | PibCertificate)
268 42 Yingdi Yu
                      PibDefaultOpt
269 1 Yingdi Yu
270 42 Yingdi Yu
`DefaultOpt` is the default option:
271 1 Yingdi Yu
272
273 42 Yingdi Yu
    PibDefaultOpt := PIB-DEFAULT-OPT-TYPE TLV-LENGTH
274
                     nonNegativeInteger
275
276
DefaultOpt constant                         | Assigned value    | Assigned value (hex)
277 1 Yingdi Yu
------------------------------------------- | ----------------- | --------------------
278 54 Yingdi Yu
DEFAULT\_OPT\_NO                            | 0                 | 0x00
279
DEFAULT\_OPT\_KEY                           | 1                 | 0x01
280
DEFAULT\_OPT\_ID                            | 3                 | 0x03
281
DEFAULT\_OPT\_USER                          | 7                 | 0x07
282 1 Yingdi Yu
283 42 Yingdi Yu
The operation, once validated, will add a new entry in the corresponding table if no such an entry exists or update the existing entry,
284
and change the default setting according to `PibDefaultOpt`.
285 1 Yingdi Yu
286 42 Yingdi Yu
The response is always an ErrorCode: `ERR_SUCCESS` for a successful operation, others for failure.
287 1 Yingdi Yu
288 42 Yingdi Yu
### `Delete` Parameters
289 1 Yingdi Yu
290 42 Yingdi Yu
The parameters of `delete` operation are defined as: 
291
292 44 Yingdi Yu
    PibDeleteParam := PIB-DELETE-PARAM-TYPE TLV-LENGTH
293
                      PibType
294 42 Yingdi Yu
                      Name
295
296
The entity and its belonging entities will be deleted once the operation is validated.
297
298
The response is always an ErrorCode: `ERR_SUCCESS` for a successful deletion, others for failure.
299
300
### TLV-TYPE assignments
301
302
Type                                            | Assigned value    | Assigned value (hex)
303
----------------------------------------------- | ----------------- | --------------------
304
PibGetParam                                     | 128               | 0x80
305
PibDefaultParam                                 | 129               | 0x81
306 49 Yingdi Yu
PibListParam                                    | 130               | 0x82
307
PibUpdateParam                                  | 131               | 0x83
308
PibDeleteParam                                  | 132               | 0x84
309 43 Yingdi Yu
PibType                                         | 144               | 0x90
310
PibIdentity                                     | 145               | 0x91
311
PibPublicKey                                    | 146               | 0x92
312
PibCertificate                                  | 147               | 0x93
313
PibBytes                                        | 148               | 0x94 
314
PibDefaultOpt                                   | 149               | 0x95
315 52 Yingdi Yu
PibNameList                                     | 150               | 0x96
316 58 Yingdi Yu
PibUser                                         | 151               | 0x97
317 47 Yingdi Yu
PibErrorCode                                    | 252               | 0xfc