X.509 证书证明X.509 certificate attestation

本文概述了使用 X.509 证书证明预配设备时涉及的设备预配服务 (DPS) 概念。This article gives an overview of the Device Provisioning Service (DPS) concepts involved when provisioning devices using X.509 certificate attestation. 本文涉及设备部署准备工作中提及的所有角色。This article is relevant to all personas involved in getting a device ready for deployment.

X.509 证书可以存储在硬件安全模块 HSM 中。X.509 certificates can be stored in a hardware security module HSM.

提示

我们强烈建议将 HSM 用于设备,以便在生产环境中的设备上安全地存储机密(例如,X.509 证书)。We strongly recommend using an HSM with devices to securely store secrets, like the X.509 certificate, on your devices in production.

X.509 证书X.509 certificates

将 X.509 证书用作一种证明机制是扩大生产规模和简化设备设置的极佳途径。Using X.509 certificates as an attestation mechanism is an excellent way to scale production and simplify device provisioning. X.509 证书通常是信任证书链中一系列证书中的一个,证书链中的每个证书均通过下一个更高级别证书的私钥进行签名,位于链顶端的证书是自签名的根证书。X.509 certificates are typically arranged in a certificate chain of trust in which each certificate in the chain is signed by the private key of the next higher certificate, and so on, terminating in a self-signed root certificate. 此安排会建立一个委托的信任链,该信任链始于受信任根证书颁发机构 (CA) 生成的根证书,期间是每个中间 CA,终结于设备上安装的最终实体“叶”证书。This arrangement establishes a delegated chain of trust from the root certificate generated by a trusted root certificate authority (CA) down through each intermediate CA to the end-entity "leaf" certificate installed on a device. 有关详细信息,请参阅使用 X.509 CA 证书进行设备身份验证To learn more, see Device Authentication using X.509 CA Certificates.

证书链通常代表与设备关联一些逻辑或物理层次结构。Often the certificate chain represents some logical or physical hierarchy associated with devices. 例如,制造商可以:For example, a manufacturer may:

  • 颁发自签名根 CA 证书issue a self-signed root CA certificate
  • 使用根证书为每个工厂生成唯一的中间 CA 证书use the root certificate to generate a unique intermediate CA certificate for each factory
  • 使用每个工厂的证书为工厂中的每条生产线生成唯一的中间 CA 证书use each factory's certificate to generate a unique intermediate CA certificate for each production line in the plant
  • 并最终使用生产线证书为在生产线上制造的每台设备生成唯一的设备(最终实体)证书。and finally use the production line certificate, to generate a unique device (end-entity) certificate for each device manufactured on the line.

若要了解详细信息,请参阅概念性理解 IoT 行业中的 X.509 CA 证书To learn more, see Conceptual understanding of X.509 CA certificates in the IoT industry.

根证书Root certificate

根证书是表示证书颁发机构 (CA) 的自签名的 X.509 证书。A root certificate is a self-signed X.509 certificate representing a certificate authority (CA). 它是证书链的终点或信任定位点。It is the terminus, or trust anchor, of the certificate chain. 根证书可由组织自行颁发或从根证书颁发机构购买。Root certificates can be self-issued by an organization or purchased from a root certificate authority. 若要了解详细信息,请参阅获取 X.509 CA 证书To learn more, see Get X.509 CA certificates. 根证书也可称为根 CA 证书。The root certificate can also be referred to as a root CA certificate.

中间证书Intermediate certificate

中间证书是已由根证书(或其链中具有根证书的另一个中间证书)签名的 X.509 证书。An intermediate certificate is an X.509 certificate, which has been signed by the root certificate (or by another intermediate certificate with the root certificate in its chain). 链中的最后一个中间证书用于对分支证书进行签名。The last intermediate certificate in a chain is used to sign the leaf certificate. 中间证书也可称为中间 CA 证书。An intermediate certificate can also be referred to as an intermediate CA certificate.

为什么中间证书有用?Why are intermediate certs useful?

可以通过多种方式使用中间证书。Intermediate certificates are used in a variety of ways. 例如,可使用中间证书按产品线、购买设备的客户、公司部门或工厂对设备进行分组。For example, intermediate certificates can be used to group devices by product lines, customers purchasing devices, company divisions, or factories.

假设 Contoso 是一个拥有自己公钥基础结构 (PKI) 的大型公司,并使用名为 ContosoRootCert 的根证书。Imagine that Contoso is a large corporation with its own Public Key Infrastructure (PKI) using the root certificate named ContosoRootCert. Contoso 的每个子公司都有自己的中间证书,并且由 ContosoRootCert 签名。Each subsidiary of Contoso has their own intermediate certificate that is signed by ContosoRootCert. 然后,每个子公司都将使用其中间证书对每个设备的叶证书进行签名。Each subsidiary will then use their intermediate certificate to sign their leaf certificates for each device. 在这种情况下,Contoso 可以使用单个 DPS 实例,其中 ContosoRootCert 已通过所有权证明进行了验证。In this scenario, Contoso can use a single DPS instance where ContosoRootCert has been verified with proof-of-possession. 他们可以为每个子公司建立一个注册组。They can have an enrollment group for each subsidiary. 这样,每个子公司都将无需担心证书验证。This way each individual subsidiary will not have to worry about verifying certificates.

最终实体“叶”证书End-entity "leaf" certificate

分支证书或最终实体证书标识证书持有者。The leaf certificate, or end-entity certificate, identifies the certificate holder. 它具有其证书链中的根证书以及零个或多个中间证书。It has the root certificate in its certificate chain as well as zero or more intermediate certificates. 分支证书不用于对任何其他证书进行签名。The leaf certificate is not used to sign any other certificates. 它向设置服务唯一标识设备,有时称为设备证书。It uniquely identifies the device to the provisioning service and is sometimes referred to as the device certificate. 在身份验证期间,设备使用与此证书关联的私钥响应来自服务的所有权证明质询。During authentication, the device uses the private key associated with this certificate to respond to a proof of possession challenge from the service.

单个注册条目配合使用的页证书有一个要求:必须将“所有者名称”设置为“单个注册”条目的注册 ID。Leaf certificates used with an Individual enrollment entry have a requirement that the Subject Name must be set to the registration ID of the Individual Enrollment entry. 注册组条目配合使用的叶证书应该将“使用者名称”设置为所需的设备 ID,该 ID 将显示在注册组中经过身份验证的设备的“注册记录”中 。Leaf certificates used with an Enrollment group entry should have the Subject Name set to the desired device ID that will be shown in the Registration Records for the authenticated device in the enrollment group.

有关详细信息,请参阅对使用 X.509 CA 证书签名的设备进行身份验证To learn more, see Authenticating devices signed with X.509 CA certificates.

使用 X.509 证书控制设备对设置服务的访问权限Controlling device access to the provisioning service with X.509 certificates

预配服务公开了两种注册类型,你可以使用它们通过 X.509 证明机制来控制设备访问:The provisioning service exposes two enrollment types that you can use to control device access with the X.509 attestation mechanism:

  • 单个注册条目使用与特定设备关联的设备证书进行配置。Individual enrollment entries are configured with the device certificate associated with a specific device. 这些条目控制特定设备的注册。These entries control enrollments for specific devices.
  • 注册组条目与特定的中间或根 CA 证书关联。Enrollment group entries are associated with a specific intermediate or root CA certificate. 这些条目控制其证书链中具有中间或根证书的所有设备的注册。These entries control enrollments for all devices that have that intermediate or root certificate in their certificate chain.

DPS 设备链要求DPS device chain requirements

当设备尝试使用注册组通过 DPS 进行注册时,设备必须将证书链从叶证书发送到通过所有权证明验证的证书。When a device is attempting registration through DPS using an enrollment group, the device must send the certificate chain from the leaf certificate to a certificate verified with proof-of-possession. 否则,身份验证将失败。Otherwise, authentication will fail.

例如,如果只验证了根证书并将中间证书上传到注册组,则设备应显示从叶证书一直到验证根证书的证书链。For example, if only the root certificate is verified and an intermediate certificate is uploaded to the enrollment group, the device should present the certificate chain from leaf certificate all the way to the verified root certificate. 此证书链将包含中间的任何中间证书。This certificate chain would include any intermediate certificates in-between. 如果 DPS 无法遍历验证证书的证书链,则身份验证将失败。Authentication will fail if DPS cannot traverse the certificate chain to a verified certificate.

例如,考虑一个公司对设备使用以下设备链。For example, consider a corporation using the following device chain for a device.

设备证书链示例

仅验证根证书,并将 intermediate2 证书上传到注册组。Only the root certificate is verified, and intermediate2 certificate is uploaded on the enrollment group.

根验证示例

如果设备在预配过程中只发送以下设备链,则身份验证将失败。If the device only sends the following device chain during provisioning, authentication will fail. 因为 DPS 不能假设 intermediate1 证书的有效性而尝试进行身份验证Because DPS can't attempt authentication assuming the validity of intermediate1 certificate

失败证书链示例

如果设备在预配过程中按如下所示发送完整的设备链,则 DPS 可以尝试对设备进行身份验证。If the device sends the full device chain as follows during provisioning, then DPS can attempt authentication of the device.

设备证书链示例

备注

还可以通过所有权证明来验证中间证书。Intermediate certificates can also be verified with proof-of-possession..

带证书的 DPS 操作顺序DPS order of operations with certificates

当设备连接到设置服务时,服务会优先应用更具体的注册条目,接着才应用不那么具体的注册条目。When a device connects to the provisioning service, the service prioritizes more specific enrollment entries over less specific enrollment entries. 也就是说,如果存在单个设备注册,设置服务会应用该条目。That is, if an individual enrollment for the device exists, the provisioning service applies that entry. 如果没有单个设备注册,而存在设备证书链中第一个中间证书的一个注册组,服务会应用该条目,并以此类推遍历到根证书。If there is no individual enrollment for the device and an enrollment group for the first intermediate certificate in the device's certificate chain exists, the service applies that entry, and so on, down the chain to the root. 服务会应用找到的第一个适用的条目:The service applies the first applicable entry that it finds, such that:

  • 如果找到的第一个注册条目已启用,服务会对设备进行设置。If the first enrollment entry found is enabled, the service provisions the device.
  • 如果找到的第一个注册条目为禁用状态,服务不会对设备进行设置。If the first enrollment entry found is disabled, the service does not provision the device.
  • 如果没有为设备证书链中的任何证书找到注册条目,服务不会对设备进行设置。If no enrollment entry is found for any of the certificates in the device's certificate chain, the service does not provision the device.

通过此机制和证书链的层次结构,在控制单个设备及一组设备的访问权限时可实现极大的控制上的灵活性。This mechanism and the hierarchical structure of certificate chains provides powerful flexibility in how you can control access for individual devices as well as for groups of devices. 例如,假设有五台设备具有以下证书链:For example, imagine five devices with the following certificate chains:

  • 设备 1:根证书 -> 证书 A -> 设备 1 证书Device 1: root certificate -> certificate A -> device 1 certificate
  • 设备 2:根证书 -> 证书 A -> 设备 2 证书Device 2: root certificate -> certificate A -> device 2 certificate
  • 设备 3:根证书 -> 证书 A -> 设备 3 证书Device 3: root certificate -> certificate A -> device 3 certificate
  • 设备 4:根证书 -> 证书 A -> 设备 4 证书Device 4: root certificate -> certificate B -> device 4 certificate
  • 设备 5:根证书 -> 证书 A -> 设备 5 证书Device 5: root certificate -> certificate B -> device 5 certificate

最开始,可为根证书创建单个启用的组注册条目,让五台设备均获得访问权限。Initially, you can create a single enabled group enrollment entry for the root certificate to enable access for all five devices. 如果之后证书 B 出现安全风险,可以为证书 B 创建一个禁用的注册组条目,以防止设备 4 和设备 5 进行注册。If certificate B later becomes compromised, you can create a disabled enrollment group entry for certificate B to prevent Device 4 and Device 5 from enrolling. 如果之后设备 3 出现安全风险,可为其证书创建一个禁用的单个注册条目。If still later Device 3 becomes compromised, you can create a disabled individual enrollment entry for its certificate. 这会撤消设备 3 的访问权限,但仍允许设备 1 和设备 2 进行注册。This revokes access for Device 3, but still allows Device 1 and Device 2 to enroll.