Security issue when using the same keystore for trust store and server store?_问答_开发者

Security issue when using the same keystore for trust store and server store?

开发者 https://www.devze.com 2023-04-04 19:14 出处：网络

Is there a security issue when using the same keystore for the trust store (certificates used for authenticating clients) and server开发者_运维知识库 store (private keys used by the server)? I ask this because I know that there is a recommendation to have two separate files (and I wonder why this is).

I know that there is a recommendation to have two separate files (for the trust store and the server store)

The reason for such a recommendation is that you typically store only public keys and the related certificates of trusted CAs in the truststore, while the keystore is meant to store private-keys and the associated public keys (along with the related certificates).

When you start managing both as a single file, it is quite possible for any agent (a user or even application code) that has knowledge of the truststore password to read and modify the private keys of the keystore as well. This is not what you want, for private keys ought to be private by nature, and known only to a single entity (the one that owns the key).

Likewise, it is also possible for an agent to modify the truststore through the knowledge of the keystore password, to add certificates to the truststore. On it's own, this may appear benign, but usually multiple clients can use the same truststore (like the cacerts file of the JRE), resulting in the scenario where one agent can poison the trust relationship (by adding the certificate of a malicious CA into the truststore) between a client and a server.

In reality, the recommendation is more of a defense-in-depth practice, unless your agents aren't trustworthy (in which case you ought to be adopting several other practices).

There is one security concern, but I think most of the reason for the recommendation is a logical separation of responsibilities. From Keystores and Truststores:

Using two different files instead of a single keystore file provides for a cleaner separation of the logical distinction between your own certificates (and corresponding private keys) and others' certificates. You could provide more protection for your private keys if you store them in a keystore with restricted access, while providing the trusted certificates in a more publicly accessible keystore if needed.

The key security point here is that by separating the trusted (public) certificates from your own certificates that contain your private keys, you can use whatever level of restriction you deem necessary to protect your own private keys, while keeping trusted certificates public.