1 1.1 christos <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"> 2 1.1 christos <html> 3 1.1 christos <head> 4 1.1 christos <title>NetBSD & Google's Summer of Code: Martin Schuette - Improve syslogd (syslogd)</title> 5 1.1 christos </head> 6 1.1 christos <body> 7 1.1 christos 8 1.1 christos <h1>syslog-sign</h1> 9 1.1 christos <p><a href="http://tools.ietf.org/html/draft-ietf-syslog-sign">syslog-sign</a> defines digital signatures for logfiles. This provides end-to-end authentication for network transports, enables the detection of lost UDP messages, and also makes it possible to check a log archive for later modifications (assuming the private key was kept safe).</p> 10 1.1 christos 11 1.1 christos <h2>Signature Groups</h2> 12 1.2 andvar <p>A basic concept of syslog-sign is the signature group which describes a set of messages that are grouped and signed together. Their purpose becomes clear with an example: assume you split your messages to two logservers <em>serverA</em> and <em>serverB</em>. Now if all messages were signed as one stream, then a) where do the signatures go to? and b) how could <em>serverA</em>, having only hashes and signatures, decide which message are missing and which are on <em>serverB</em>?<br> 13 1.1 christos Thus the messages are selected into two signature groups containing all signatures for messages to <em>serverA</em> and <em>serverB</em> respectively. Then every server has its own messages and its own signatures to verify them.</p> 14 1.1 christos <p>There are three predefined and one custom signature groups:</p> 15 1.1 christos <ol start="0"> 16 1.1 christos <li>one global signature group, useful if all messages go to one central logserver anyway</li> 17 1.1 christos <li>every syslog priority (=combination of facility and severity) gets its own group, i.e. 192 of them, useful if there are lots of different destinations which all receive messages with different priorities</li> 18 1.1 christos <li>take the priorities and split them into intervals, useful to define bigger subsets, e.g. one signature group for the mail facility and two for everything else</li> 19 1.1 christos <li>not defined and reserved for custom strategy. I use this to have one signature group for every configured destination. In this case the selector in syslog.conf will determine which messages go into one group; it is also the only strategy that allows a message to be in multiple groups.</li> 20 1.1 christos </ol> 21 1.1 christos <p>Every signature group has several attributes and only the combination of several values determines one signature group unambiguously. Currently the key to identify a signature group is the tuple (hostname, reboot session ID, SG value, SPRI value). <!-- In a later draft the program name or process ID might be added to allow multiple syslog-sign senders per host.--></p> 22 1.1 christos 23 1.1 christos <h2>Configuration/Activation</h2> 24 1.1 christos <p>syslog-sign is enabled with the option "sign_sg" in syslog.conf. The value selects the signature group strategy, so for example the line "sign_sg=0" enables syslog-sign with one signature group.</p> 25 1.2 andvar <p>The SG="2" strategy is the only one that might require additional configuration. When selected (with "sign_sg=2") the default is to use one signature group per facility (kernel, user, mail, ...). To allow custom configuration there is an additional option "sign_sg2_delim" to specify the numerical SPRI values, i.e. the boundaries between the signature groups.<br> 26 1.1 christos Example: With "sign_sg2_delim = 15 31" syslogd will set up three signature groups: one for all priorities x ≤ 15 (kernel.*,user.*), one for priorities 15 < x ≤ 31 (mail.*), and one for all priorities x > 31.</p> 27 1.1 christos 28 1.1 christos <h2>Key, Signature, and Hash Types</h2> 29 1.1 christos <p>The current internet draft defines two values for the VERsion field for using either SHA-1 or SHA-256 hashes. Both versions mandate DSA keys and signatures.<br> 30 1.1 christos There are several alternatives for sending the public key in the initial Certificate Block. If a X.509 certificate is available (for TLS connections) then syslogd will use key type 'C' (PKIX) and send the certificate in DER encoding. Otherwise it generates a new DSA key and uses key type 'K' (public key) to send the public key in DER encoding.</p> 31 1.1 christos 32 1.1 christos <h2>Redundancy</h2> 33 1.1 christos <p>As mentioned above one design target of syslog-sign is the detection of lost messages, e.g. due to UDP datagram loss. So one has to take extra precaution to prevent lost signature messages and send them multiple times.<br> 34 1.1 christos This implementation sends the first Certificate block only on demand, just before the first Signature Block. After that it is resent <em>n</em> times with several seconds delay. The Signature Blocks are not repeated but use a sliding window so that every message hash is included in <em>m</em> sequential Signature Blocks.</p> 35 1.1 christos 36 1.1 christos <h2>Verification</h2> 37 1.1 christos <p>Sending signatures is only half of the job, -- they have to be verified as well. I used Perl to write an <a href="verify-sign/verify.pl">offline verification</a> tool that reads a complete logfile and prints all messages in their correct order. See the example below for a sample usage and output.</p> 38 1.1 christos 39 1.1 christos <h2>Example</h2> 40 1.1 christos <p>Here is an example of a signed message sequence. I let syslogd generate me a DSA key for a self-signed X.509 certificate and use that for signing. I also changed one message so you can see the resulting verification output below.</p> 41 1.1 christos 42 1.1 christos <pre> 43 1.1 christos $ cat test.log 44 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg0 45 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg1 46 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg2 47 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg3 48 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg4 49 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg5 50 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg6 51 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg7 52 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg8 53 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg9 54 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg10 55 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg11 56 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - modified msg12 57 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg13 58 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg14 59 1.1 christos <110>1 2008-08-02T01:09:27.773505+02:00 host.example.org syslogd - - [ssign-cert VER="0111" RSID="1217632162" SG="3" SPRI="0" TBPL="1059" INDEX="1" FLEN="1059" FRAG="2008-08-02T01:09:27.773464+02:00 C MIIC+jCCArmgAwIBAwIBATAJBgcqhkjOOAQDMCIxIDAeBgNVBAMTF2NvcmRlbGlhLm1zY2h1ZXR0ZS5uYW1lMB4XDTA4MDczMDIyMDYyMloXDTA5MDczMDIyMDYyMlowIjEgMB4GA1UEAxMXY29yZGVsaWEubXNjaHVldHRlLm5hbWUwggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA92S335Kxy2TTMfdg9Vi/CJvyDCHMHpPYxWwEkEI26xEdKybzLghTfbG/RZw/nnFuhRTH4Xe6GVvlFi2zIzySSClXr+zyXg/D9uHyiVL5TEsu8uQT2IREmGOB8pu70FukL9nQGOr82YxuRFQzZ1p6KltIggivi5ffR4B33+1xoSkCFQDYe5GJKM9Cw6nkLngHkzFGRmcXIQKBgDbHeOLBKYLkRZyRpXd0aTNU2igcKTWyWlUTySJuv/iTAeB09p9WyTIPyAhtqN77CIwX8Ui2jGu6NYT6TWEYJVvL+C/TvddAvAMyefv+w+HPNF2L77IVrjNVRCneERoNKlWc6IzjKH3otl/Lh2D7NAWRid55vxF6Z0oO459+4vpRA4GFAAKBgQCzcJVR343IRntcQs8aENs/QMxoxHN6JVdpSLB9moY5/RC9ooxz32fkakSL0s8zLITLt/y+yzf0F/9JhmTC1XeD8gvPBesE6dc0ZzPCos0hg8WpKUWR0YqXFDOC//uBwIa94DncC8xZ0mCwavno6gtkz57S7ywSwnmrdjhmpdAZuqOBgDB+MBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhCAQ0EJhYkYXV0by1nZW5lcmF0ZWQgYnkgdGhlIE5ldEJTRCBzeXNsb2dkMCYGCWCGSAGG+EIBDAQZFhdjb3JkZWxpYS5tc2NodWV0dGUubmFtZTAMBgNVHRMBAf8EAjAAMAkGByqGSM44BAMDMAAwLQIUZcsHdrbuyx9lR3tyyeiJvClj0B8CFQC+5+NlulgCd/yoSlLPZgsTHYmCYA==" SIGN="MC0CFFEHx8UX391lbmhbisJNS0zLGD/WAhUAuMfCO0BWtARt2vEWHbM2mAe2k+o="] 60 1.1 christos <110>1 2008-08-02T01:09:27.778347+02:00 host.example.org syslogd - - [ssign VER="0111" RSID="1217632162" SG="3" SPRI="0" GBC="1" FMN="1" CNT="15" HB="siUJM358eYFHOS2K0MTlveWeH/U= zTxfthW8WqmtFhOG4k/+ZxkirTA= j9dubU1GNVp7qWShwph/w32nD08= XQDLZ/NuwirmLdMORtm84r9kIW4= RNDFNCo7hiCsK/EKumsPBbFHNZA= ANiE3KbY948J6cEB640fAtWXuO4= e2M/OqjHDfxLVUSPt1CsNJHm9wU= Y+racQst7F1gR8eEUh8O7o+M53s= JAMULRxjMPbOO5EhhKbsUkAwbl0= pd+N5kmlnyQ0BoItELd/KWQrcMg= dsMQSzPHIS6S3Vaa23/t7U8JAJ4= i4rE3x7N4qyQGTkmaWHsWDFP9SY= qgTqV4EgfUFd3uZXNPvJ25erzBI= XW0YrME5kQEh+fxhg1fetnWxfIc= 7YPcRHsDwXWnQuGRWaJtFWw9hus=" SIGN="MCwCFF5hS5GTLxLDwsDCUmOnHhzkmWzbAhRJ0io+LBKM6Ux/cM7eqZ6eRAI11Q=="] 61 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg15 62 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg16 63 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg17 64 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg18 65 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg19 66 1.1 christos <110>1 2008-08-02T01:09:32.399406+02:00 host.example.org syslogd - - [ssign VER="0111" RSID="1217632162" SG="3" SPRI="0" GBC="4" FMN="1" CNT="20" HB="siUJM358eYFHOS2K0MTlveWeH/U= zTxfthW8WqmtFhOG4k/+ZxkirTA= j9dubU1GNVp7qWShwph/w32nD08= XQDLZ/NuwirmLdMORtm84r9kIW4= RNDFNCo7hiCsK/EKumsPBbFHNZA= ANiE3KbY948J6cEB640fAtWXuO4= e2M/OqjHDfxLVUSPt1CsNJHm9wU= Y+racQst7F1gR8eEUh8O7o+M53s= JAMULRxjMPbOO5EhhKbsUkAwbl0= pd+N5kmlnyQ0BoItELd/KWQrcMg= dsMQSzPHIS6S3Vaa23/t7U8JAJ4= i4rE3x7N4qyQGTkmaWHsWDFP9SY= qgTqV4EgfUFd3uZXNPvJ25erzBI= XW0YrME5kQEh+fxhg1fetnWxfIc= 7YPcRHsDwXWnQuGRWaJtFWw9hus= PIvLm0mh+he5+PDihG1p7sQlx8k= lPzUvx0I1VwSGWV7yKF9W//Yb2U= X+PWYcx5AXnsDVSNAHLZUGk5ioY= okXY88MGG4QybrYMf8HJN23WO1Y= HcaPyHfQ2s1SuSciTKw4woYWuMg=" SIGN="MCwCFFr0i6taT1vWowR7yc5bEQxFfY7/AhQBCK+rBNPgzR0vUgxPeARvD24kIQ=="] 67 1.1 christos </pre> 68 1.1 christos <p>Just in case you wonder about the different timestamps: The messages were send with a normal syslog(3), so the syslogd received them in BSD Syslog format without subsecond resolution.</p> 69 1.1 christos <hr> 70 1.1 christos <pre> 71 1.1 christos $ perl verify.pl --help 72 1.1 christos 73 1.1 christos syslog-sign verifier 74 1.1 christos reads logfile and verifies message signatures 75 1.1 christos 76 1.1 christos Notes: 77 1.1 christos - By default uses only SHA-1 hashes. Use option "--sha256" to use only 78 1.1 christos SHA-256 and "--sha1 --sha256"to use both types. 79 1.1 christos - Some status messages are printed to stderr. 80 1.1 christos Use option "--quiet" to disable them. 81 1.1 christos - All verified messages are printed with their identifying signature group. 82 1.1 christos Every line starts with a comma-separated tuple: hostname, reboot session ID, 83 1.1 christos SG value, SPRI value, and message number. 84 1.1 christos - If only one hash is used then all messages not signed are printed as well. 85 1.1 christos 86 1.1 christos Limitations: handles only key types 'C' (PKIX) and 'K' (public key) 87 1.1 christos with DSA keys and signatures 88 1.1 christos 89 1.1 christos Command Line Options: 90 1.1 christos -i --in input file (default: stdin) 91 1.1 christos -o --out output file for verified messages (default: stdout) 92 1.1 christos -u --unsigned output file for unsigned messages (default: stdout) 93 1.1 christos --sha1 use SHA-1 hashes (default) 94 1.1 christos --sha256 use SHA-256 hashes 95 1.1 christos -v --verbose shows some internals (every CB,SB,hash,...) 96 1.1 christos -q --quiet no status messages to stderr 97 1.1 christos -h --help this help 98 1.1 christos 99 1.1 christos $ perl verify.pl -i test.log 100 1.1 christos reading input... 101 1.1 christos processing CBs... 102 1.1 christos decoding SGs... 103 1.1 christos got PKIX DSA key 104 1.1 christos verifying CBs... 105 1.1 christos verified CB and got key for SG: (host.example.org,1217632162,0111,3,0), start: 2008-08-02T01:09:27.773464+02:00 106 1.1 christos now process SBs 107 1.1 christos signed messages: 108 1.1 christos host.example.org,1217632162,0111,3,0,1 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg0 109 1.1 christos host.example.org,1217632162,0111,3,0,2 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg1 110 1.1 christos host.example.org,1217632162,0111,3,0,3 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg2 111 1.1 christos host.example.org,1217632162,0111,3,0,4 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg3 112 1.1 christos host.example.org,1217632162,0111,3,0,5 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg4 113 1.1 christos host.example.org,1217632162,0111,3,0,6 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg5 114 1.1 christos host.example.org,1217632162,0111,3,0,7 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg6 115 1.1 christos host.example.org,1217632162,0111,3,0,8 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg7 116 1.1 christos host.example.org,1217632162,0111,3,0,9 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg8 117 1.1 christos host.example.org,1217632162,0111,3,0,10 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg9 118 1.1 christos host.example.org,1217632162,0111,3,0,11 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg10 119 1.1 christos host.example.org,1217632162,0111,3,0,12 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg11 120 1.1 christos host.example.org,1217632162,0111,3,0,13 **** msg lost 121 1.1 christos host.example.org,1217632162,0111,3,0,14 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg13 122 1.1 christos host.example.org,1217632162,0111,3,0,15 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg14 123 1.1 christos host.example.org,1217632162,0111,3,0,16 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg15 124 1.1 christos host.example.org,1217632162,0111,3,0,17 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg16 125 1.1 christos host.example.org,1217632162,0111,3,0,18 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg17 126 1.1 christos host.example.org,1217632162,0111,3,0,19 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg18 127 1.1 christos host.example.org,1217632162,0111,3,0,20 <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - msg19 128 1.1 christos messages without signature: 129 1.1 christos <15>1 2008-08-02T02:09:27+02:00 host.example.org test 6255 - - modified msg12 130 1.1 christos </pre> 131 1.1 christos 132 1.1 christos <hr> 133 1.1 christos <table border=0> 134 1.1 christos <tr> 135 1.1 christos <td> 136 1.1 christos <a href="http://sourceforge.net"><img align="top" src="http://sourceforge.net/sflogo.php?group_id=141771&type=2" width="125" height="37" border="0" alt="SourceForge.net Logo"></a> 137 1.1 christos <td> 138 1.1 christos <table> 139 1.1 christos <tr> <td> Martin Schütte <<tt>info (a] mschuette.name</tt>> </td> </tr> 140 1.2 andvar <tr> <td> $Id: sign.html,v 1.2 2023/05/01 11:57:53 andvar Exp $ </td> </tr> 141 1.1 christos </table> 142 1.1 christos </tr> 143 1.1 christos </table> 144 1.1 christos 145 1.1 christos </body> 146 1.1 christos </html> 147
Indexes created Sun Sep 21 19:09:51 GMT 2025