Performing Attestation Using Fortanix DSM

Background

As of June 1, 2023, SSL.com has stopped issuing code signing certificates as downloadable PFX files, aligning with new key storage requirements set by the Certificate Authority/Browser (CA/B) Forum to enhance the security of code signing keys. 

Under the new rules, only encrypted USB tokens, on-premises  FIPS-compliant Hardware Security Module (HSM),  or cloud-based HSM services are permitted for storing the private key. This shift is meant to significantly reduce the risk of code signing keys being stolen and misused by malicious actors. While using USB tokens can pose integration challenges with modern CI/CD pipelines and managing a physical HSM can be cumbersome, an efficient alternative exists in a cloud HSM platform like the Fortanix Data Security Manager (DSM). 

What is the Fortanix Data Security Manager (DSM)? 

The Fortanix Data Security Manager (DSM)  integrates key management, tokenization, and secrets management into a single platform. This unified solution ensures the safety of sensitive data across all cloud configurations—public, hybrid, multi-cloud, and private. It provides centralized oversight and governance, enabling the secure deployment of highly sensitive applications under diverse conditions.

The Fortanix DSM SaaS solution enables easier and scalable data security deployments. It utilizes FIPS 140-2 Level 3 confidential computing hardware to ensure top-tier security and performance.

What is Attestation? 

Before SSL.com can sign and issue code signing certificates, we require proof that the customer’s private signing key has been generated and securely stored on a FIPS 140-2 Level 2 (or greater) certified device, ensuring it cannot be exported. This process, known as attestation, verifies that the private key meets these stringent security standards.

Performing Attestation Using the Fortanix DSM

The steps below outline the process for obtaining key attestation statements, which verify that a security object was created using the Fortanix Data Security Manager (DSM) and is non-exportable. These attestations are crucial for demonstrating to SSL.com that the key used for a Certificate Signing Request (CSR) originated within Fortanix DSM and remains non-exportable. The attestations are provided as X.509 certificates, positioned within the comprehensive Public Key Infrastructure (PKI) framework of Fortanix for attestation and provisioning.

Generating Key Attestation Statements with Fortanix DSM

The Key Attestation Authority within the Fortanix DSM Cluster is responsible for issuing Key Attestation Statements for keys hosted on the DSM SaaS cluster.

These statements include specific claims regarding the target key, categorized into two primary groups:

1. Claims related to the key at the time of its creation, such as being generated within this specific DSM SaaS cluster and designed as non-exportable.
2. Claims concerning the present status of the key, such as the existing set of permissions associated with the key.

Retrieving the Attestation Certificate from the Fortanix DSM UI

Once the Fortanix DSM Cluster Key Attestation Authority is successfully established for a DSM cluster, it becomes capable of issuing Key Attestation Certificates for keys stored within that cluster. These certificates will include assertions regarding the specified key. You can access and download the Key Attestation Certificate through the Fortanix DSM user interface.

To download a certificate, follow these steps: 

1. Select the security object that contains the asymmetric key for which you need the certificate. 
2. On the right-hand side of the interface, select the DOWNLOAD CERTIFICATE option.
   
   

This action will trigger an automatic download of a JSON file to your computer. The file name of the certificate will be in the format: key_attestation_<key UUID>.json, where “Key UUID” is the unique identifier for the security object.

Note that Key Attestation Certificates are only available for RSA and EC keys.

Key Attestation Certificate APIs

To request a Key Attestation Statement, utilize the following API endpoint, detailed in the Fortanix Open API documentation:

• KeyAttestation: [API] - POST /crypto/v1/keys/key_attestation
  The API performs the following operations:
  • Verifies the capability of the Fortanix DSM SaaS cluster to issue key attestation statements.
  • Determines whether the specified security object qualifies for key attestation.
  • Returns an existing appropriate key attestation statement if available; otherwise, it issues and stores a new certificate for subsequent use.

Session Type: SessionAuth<(App, UserInAccount)>

Method: POST

Request Body:

{

    "key": {

        "kid": "<key_uuid>"

    }

}

Output JSON:

{

    "authority_chain": [

        "MIIFZzCCA0+ ...="

    ],

    "attestation_statement": {

        "format": "x509_certificate",

        "statement": "MIIC+TCCAB...”

    }

}

 

Retrieving the Attestation via the Web API 

To retrieve the Fortanix attestation via the web API, the following sequence of commands is needed:

1. First, you need to authenticate in order to retrieve an authentication bearer:

curl https://fortanix_dsm_fqdn/sys/v1/session/auth -X POST -u 'username':'password'

2. If successful, the command will return an authorization bearer value. This value will be used in the next command, replacing the authorization_bearer_value variable:

curl https://fortanix_dsm_fqdn/sys/v1/session/select_account -H 'Authorization: Bearer autorization_bearer_value' -d '{"acct_id": "your_Fortanix_DSM_account_id"}'

3. Then, you need to request the issuance of  the key attestation for the private key you wish by specifying its UUID:

curl https://fortanix_dsm_fqdn/crypto/v1/keys/key_attestation -H 'Authorization: Bearer autorization_bearer_value' -d '{"key": {"kid":"your_key's_uuid"}}' > fortanix_attestation.dat

Now, the complete attestation generated by Fortanix DSM is saved to the .dat file specified in the last command.

Key Attestation with Fortanix SDKMS-CLI Python Tool 

To conduct key attestation using the sdkms-cli Python tool, the following commands are applicable:

Using Key UUID:

./sdkms-cli key-attestation --kid <key_id>

Using Key Name:

./sdkms-cli key-attestation --name S

Submitting the Attestation to SSL.com 

Once the attestation has been performed using Fortanix DSM, the following will then be submitted to SSL.com. 

1. Attestation bundle: The purpose of the attestation bundle is to provide the CA with comprehensive information and evidence to ensure that the cryptographic keys used for signing are secure and trustworthy. 
2. Key UUID: the unique identifier associated with the specific cryptographic key used in the attestation process. 

After submission of the attestation requirements, the process will proceed to verification. The SSL.com agent assigned to the client will provide updates up until the code signing certificate is ready for issuance.

Cloud HSM Service Request Form

If you would like to order digital certificates for installation on Fortanix, please fill out and submit the form below. After we receive your request, a member of SSL.com’s staff will contact you with more details about the ordering and attestation process.