Security

Creating Keys for Encryption

All data sent from the application may be encrypted if the useFileEncryption is set in the ApplicationDefinition.js file. Example: "useFileEncryption":"true"

All serialized objects that extend the Encryptable interface in Zcore check the value for useFileEncryption. If true, data files will be encrypted using a shared key algorithm - AES 256 bit encryption on the files and RSA 2048 bit private key to encrypt the randomly-generated AES key.

Option: SSL for transport. Using a self-signed certificate on the server, which is stored in the JRE.

Public/private keys are located in projectName/scripts. They are generated by the following commands:

To use the code, you need corresponding public and private RSA keys.

RSA keys can be generated using the open source tool OpenSSL. However, you have to be careful to generate them in the format required by the Java encryption libraries. To generate a private key of length 2048 bits:

openssl genrsa -out private.pem 2048

To get it into the required (PKCS#8, DER) format:

openssl pkcs8 -topk8 -in private.pem -outform DER -out private.der -nocrypt

To generate a public key from the private key:

openssl rsa -in private.pem -pubout -outform DER -out public.der

Use the unit test FileEncryptionTest.makeKey_shouldReturnAKey() to generate the aes.key.

Required Files

The Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files are required to use the unlimited encryption used by AES 256. The are available on the Oracle downloads site for JRE in the "Additional Resources" section. Install the files in the jre\lib\security directory, overwriting the local_policy.jar and US_export_policy.jar. Zcore distributions usually come with these libraries pre-installed; however, the JDK used for development may not include them. If you get an error with the text "Illegal key size or default paramenters," chances are that the unlimited encryption libraries are not installed.

Useful links:

http://www-users.york.ac.uk/~mal503/lore/pkencryption.htm - Much of the code in Zcore relies on the techniques described in this tutorial

http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html - Background information on Cryptography

http://download.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#ExemptApps - Java Cryptography Architecture (JCA) Reference Guide, section about cryptographic restrictions

http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html - Using AES with Java Technology - Background on AES and Strong Versus Unlimited Strength Cryptography.

Patient Sync (no longer in-use)

The patient XML files and main RSS feed are served from /archive, which is protected by Basic Authentication. The username/password for the authenticated user is Base64 Encoded before being passed to the server.The file conf/tomcat-users.xml needs to have the following line:

  <user username="zepadmin" password="thepassword" roles="admin,manager,CREATE_VIEW_MODIFY_INDIVIDUAL_PATIENT_RECORDS"/>

That line corresponds to the security constraint in web.xml:

<security-constraint>
        <web-resource-collection>
            <web-resource-name>fileHandler</web-resource-name>
            <url-pattern>*.xml</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>CREATE_VIEW_MODIFY_INDIVIDUAL_PATIENT_RECORDS</role-name>
        </auth-constraint>
    </security-constraint>