$30 off During Our Annual Pro Sale. View Details »

HTTPSの基本から
NetworkSecurityConfigまで

Amane Nikaido
February 09, 2018

 HTTPSの基本から
NetworkSecurityConfigまで

Amane Nikaido

February 09, 2018
Tweet

More Decks by Amane Nikaido

Other Decks in Technology

Transcript

  1. %SPJE,BJHJ
    )5514ͷجຊ͔Β

    /FUXPSL4FDVSJUZ$POpH·Ͱ
    ೋ֊ಊ ว (Amane Nikaido)
    @a2kaido

    View Slide

  2. ࣗݾ঺հ
    • ௨৴͕޷͖Ͱ͢

    • conbu͞Μͷ͓ख఻͍Λ

    ͠·ͨ͠

    View Slide

  3. ຊηογϣϯͷத਎
    • HTTPS௨৴ͷ໾ׂͱ࢓૊Έ

    • NetworkSecurityConfigʹ͍ͭͯ

    • NΑΓલͷPinning Certificates

    • Pinning Certificatesͷӡ༻

    View Slide

  4. എܠ
    • ެऺແઢLANʹ઀ଓ͢Δػձͷ૿Ճ

    • ௨৴಺༰ͷ౪ௌ΍վ᜵ͷՄೳੑ͕͋Δ

    View Slide

  5. 2014೥ SSLূ໌ॻݕূͷ஫ҙשى

    View Slide

  6. 2016೥ HTTPSͷεεϝ
    • Protecting against unintentional
    regressions to cleartext traffic in your
    Android apps

    https://android-developers.googleblog.com/2016/04/protecting-against-unintentional.html


    • Mythbusting HTTPS: Squashing
    security’s urban legends - Google I/O
    2016

    https://www.youtube.com/watch?v=YMfW1bfyGSY

    View Slide

  7. 2017೥ Android Developers Blog
    • 2018/11·ͰʹTarget API levelΛ26Ҏ্ʹ

    ͠·͠ΐ͏

    • Android N͔ΒϢʔβʔ͕Πϯετʔϧ

    ͨ͠ϧʔτূ໌ॻΛ৴པ͠ͳ͍Α͏ʹ
    https://android-developers.googleblog.com/2017/12/improving-app-security-and-
    performance.html

    View Slide

  8. https://goo.gl/n4Aahh

    View Slide

  9. Androidͷ

    Ξοϓσʔτ

    View Slide

  10. Android M
    • usesCleartextTraffic

    • ฏจͰͷ௨৴Λېࢭ͢Δઃఆ
    …

    android:usesCleartextTraffic=“false”>

    …


    View Slide

  11. Android N
    • Ϣʔβ͕Πϯετʔϧͨ͠ϧʔτূ໌ॻ

    Λ৴པ͠ͳ͍

    • NetworkSecurityConfig

    • ฏจͰͷ௨৴ͷ཈ࢭ

    • CAͷΞϯΧʔ

    • Pinning Certificates(ϐϯཹΊ)

    View Slide

  12. ͦ΋ͦ΋HTTPSͱ͸

    View Slide

  13. ҉߸Խ௨৴ͷࡾཁૉ
    • ػີੑ

    • ϝοηʔδ׬શੑ

    • ΤϯυϙΠϯτਅਖ਼ੑ

    View Slide

  14. ҉߸Խ௨৴ͷࡾཁૉ
    • ػີੑ

    • ϝοηʔδ׬શੑ

    • ΤϯυϙΠϯτਅਖ਼ੑ
    ҉߸Խ͞Ε͍ͯͯ

    ౪ௌ͞Εͳ͍͜ͱ

    View Slide

  15. ҉߸Խ௨৴ͷࡾཁૉ
    • ػີੑ

    • ϝοηʔδ׬શੑ

    • ΤϯυϙΠϯτਅਖ਼ੑ
    վ͟Μ͕ͳ͘

    ׬શͰ͋Δ͜ͱ

    View Slide

  16. ҉߸Խ௨৴ͷࡾཁૉ
    • ػີੑ

    • ϝοηʔδ׬શੑ

    • ΤϯυϙΠϯτਅਖ਼ੑ
    ਖ਼͍͠௨৴ઌͱ

    ௨৴͍ͯ͠Δ͜ͱ

    View Slide

  17. ҉߸Խ௨৴ͷࡾཁૉ
    • ػີੑ

    • ϝοηʔδ׬શੑ

    • ΤϯυϙΠϯτਅਖ਼ੑ
    HTTPSͰ҆શੑ͕୲อ͞Ε͍ͯΔ͸ͣͰ͸ʁ

    View Slide

  18. HTTPS௨৴Λ͢ΔͨΊͷ

    ূ໌ॻͷ࿩

    View Slide

  19. Client Server

    View Slide

  20. Client Server
    ΄Μͱʹਖ਼͍͠௨৴૬खͳͷ͔ͳʁ

    View Slide

  21. Client Server
    ΄Μͱʹਖ਼͍͠௨৴૬खͳͷ͔ͳʁ
    Certification Authority(ೝূہ)

    View Slide

  22. Client Server
    Certification Authority(ೝূہ)
    ϧʔτূ໌ॻ

    View Slide

  23. Client Server
    Certification Authority(ೝূہ)
    ϧʔτূ໌ॻ
    ॺ໊෇͖

    SSLূ໌ॻൃߦ

    View Slide

  24. Client Server
    Certification Authority(ೝূہ)
    ϧʔτূ໌ॻ
    ॺ໊෇͖

    SSLূ໌ॻൃߦ
    SSLূ໌ॻ

    View Slide

  25. Client Server
    Certification Authority(ೝূہ)
    ϧʔτূ໌ॻ
    ॺ໊෇͖

    SSLূ໌ॻൃߦ
    SSLূ໌ॻ
    CAͷॺ໊͕͋Δ͔Β

    ؒҧ͍ͳ͍

    View Slide

  26. HTTPS௨৴ͷ

    ϋϯυγΣΠΫ

    View Slide

  27. HTTPS௨৴ͷྲྀΕ 1/4
    ClientHello
    Client Server

    View Slide

  28. HTTPS௨৴ͷྲྀΕ 2/4
    ClientHello
    Client Server
    ServerHello
    Certificate

    View Slide

  29. HTTPS௨৴ͷྲྀΕ 2/4
    ClientHello
    Client Server
    ServerHello
    Certificate
    ূ໌ॻΛνΣοΫ

    ৴པ͢ΔCAͷॺ໊͕͋Δ͔

    View Slide

  30. HTTPS௨৴ͷྲྀΕ 3/4
    ClientHello
    Client Server
    ServerHello
    Certificate
    Finish
    Finish

    View Slide

  31. HTTPS௨৴ͷྲྀΕ 4/4
    ClientHello
    Client Server
    ServerHello
    Certificate
    Finish
    Finish
    HTTPS

    View Slide

  32. தؒऀ߈ܸ
    Client Server

    View Slide

  33. தؒऀ߈ܸ
    ClientHello
    Client Server
    ClientHello
    ਖ਼͍͠ূ໌ॻ

    View Slide

  34. தؒऀ߈ܸ
    ClientHello
    Client Server
    ClientHello
    ਖ਼͍͠ূ໌ॻ
    ূ໌ॻΛࠩ͠ସ͑

    View Slide

  35. தؒऀ߈ܸ
    ClientHello
    Client Server
    ClientHello
    ਖ਼͍͠ূ໌ॻ
    ِ෺ͷূ໌ॻ

    View Slide

  36. தؒऀ߈ܸ
    ClientHello
    Client Server
    ClientHello
    ਖ਼͍͠ূ໌ॻ
    ِ෺ͷূ໌ॻ
    Finish Finish
    Finish
    Finish
    HTTPS HTTPS

    View Slide

  37. தؒऀ߈ܸ
    ClientHello
    Client Server
    ClientHello
    ਖ਼͍͠ূ໌ॻ
    ِ෺ͷূ໌ॻ
    Finish Finish
    Finish
    Finish
    HTTPS HTTPS
    ͜͜Ͱূ໌ॻͷݕূΛ

    ͍ͯ͠ΔͷͰ͸ʁ

    View Slide

  38. ِ෺ͷূ໌ॻΛ৴པʁ
    • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ

    (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ)
    Մೳੑ

    • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ

    औಘͨ͠Մೳੑ

    View Slide

  39. ِ෺ͷূ໌ॻΛ৴པʁ
    • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ

    (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ)
    Մೳੑ

    • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ

    औಘͨ͠Մೳੑ
    ৴པ͢ΔCAΛ੍ݶ͢Ε͹๷͛Δ

    View Slide

  40. ِ෺ͷূ໌ॻΛ৴པʁ
    • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ

    (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ)
    Մೳੑ

    • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ

    औಘͨ͠Մೳੑ
    αʔό͕ฦ٫͢Δਖ਼͍͠ূ໌ॻΛ

    ͋Β͔͡Ί஌͍ͬͯΕ͹๷͛Δ

    View Slide

  41. Android N
    • Ϣʔβ͕Πϯετʔϧͨ͠ϧʔτূ໌ॻ

    Λ৴པ͠ͳ͍

    • NetworkSecurityConfig

    • ฏจͰͷ௨৴ͷ཈ࢭ

    • CAͷΞϯΧʔ

    • Pinning Certificates(ϐϯཹΊ)

    View Slide

  42. NetworkSecurityConfig

    (Android NҎ߱)

    View Slide

  43. NetworkSecurityConfig
    • ฏจͰͷ௨৴ͷ཈ࢭ

    • CAͷΞϯΧʔ

    • Pinning Certificates(ϐϯཹΊ)

    View Slide

  44. ઃఆํ๏
    • res/xml/network_security_config.xml

    • ઃఆ಺༰Λهड़

    • AndroidManifest.xml
    …

    android:networkSecurityConfig="@xml/network_security_config">

    …


    View Slide

  45. ฏจͰͷ௨৴ͷ཈ࢭ


    secure.example.com


    View Slide

  46. CAͷΞϯΧʔ


    secure.example.com
    cdn.example.com





    View Slide

  47. Pinning Certificates (ϐϯཹΊ)


    example.com

    { hash value }

    { hash value }



    View Slide

  48. Pinning Certificates


    example.com

    { hash value }

    { hash value }



    PinningͷظݶΛઃఆՄೳ

    ୺຤ͷγεςϜ࣌ؒͱͷൺֱ

    View Slide

  49. Pinning Certificates


    example.com

    { hash value }

    { hash value }



    αʔόʔͷSSLূ໌ॻͷϋογϡ஋Λઃఆ

    View Slide

  50. Pinning Certificates


    example.com

    { hash value }

    { hash value }



    base64 encoded digest of

    X.509 SubjectPublicKeyInfo (SPKI)

    View Slide

  51. digestͷ࡞Γํ (खݩͷূ໌ॻͰ)
    ιʔε:
    https://github.com/datatheorem/TrustKit/blob/master/
    get_pin_from_certificate.py
    $ python get_pin_from_certificate.py ca.pem

    View Slide

  52. digestͷ࡞Γํ (αʔόʔ͔Β)
    $ openssl s_client \
    -connect : \
    | openssl x509 -pubkey -noout \
    | openssl rsa -pubin -outform der \
    | openssl dgst -sha256 -binary \
    | openssl enc -base64

    View Slide

  53. NetworkSecurityConfig
    ͷιʔείʔυ΁ͷ༠͍

    View Slide

  54. ؾ࣋ͪ
    • ͳʹ͔͋ͬͨ࣌ʹௐࠪ͠΍͍͢

    • ؾʹͳΔڍಈΛ֬ೝͰ͖ΔΑ͏ʹͳΔ

    View Slide

  55. ؔ࿈Ϋϥε
    • ManifestConfigSourceΫϥε

    • ઃఆͷಡΈࠐΈ

    • XmlConfigSourceΫϥε

    • network_security_config.xmlΛύʔε

    View Slide

  56. ؔ࿈Ϋϥε
    • NetworkSecurityConfigΫϥε

    • XmlConfigSourceͰΠϯελϯεԽ͞ΕΔ

    • NetworkSecurityTrustManagerΫϥε

    • ূ໌ॻνΣοΫͱPinningνΣοΫΛ࣮ࢪ

    • ূ໌ॻνΣοΫ࣮ॲཧ͸delegateͷ
    TrustManagerImplʹ೚ͤΔ

    View Slide

  57. ؔ࿈Ϋϥε
    • TrustManagerImplΫϥε

    • ূ໌ॻνΣοΫͷ࣮૷

    • https://github.com/google/conscrypt/blob/master/platform/
    src/main/java/org/conscrypt/TrustManagerImpl.java

    • ߹ΘͤͯಡΉͱྑ͍

    https://developer.android.com/training/
    articles/security-ssl.html

    View Slide

  58. Pinning Certificates


    example.com

    { hash value }

    { hash value }



    PinningͷظݶΛઃఆՄೳ

    ୺຤ͷγεςϜ࣌ؒͱͷൺֱ


    ׃

    View Slide

  59. NetworkSecurityTrustManager
    private void checkPins(List chain) throws CertificateException
    {
    PinSet pinSet = mNetworkSecurityConfig.getPins();
    if (pinSet.pins.isEmpty()
    || System.currentTimeMillis() > pinSet.expirationTime
    || !isPinningEnforced(chain)) {
    return;
    }

    }
    PinningͷظݶΛઃఆՄೳ

    ୺຤ͷγεςϜ࣌ؒͱͷൺֱ

    View Slide

  60. ஫ҙ
    • ʮશͯཧղͨ͠ʯͱ͍ͬͯࣗ෼Ͱ

    ࣮૷͠ͳ͍͜ͱ

    View Slide

  61. Android NΑΓલͰ΋

    Pinning Certificates͢Δ

    View Slide

  62. Pinning Certificates (ϐϯཹΊ)
    ɹ TrustKit-AndroidΛར༻

    ɹ OkHttpClientͷcertificatePinnerΛར༻

    View Slide

  63. Pinning Certificates (ϐϯཹΊ)
    → TrustKit-AndroidΛར༻

    ɹ OkHttpClientͷcertificatePinnerΛར༻

    View Slide

  64. TrustKit-AndroidΛར༻
    • API 15+

    • MIT License

    • NetworkSecurityConfigͷઃఆΛ

    ಡΈࠐΜͰূ໌ॻͷݕূΛ͢Δ

    View Slide

  65. TrustKit-AndroidΛར༻
    TrustKit.initializeWithNetworkSecurityConfiguration(this);
    URL url = new URL("https://www.datatheorem.com");
    String serverHostname = url.getHost();
    // HttpsUrlConnection
    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    connection.setSSLSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname)
    );
    // OkHttp 3.3.x and higher
    OkHttpClient client =
    new OkHttpClient().newBuilder()
    .sslSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname),
    TrustKit.getInstance().getTrustManager(serverHostname)
    )
    .build();
    }

    View Slide

  66. TrustKit-AndroidΛར༻
    TrustKit.initializeWithNetworkSecurityConfiguration(this);
    URL url = new URL("https://www.datatheorem.com");
    String serverHostname = url.getHost();
    // HttpsUrlConnection
    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    connection.setSSLSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname)
    );
    // OkHttp 3.3.x and higher
    OkHttpClient client =
    new OkHttpClient().newBuilder()
    .sslSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname),
    TrustKit.getInstance().getTrustManager(serverHostname)
    )
    .build();
    }

    View Slide

  67. TrustKit-AndroidΛར༻
    TrustKit.initializeWithNetworkSecurityConfiguration(this);
    URL url = new URL("https://www.datatheorem.com");
    String serverHostname = url.getHost();
    // HttpsUrlConnection
    HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
    connection.setSSLSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname)
    );
    // OkHttp 3.3.x and higher
    OkHttpClient client =
    new OkHttpClient().newBuilder()
    .sslSocketFactory(
    TrustKit.getInstance().getSSLSocketFactory(serverHostname),
    TrustKit.getInstance().getTrustManager(serverHostname)
    )
    .build();
    }

    View Slide

  68. Pinning Certificates
    ɹ TrustKit-AndroidΛར༻

    → OkHttpClientͷcertificatePinnerΛར༻

    View Slide

  69. OkHttpClientͷcertificatePinnerΛར༻
    public void run() throws Exception {
    OkHttpClient client = new OkHttpClient.Builder()
    .certificatePinner(new CertificatePinner.Builder()
    .add("publicobject.com", “sha256/{ hash value }”)
    .build())
    .build();
    Request request = new Request.Builder()
    .url("https://publicobject.com/robots.txt")
    .build();
    Response response = client.newCall(request).execute();
    }

    View Slide

  70. OkHttpClientͷcertificatePinnerΛར༻
    public void run() throws Exception {
    OkHttpClient client = new OkHttpClient.Builder()
    .certificatePinner(new CertificatePinner.Builder()
    .add("publicobject.com", “sha256/{ hash value }”)
    .build())
    .build();
    Request request = new Request.Builder()
    .url("https://publicobject.com/robots.txt")
    .build();
    Response response = client.newCall(request).execute();
    }
    PinningͷظݶΛઃఆ͸ෆՄ

    View Slide

  71. Pinning Certificatesͷ

    ӡ༻

    View Slide

  72. ӡ༻࣌ͷϙΠϯτ
    • αʔόʔαΠυͱͷௐ੔

    • SSLূ໌ॻΛม͑ΒΕΔͱ௨৴Ͱ͖ͳ͘ͳΔ

    • SSLূ໌ॻߋ৽࣌ͷϧʔϧ੍ఆ

    • Pinning CerficatesͷexpireઃఆͳͲ

    View Slide

  73. ཧ૝తͳӡ༻
    Server
    ূ໌ॻAظݶ
    ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠
    Client

    View Slide

  74. ཧ૝తͳӡ༻
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻBൃߦ
    ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠

    View Slide

  75. ཧ૝తͳӡ༻
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻBൃߦ
    ূ໌ॻA + BϐϯཹΊͷΞϓϦϦϦʔε

    ڧ੍Ξοϓσʔτ
    ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠

    View Slide

  76. ཧ૝తͳӡ༻
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑
    ূ໌ॻA + BϐϯཹΊͷΞϓϦϦϦʔε

    ڧ੍Ξοϓσʔτ
    ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠

    View Slide

  77. ཧ૝తͳӡ༻ͷؾ࣋ͪ
    • ৗʹPinning Certificates͕༗ޮ

    • ূ໌ॻͷೖΕସ͑ͷλΠϛϯάͰ΋༗ޮ

    • expireͷઃఆΛ͍Ε͍ͯͳ͍ͷͰ

    γεςϜ͕࣌ؒͣΕ͍ͯͯ΋༗ޮ

    View Slide

  78. ཧ૝తͳӡ༻ͷؾ࣋ͪ
    • ৗʹPinning Certificates͕༗ޮ

    • ূ໌ॻͷೖΕସ͑ͷλΠϛϯάͰ΋༗ޮ

    • expireͷઃఆΛ͍Ε͍ͯͳ͍ͷͰ

    γεςϜ͕࣌ؒͣΕ͍ͯͯ΋༗ޮ
    ⚠ ΞϓϦͷߋ৽Λ๨ΕΔͱ௨৴Ͱ͖ͳ͘ͳΔ

    ⚠ ڧ੍Ξοϓσʔτ͕ඞཁ

    View Slide

  79. expireઃఆʹΑΔଥڠҊ
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻAϐϯཹΊظݶ

    View Slide

  80. expireઃఆʹΑΔଥڠҊ
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻAϐϯཹΊظݶ
    ূ໌ॻBൃߦ

    View Slide

  81. expireઃఆʹΑΔଥڠҊ
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻAϐϯཹΊظݶ
    ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑

    View Slide

  82. expireઃఆʹΑΔଥڠҊ
    Server
    ূ໌ॻAظݶ
    Client
    ূ໌ॻAϐϯཹΊظݶ
    ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑
    ূ໌ॻBϐϯཹΊ൛ϦϦʔε

    View Slide

  83. ଥڠҊͷؾ࣋ͪ
    • ΞϓϦͷߋ৽Λ๨Εͯ΋௨৴Ͱ͖Δ

    • ڧ੍Ξοϓσʔτ͕ඞཁͳ͍

    • ূ໌ॻ੾Γସ͑࣌ʹPinning͕ޮ͔ͳ͍
    ࣌ظ͕͋Δ

    View Slide

  84. ·ͱΊ

    View Slide

  85. ·ͱΊ
    • HTTP͸΍Ί·͠ΐ͏

    • NetworkSecurityConfigʹΑͬͯɺѱҙ
    ͷ͋Δ߈ܸऀ͔ΒϢʔβʔΛकΔઃఆ͕
    ؆୯ʹͰ͖ΔΑ͏ʹͳΓ·ͨ͠

    • ӡ༻࣌͸ؾΛ͚ͭ·͠ΐ͏

    View Slide

  86. ͝੩ௌ͋Γ͕ͱ͏

    ͍͟͝·ͨ͠

    View Slide

  87. Appendix
    • GMailͷϝοηʔδݟΒΕͨ࿩

    https://www.computerworld.com/article/2510951/cybercrime-hacking/
    hackers-spied-on-300-000-iranians-using-fake-google-certificate.html

    • ෆਖ਼ͳূ໌ॻ͕ൃߦ͞Εͨ࿩

    http://www.atmarkit.co.jp/news/201109/08/diginotar.html

    View Slide