Upgrade to Pro — share decks privately, control downloads, hide ads and more …

HTTPSの基本から
NetworkSecurityConfigまで

 HTTPSの基本から
NetworkSecurityConfigまで

8bfc23275624b994b70e0e94caf8c9cd?s=128

Amane Nikaido

February 09, 2018
Tweet

Transcript

  1. %SPJE,BJHJ )5514ͷجຊ͔Β
 /FUXPSL4FDVSJUZ$POpH·Ͱ ೋ֊ಊ ว (Amane Nikaido) @a2kaido

  2. ࣗݾ঺հ • ௨৴͕޷͖Ͱ͢ • conbu͞Μͷ͓ख఻͍Λ
 ͠·ͨ͠

  3. ຊηογϣϯͷத਎ • HTTPS௨৴ͷ໾ׂͱ࢓૊Έ • NetworkSecurityConfigʹ͍ͭͯ • NΑΓલͷPinning Certificates • Pinning

    Certificatesͷӡ༻
  4. എܠ • ެऺແઢLANʹ઀ଓ͢Δػձͷ૿Ճ • ௨৴಺༰ͷ౪ௌ΍վ᜵ͷՄೳੑ͕͋Δ

  5. 2014೥ SSLূ໌ॻݕূͷ஫ҙשى

  6. 2016೥ HTTPSͷεεϝ • Protecting against unintentional regressions to cleartext traffic

    in your Android apps
 https://android-developers.googleblog.com/2016/04/protecting-against-unintentional.html • Mythbusting HTTPS: Squashing security’s urban legends - Google I/O 2016
 https://www.youtube.com/watch?v=YMfW1bfyGSY
  7. 2017೥ Android Developers Blog • 2018/11·ͰʹTarget API levelΛ26Ҏ্ʹ
 ͠·͠ΐ͏ •

    Android N͔ΒϢʔβʔ͕Πϯετʔϧ
 ͨ͠ϧʔτূ໌ॻΛ৴པ͠ͳ͍Α͏ʹ https://android-developers.googleblog.com/2017/12/improving-app-security-and- performance.html
  8. https://goo.gl/n4Aahh

  9. Androidͷ
 Ξοϓσʔτ

  10. Android M • usesCleartextTraffic • ฏจͰͷ௨৴Λېࢭ͢Δઃఆ <application 
 …
 android:usesCleartextTraffic=“false”>


    …
 </application>
  11. Android N • Ϣʔβ͕Πϯετʔϧͨ͠ϧʔτূ໌ॻ
 Λ৴པ͠ͳ͍ • NetworkSecurityConfig • ฏจͰͷ௨৴ͷ཈ࢭ •

    CAͷΞϯΧʔ • Pinning Certificates(ϐϯཹΊ)
  12. ͦ΋ͦ΋HTTPSͱ͸

  13. ҉߸Խ௨৴ͷࡾཁૉ • ػີੑ • ϝοηʔδ׬શੑ • ΤϯυϙΠϯτਅਖ਼ੑ

  14. ҉߸Խ௨৴ͷࡾཁૉ • ػີੑ • ϝοηʔδ׬શੑ • ΤϯυϙΠϯτਅਖ਼ੑ ҉߸Խ͞Ε͍ͯͯ
 ౪ௌ͞Εͳ͍͜ͱ

  15. ҉߸Խ௨৴ͷࡾཁૉ • ػີੑ • ϝοηʔδ׬શੑ • ΤϯυϙΠϯτਅਖ਼ੑ վ͟Μ͕ͳ͘
 ׬શͰ͋Δ͜ͱ

  16. ҉߸Խ௨৴ͷࡾཁૉ • ػີੑ • ϝοηʔδ׬શੑ • ΤϯυϙΠϯτਅਖ਼ੑ ਖ਼͍͠௨৴ઌͱ
 ௨৴͍ͯ͠Δ͜ͱ

  17. ҉߸Խ௨৴ͷࡾཁૉ • ػີੑ • ϝοηʔδ׬શੑ • ΤϯυϙΠϯτਅਖ਼ੑ HTTPSͰ҆શੑ͕୲อ͞Ε͍ͯΔ͸ͣͰ͸ʁ

  18. HTTPS௨৴Λ͢ΔͨΊͷ
 ূ໌ॻͷ࿩

  19. Client Server

  20. Client Server ΄Μͱʹਖ਼͍͠௨৴૬खͳͷ͔ͳʁ

  21. Client Server ΄Μͱʹਖ਼͍͠௨৴૬खͳͷ͔ͳʁ Certification Authority(ೝূہ)

  22. Client Server Certification Authority(ೝূہ) ϧʔτূ໌ॻ

  23. Client Server Certification Authority(ೝূہ) ϧʔτূ໌ॻ ॺ໊෇͖
 SSLূ໌ॻൃߦ

  24. Client Server Certification Authority(ೝূہ) ϧʔτূ໌ॻ ॺ໊෇͖
 SSLূ໌ॻൃߦ SSLূ໌ॻ

  25. Client Server Certification Authority(ೝূہ) ϧʔτূ໌ॻ ॺ໊෇͖
 SSLূ໌ॻൃߦ SSLূ໌ॻ CAͷॺ໊͕͋Δ͔Β
 ؒҧ͍ͳ͍

  26. HTTPS௨৴ͷ
 ϋϯυγΣΠΫ

  27. HTTPS௨৴ͷྲྀΕ 1/4 ClientHello Client Server

  28. HTTPS௨৴ͷྲྀΕ 2/4 ClientHello Client Server ServerHello Certificate

  29. HTTPS௨৴ͷྲྀΕ 2/4 ClientHello Client Server ServerHello Certificate ূ໌ॻΛνΣοΫ
 ৴པ͢ΔCAͷॺ໊͕͋Δ͔

  30. HTTPS௨৴ͷྲྀΕ 3/4 ClientHello Client Server ServerHello Certificate Finish Finish

  31. HTTPS௨৴ͷྲྀΕ 4/4 ClientHello Client Server ServerHello Certificate Finish Finish HTTPS

  32. தؒऀ߈ܸ Client Server

  33. தؒऀ߈ܸ ClientHello Client Server ClientHello ਖ਼͍͠ূ໌ॻ

  34. தؒऀ߈ܸ ClientHello Client Server ClientHello ਖ਼͍͠ূ໌ॻ ূ໌ॻΛࠩ͠ସ͑

  35. தؒऀ߈ܸ ClientHello Client Server ClientHello ਖ਼͍͠ূ໌ॻ ِ෺ͷূ໌ॻ

  36. தؒऀ߈ܸ ClientHello Client Server ClientHello ਖ਼͍͠ূ໌ॻ ِ෺ͷূ໌ॻ Finish Finish Finish

    Finish HTTPS HTTPS
  37. தؒऀ߈ܸ ClientHello Client Server ClientHello ਖ਼͍͠ূ໌ॻ ِ෺ͷূ໌ॻ Finish Finish Finish

    Finish HTTPS HTTPS ͜͜Ͱূ໌ॻͷݕূΛ
 ͍ͯ͠ΔͷͰ͸ʁ
  38. ِ෺ͷূ໌ॻΛ৴པʁ • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ
 (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ) Մೳੑ • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ
 औಘͨ͠Մೳੑ

  39. ِ෺ͷূ໌ॻΛ৴པʁ • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ
 (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ) Մೳੑ • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ
 औಘͨ͠Մೳੑ ৴པ͢ΔCAΛ੍ݶ͢Ε͹๷͛Δ

  40. ِ෺ͷূ໌ॻΛ৴པʁ • ߈ܸऀΛCAͱͯ͠৴པ͍ͯ͠Δ
 (ϧʔτূ໌ॻΛΠϯετʔϧ͍ͯ͠Δ) Մೳੑ • ߈ܸऀ͕CA͔Βॺ໊෇͖ূ໌ॻΛ
 औಘͨ͠Մೳੑ αʔό͕ฦ٫͢Δਖ਼͍͠ূ໌ॻΛ
 ͋Β͔͡Ί஌͍ͬͯΕ͹๷͛Δ

  41. Android N • Ϣʔβ͕Πϯετʔϧͨ͠ϧʔτূ໌ॻ
 Λ৴པ͠ͳ͍ • NetworkSecurityConfig • ฏจͰͷ௨৴ͷ཈ࢭ •

    CAͷΞϯΧʔ • Pinning Certificates(ϐϯཹΊ)
  42. NetworkSecurityConfig
 (Android NҎ߱)

  43. NetworkSecurityConfig • ฏจͰͷ௨৴ͷ཈ࢭ • CAͷΞϯΧʔ • Pinning Certificates(ϐϯཹΊ)

  44. ઃఆํ๏ • res/xml/network_security_config.xml • ઃఆ಺༰Λهड़ • AndroidManifest.xml <application 
 …


    android:networkSecurityConfig="@xml/network_security_config">
 …
 </application>
  45. ฏจͰͷ௨৴ͷ཈ࢭ <network-security-config> <domain-config cleartextTrafficPermitted="false"> <domain includeSubdomains="true">secure.example.com</domain> </domain-config> </network-security-config>

  46. CAͷΞϯΧʔ <network-security-config> <domain-config> <domain includeSubdomains="true">secure.example.com</domain> <domain includeSubdomains="true">cdn.example.com</domain> <trust-anchors> <certificates src="@raw/trusted_roots"/>

    </trust-anchors> </domain-config> </network-security-config>
  47. Pinning Certificates (ϐϯཹΊ) <network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set expiration="2018-01-01"> <pin

    digest=“SHA-256”>{ hash value }</pin> <!-- backup pin --> <pin digest=“SHA-256”>{ hash value }</pin> </pin-set> </domain-config> </network-security-config>
  48. Pinning Certificates <network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set expiration="2018-01-01"> <pin digest=“SHA-256”>{

    hash value }</pin> <!-- backup pin --> <pin digest=“SHA-256”>{ hash value }</pin> </pin-set> </domain-config> </network-security-config> PinningͷظݶΛઃఆՄೳ
 ୺຤ͷγεςϜ࣌ؒͱͷൺֱ
  49. Pinning Certificates <network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set expiration="2018-01-01"> <pin digest=“SHA-256”>{

    hash value }</pin> <!-- backup pin --> <pin digest=“SHA-256”>{ hash value }</pin> </pin-set> </domain-config> </network-security-config> αʔόʔͷSSLূ໌ॻͷϋογϡ஋Λઃఆ
  50. Pinning Certificates <network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set expiration="2018-01-01"> <pin digest=“SHA-256”>{

    hash value }</pin> <!-- backup pin --> <pin digest=“SHA-256”>{ hash value }</pin> </pin-set> </domain-config> </network-security-config> base64 encoded digest of
 X.509 SubjectPublicKeyInfo (SPKI)
  51. digestͷ࡞Γํ (खݩͷূ໌ॻͰ) ιʔε: https://github.com/datatheorem/TrustKit/blob/master/ get_pin_from_certificate.py $ python get_pin_from_certificate.py ca.pem

  52. digestͷ࡞Γํ (αʔόʔ͔Β) $ openssl s_client \ -connect <hostname>:<port> \ |

    openssl x509 -pubkey -noout \ | openssl rsa -pubin -outform der \ | openssl dgst -sha256 -binary \ | openssl enc -base64
  53. NetworkSecurityConfig ͷιʔείʔυ΁ͷ༠͍

  54. ؾ࣋ͪ • ͳʹ͔͋ͬͨ࣌ʹௐࠪ͠΍͍͢ • ؾʹͳΔڍಈΛ֬ೝͰ͖ΔΑ͏ʹͳΔ

  55. ؔ࿈Ϋϥε • ManifestConfigSourceΫϥε • ઃఆͷಡΈࠐΈ • XmlConfigSourceΫϥε • network_security_config.xmlΛύʔε

  56. ؔ࿈Ϋϥε • NetworkSecurityConfigΫϥε • XmlConfigSourceͰΠϯελϯεԽ͞ΕΔ • NetworkSecurityTrustManagerΫϥε • ূ໌ॻνΣοΫͱPinningνΣοΫΛ࣮ࢪ •

    ূ໌ॻνΣοΫ࣮ॲཧ͸delegateͷ TrustManagerImplʹ೚ͤΔ
  57. ؔ࿈Ϋϥε • TrustManagerImplΫϥε • ূ໌ॻνΣοΫͷ࣮૷ • https://github.com/google/conscrypt/blob/master/platform/ src/main/java/org/conscrypt/TrustManagerImpl.java • ߹ΘͤͯಡΉͱྑ͍


    https://developer.android.com/training/ articles/security-ssl.html
  58. Pinning Certificates <network-security-config> <domain-config> <domain includeSubdomains="true">example.com</domain> <pin-set expiration="2018-01-01"> <pin digest=“SHA-256”>{

    hash value }</pin> <!-- backup pin --> <pin digest=“SHA-256”>{ hash value }</pin> </pin-set> </domain-config> </network-security-config> PinningͷظݶΛઃఆՄೳ
 ୺຤ͷγεςϜ࣌ؒͱͷൺֱ 
 ࠶ ׃ 

  59. NetworkSecurityTrustManager private void checkPins(List<X509Certificate> chain) throws CertificateException { PinSet pinSet

    = mNetworkSecurityConfig.getPins(); if (pinSet.pins.isEmpty() || System.currentTimeMillis() > pinSet.expirationTime || !isPinningEnforced(chain)) { return; } … } PinningͷظݶΛઃఆՄೳ
 ୺຤ͷγεςϜ࣌ؒͱͷൺֱ
  60. ஫ҙ • ʮશͯཧղͨ͠ʯͱ͍ͬͯࣗ෼Ͱ
 ࣮૷͠ͳ͍͜ͱ

  61. Android NΑΓલͰ΋
 Pinning Certificates͢Δ

  62. Pinning Certificates (ϐϯཹΊ) ɹ TrustKit-AndroidΛར༻ ɹ OkHttpClientͷcertificatePinnerΛར༻

  63. Pinning Certificates (ϐϯཹΊ) → TrustKit-AndroidΛར༻ ɹ OkHttpClientͷcertificatePinnerΛར༻

  64. TrustKit-AndroidΛར༻ • API 15+ • MIT License • NetworkSecurityConfigͷઃఆΛ
 ಡΈࠐΜͰূ໌ॻͷݕূΛ͢Δ

  65. TrustKit-AndroidΛར༻ TrustKit.initializeWithNetworkSecurityConfiguration(this); URL url = new URL("https://www.datatheorem.com"); String serverHostname =

    url.getHost(); // HttpsUrlConnection HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname) ); // OkHttp 3.3.x and higher OkHttpClient client = new OkHttpClient().newBuilder() .sslSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname), TrustKit.getInstance().getTrustManager(serverHostname) ) .build(); }
  66. TrustKit-AndroidΛར༻ TrustKit.initializeWithNetworkSecurityConfiguration(this); URL url = new URL("https://www.datatheorem.com"); String serverHostname =

    url.getHost(); // HttpsUrlConnection HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname) ); // OkHttp 3.3.x and higher OkHttpClient client = new OkHttpClient().newBuilder() .sslSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname), TrustKit.getInstance().getTrustManager(serverHostname) ) .build(); }
  67. TrustKit-AndroidΛར༻ TrustKit.initializeWithNetworkSecurityConfiguration(this); URL url = new URL("https://www.datatheorem.com"); String serverHostname =

    url.getHost(); // HttpsUrlConnection HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname) ); // OkHttp 3.3.x and higher OkHttpClient client = new OkHttpClient().newBuilder() .sslSocketFactory( TrustKit.getInstance().getSSLSocketFactory(serverHostname), TrustKit.getInstance().getTrustManager(serverHostname) ) .build(); }
  68. Pinning Certificates ɹ TrustKit-AndroidΛར༻ → OkHttpClientͷcertificatePinnerΛར༻

  69. OkHttpClientͷcertificatePinnerΛར༻ public void run() throws Exception { OkHttpClient client =

    new OkHttpClient.Builder() .certificatePinner(new CertificatePinner.Builder() .add("publicobject.com", “sha256/{ hash value }”) .build()) .build(); Request request = new Request.Builder() .url("https://publicobject.com/robots.txt") .build(); Response response = client.newCall(request).execute(); }
  70. OkHttpClientͷcertificatePinnerΛར༻ public void run() throws Exception { OkHttpClient client =

    new OkHttpClient.Builder() .certificatePinner(new CertificatePinner.Builder() .add("publicobject.com", “sha256/{ hash value }”) .build()) .build(); Request request = new Request.Builder() .url("https://publicobject.com/robots.txt") .build(); Response response = client.newCall(request).execute(); } PinningͷظݶΛઃఆ͸ෆՄ
  71. Pinning Certificatesͷ
 ӡ༻

  72. ӡ༻࣌ͷϙΠϯτ • αʔόʔαΠυͱͷௐ੔ • SSLূ໌ॻΛม͑ΒΕΔͱ௨৴Ͱ͖ͳ͘ͳΔ • SSLূ໌ॻߋ৽࣌ͷϧʔϧ੍ఆ • Pinning CerficatesͷexpireઃఆͳͲ

  73. ཧ૝తͳӡ༻ Server ূ໌ॻAظݶ ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠ Client

  74. ཧ૝తͳӡ༻ Server ূ໌ॻAظݶ Client ূ໌ॻBൃߦ ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠

  75. ཧ૝తͳӡ༻ Server ূ໌ॻAظݶ Client ূ໌ॻBൃߦ ূ໌ॻA + BϐϯཹΊͷΞϓϦϦϦʔε
 ڧ੍Ξοϓσʔτ ূ໌ॻAϐϯཹΊ

    + expireઃఆͳ͠
  76. ཧ૝తͳӡ༻ Server ূ໌ॻAظݶ Client ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑ ূ໌ॻA + BϐϯཹΊͷΞϓϦϦϦʔε
 ڧ੍Ξοϓσʔτ

    ূ໌ॻAϐϯཹΊ + expireઃఆͳ͠
  77. ཧ૝తͳӡ༻ͷؾ࣋ͪ • ৗʹPinning Certificates͕༗ޮ • ূ໌ॻͷೖΕସ͑ͷλΠϛϯάͰ΋༗ޮ • expireͷઃఆΛ͍Ε͍ͯͳ͍ͷͰ
 γεςϜ͕࣌ؒͣΕ͍ͯͯ΋༗ޮ

  78. ཧ૝తͳӡ༻ͷؾ࣋ͪ • ৗʹPinning Certificates͕༗ޮ • ূ໌ॻͷೖΕସ͑ͷλΠϛϯάͰ΋༗ޮ • expireͷઃఆΛ͍Ε͍ͯͳ͍ͷͰ
 γεςϜ͕࣌ؒͣΕ͍ͯͯ΋༗ޮ ⚠

    ΞϓϦͷߋ৽Λ๨ΕΔͱ௨৴Ͱ͖ͳ͘ͳΔ
 ⚠ ڧ੍Ξοϓσʔτ͕ඞཁ
  79. expireઃఆʹΑΔଥڠҊ Server ূ໌ॻAظݶ Client ূ໌ॻAϐϯཹΊظݶ

  80. expireઃఆʹΑΔଥڠҊ Server ূ໌ॻAظݶ Client ূ໌ॻAϐϯཹΊظݶ ূ໌ॻBൃߦ

  81. expireઃఆʹΑΔଥڠҊ Server ূ໌ॻAظݶ Client ূ໌ॻAϐϯཹΊظݶ ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑

  82. expireઃఆʹΑΔଥڠҊ Server ূ໌ॻAظݶ Client ূ໌ॻAϐϯཹΊظݶ ূ໌ॻBൃߦ ূ໌ॻBʹ੾Γସ͑ ূ໌ॻBϐϯཹΊ൛ϦϦʔε

  83. ଥڠҊͷؾ࣋ͪ • ΞϓϦͷߋ৽Λ๨Εͯ΋௨৴Ͱ͖Δ • ڧ੍Ξοϓσʔτ͕ඞཁͳ͍ • ূ໌ॻ੾Γସ͑࣌ʹPinning͕ޮ͔ͳ͍ ࣌ظ͕͋Δ

  84. ·ͱΊ

  85. ·ͱΊ • HTTP͸΍Ί·͠ΐ͏ • NetworkSecurityConfigʹΑͬͯɺѱҙ ͷ͋Δ߈ܸऀ͔ΒϢʔβʔΛकΔઃఆ͕ ؆୯ʹͰ͖ΔΑ͏ʹͳΓ·ͨ͠ • ӡ༻࣌͸ؾΛ͚ͭ·͠ΐ͏

  86. ͝੩ௌ͋Γ͕ͱ͏
 ͍͟͝·ͨ͠

  87. Appendix • GMailͷϝοηʔδݟΒΕͨ࿩
 https://www.computerworld.com/article/2510951/cybercrime-hacking/ hackers-spied-on-300-000-iranians-using-fake-google-certificate.html • ෆਖ਼ͳূ໌ॻ͕ൃߦ͞Εͨ࿩
 http://www.atmarkit.co.jp/news/201109/08/diginotar.html