{"id":612,"date":"2015-07-29T12:06:55","date_gmt":"2015-07-29T10:06:55","guid":{"rendered":"http:\/\/blog.ansuz.nl\/?p=612"},"modified":"2015-07-29T12:06:55","modified_gmt":"2015-07-29T10:06:55","slug":"using-ssl-right-on-android","status":"publish","type":"post","link":"http:\/\/blog.ansuz.nl\/index.php\/2015\/07\/29\/using-ssl-right-on-android\/","title":{"rendered":"Using SSL right on Android"},"content":{"rendered":"

General information<\/strong>
\nThere is no out of the box solution from Google to use stronger encryption for the communication between your Android client and a server. <\/p>\n

Google provides some information on how to use SSL on the Android developer website titled “Security with HTTPS and SSL<\/a>“. This site contains two warnings you should not forget.<\/p>\n

    \n
  1. Do not use a TrustManager<\/a> that does nothing.<\/li>\n
  2. Replacing the HostnameVerifier<\/a> can be very dangerous.<\/li>\n<\/ol>\n

    A reason to use a TrustManager that does nothing could be for local or Alpha testing where you don’t have a valid SSL certificate on the server. Another could be to give QA the option to debug network traffic. If for some reason you do use a TrustManager that does nothing, make sure this implementation can never make it to a production version of the application. One way to do that is only include the empty TrustManager in one of the (testing) application flavors.<\/p>\n

    If you do want to use a custom HostnameVerifier, use composition to reuse the system’s default HostnameVerifier. This way you can add your own verification and still benefit from the default verification. You should apply the same when building your own TrustManager, that way your validation is never worse than the default system validation.<\/p>\n

    Pinning certificates<\/strong>
    \nOne way to make the encryption stronger is by using pinned certificates. This will help your application protect itself from fraudulently issued certificates. I will explore two ways of pinning a certificate. One is including the actual certificate, the other is to use SPKI or     Subject Public Key Info<\/a>.<\/p>\n

    Getting the server certificate<\/strong>
    \nBefore getting started with either method for pinning a certificate, you need to get hold of the server certificate. The easiest way to optain that would be to ask your system administrator. If that is not possible, you could use     OpenSSL<\/a> or FireFox<\/a> to just save it from the browser. For more details, see “How to save a remote server SSL certificate locally as a file<\/a>” on SuperUser.com.<\/p>\n

    Including the certificate<\/strong>
    \nStart by including the certificate file (as raw resource) in your APK.
    \nAfter this, implement your own TrustManager that uses the following pseudo-code to analyse the received certificate.<\/p>\n

    Get the key from the bundled certificate.<\/p>\n

    \n\n\t\t
    \n\n\t\t
    \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
    java<\/div>\n\n\t\t\n\t\t
    \n\n\t<\/div>\n\t\n\t
    \n\t\t
    1. FileInputStream<\/span> fis =<\/span> new<\/span> FileInputStream<\/span>(<\/span>"path_to_pem"<\/span>)<\/span>;<\/span><\/div><\/li>\n
    2. CertificateFactory<\/span> cf =<\/span> CertificateFactory<\/span>.getInstance<\/span>(<\/span>"X.509"<\/span>)<\/span>;<\/span><\/div><\/li>\n
    3. java.security<\/span>.cert<\/span>.Certificate<\/span> c =<\/span> cf.generateCertificate<\/span>(<\/span>fis)<\/span>;<\/span><\/div><\/li>\n
    4. System<\/span>.out<\/span>.println<\/span>(<\/span>c.toString<\/span>(<\/span>)<\/span>)<\/span>;<\/span><\/div><\/li>\n
    5.  <\/div><\/li>\n
    6. \/\/ will get you the public key object you can compare against.<\/span><\/div><\/li>\n
    7. RSAPublicKey<\/span> pk =<\/span> (<\/span>RSAPublicKey<\/span>)<\/span> c.getPublicKey<\/span>(<\/span>)<\/span>;<\/span><\/div><\/li>\n
    8.  <\/div><\/li>\n
    9. System<\/span>.out<\/span>.println<\/span>(<\/span>pk.toString<\/span>(<\/span>)<\/span>)<\/span>;<\/span><\/div><\/li>\n
    10. String<\/span> s =<\/span> new<\/span> BigInteger<\/span>(<\/span>1<\/span>, pk.getEncoded<\/span>(<\/span>)<\/span>)<\/span>.toString<\/span>(<\/span>16<\/span>)<\/span>;<\/span><\/div><\/li>\n
    11. System<\/span>.out<\/span>.println<\/span>(<\/span>s)<\/span>;<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

      Get the server key.<\/p>\n

      \n\n\t\t
      \n\n\t\t
      \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
      java<\/div>\n\n\t\t\n\t\t
      \n\n\t<\/div>\n\t\n\t
      \n\t\t
      1. \/\/ that gets the public key provided by the server out of the chain.<\/span><\/div><\/li>\n
      2. RSAPublicKey<\/span> pubkey =<\/span> (<\/span>RSAPublicKey<\/span>)<\/span> chain[<\/span>0<\/span>]<\/span>.getPublicKey<\/span>(<\/span>)<\/span>;<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

        Compare the two keys.<\/p>\n

        \n\n\t\t
        \n\n\t\t
        \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
        java<\/div>\n\n\t\t\n\t\t
        \n\n\t<\/div>\n\t\n\t
        \n\t\t
        1. \/\/ Where pk is the one loaded from your app file space.<\/span><\/div><\/li>\n
        2. pubkey.equals<\/span>(<\/span>pk)<\/span>;<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

          SPKI<\/strong>
          \nAn alternative approach to bundling the certificate with your application is to use the Subject Public Key Info method. This will just store the certificate’s fingerprint instead of a whole file.<\/p>\n

          To generate the fingerprint for your certificate, follow the instructions in “Appendix A<\/a>” of the “Public Key Pinning Extension for HTTP<\/a>” document, example:<\/p>\n

          \n\n\t\t
          \n\n\t\t
          \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
          bash<\/div>\n\n\t\t\n\t\t
          \n\n\t<\/div>\n\t\n\t
          \n\t\t
          1. openssl x509 -noout<\/span> -in<\/span> certificate.pem -pubkey<\/span> |<\/span> \\<\/div><\/li>\n
          2.     openssl asn1parse -noout<\/span> -inform<\/span> pem -out<\/span> public.key<\/div><\/li>\n
          3. openssl dgst -sha256<\/span> -binary<\/span> public.key |<\/span> openssl enc -base64<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

            You can calculate the same fingerprint in Java using the snippet below:<\/p>\n

            \n\n\t\t
            \n\n\t\t
            \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
            java<\/div>\n\n\t\t\n\t\t
            \n\n\t<\/div>\n\t\n\t
            \n\t\t
            1. \/\/ Assume the 'certificate' is a X509Certificate.<\/span><\/div><\/li>\n
            2. MessageDigest<\/span> digest =<\/span> MessageDigest<\/span>.getInstance<\/span>(<\/span>"SHA-256"<\/span>)<\/span>;<\/span><\/div><\/li>\n
            3. byte<\/span>[<\/span>]<\/span> encodedKey =<\/span> certificate.getPublicKey<\/span>(<\/span>)<\/span>.getEncoded<\/span>(<\/span>)<\/span>;<\/span><\/div><\/li>\n
            4. byte<\/span>[<\/span>]<\/span> hash =<\/span> digest.digest<\/span>(<\/span>encodedKey)<\/span>;<\/span><\/div><\/li>\n
            5. String<\/span> fingerprint =<\/span> Base64.encodeToString<\/span>(<\/span>hash, Base64.NO_WRAP<\/span>)<\/span>;<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

              Notes<\/strong>
              \nSSL certificates can be invalidated for various reasons (they expire, get compromised, etc). Because of this you should consider showing a message to the user when pinning a certificate fails.<\/p>\n

              To avoid your app breaking when a certificate gets invalidated, you can keep a list of valid public keys. Start with the first in the list, if that doesn’t work fall back to the next public key in the list.<\/p>\n

              Update or change a certificate before the previous one expires. Unless the certificate is compromised, the public key will most likely stay the same. (If you use the same private key\/CSR.)<\/p>\n","protected":false},"excerpt":{"rendered":"

              General information There is no out of the box solution from Google to use stronger encryption for the communication between your Android client and a server. Google provides some information on how to use SSL on the Android developer website … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[112,52],"tags":[125,134],"class_list":["post-612","post","type-post","status-publish","format-standard","hentry","category-android","category-java","tag-android-2","tag-ssl"],"_links":{"self":[{"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/posts\/612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/comments?post=612"}],"version-history":[{"count":4,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/posts\/612\/revisions"}],"predecessor-version":[{"id":616,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/posts\/612\/revisions\/616"}],"wp:attachment":[{"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/media?parent=612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/categories?post=612"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.ansuz.nl\/index.php\/wp-json\/wp\/v2\/tags?post=612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}