Public Key pinning with X509TrustManagerExtensions checkServerTrusted

Question

Public key pinning in for a HTTPS TLS connection.

There is an issue with Android API, below 17, that enables MITM (Man in the Middle) attack incase of public key pinning. This has been explained in the link below.

https://www.cigital.com/blog/ineffective-certificate-pinning-implementations/

So in Android minimum sdk below 17, ie, below Android version 4.2, we need to initialise the X509TrustManager with Android Keystore which has only the server root certificates (instead of the default keystore; which would have all certificates installed in the device). This helps in cleaning the leaf certificates received from the server before performing public key pinning.

From Android API 17 onwards, Android has introduced X509TrustManagerExtensions which performs this root cleaning at OS level.

https://developer.android.com/reference/android/net/http/X509TrustManagerExtensions.html

My question:

I would be glad if anyone could please provide an example on how to implement the following method provided by the X509TrustManagerExtensions for root cleaning.

List<X509Certificate> checkServerTrusted (X509Certificate[] chain, 
                String authType, 
                String host)

I am confused with the following.

1. host; should it be the domain URL? with https or without? or should it be the full url (domain + relative path)

2. How to create instant of a X509TrustManagerExtensions? The constructor for X509TrustManagerExtensions takes X509TrustManager as input. Do we create this X509TrustManager with the android default keystore?

Code snippet (Not working):

   TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
   tmf.init(KeyStore.getInstance(KeyStore.getDefaultType()));

   for (TrustManager trustManager : tmf.getTrustManagers()) {
       X509TrustManagerExtensions tme = new X509TrustManagerExtensions((X509TrustManager) trustManager);
       tme.checkServerTrusted(chain, authType, <<String https://www.example.com>>);
   }

Exception: Trust anchor for certification path not found

Possible security risk: Using KeyStore.getDefaultType()

Any help would be greatly appreciated.

Answer 1

Firstly you need to get hold of the trust manager by using the TrustManagerFactory. When initialising this you pass in null for it to use the default Keystore and it will return the default trust managers. With this you can then create the X509TrustManagerExtensions using the first X509TrustManager.

TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
        TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);

// Find first X509TrustManager in the TrustManagerFactory
X509TrustManager x509TrustManager = null;
for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
    if (trustManager instanceof X509TrustManager) {
        x509TrustManager = (X509TrustManager) trustManager;
        break;
    }
}

X509TrustManagerExtensions x509TrustManagerExtensions = 
        new X509TrustManagerExtensions(trustManager());

Then to execute this the host I've successfully used just the domain part:

List<X509Certificate> trustedCerts = x509TrustManagerExtensions
        .checkServerTrusted(untrustedCerts, "RSA", "appmattus.com");

For those using HttpUrlConnection the the untrusted certs is determined with:

Certificate[] serverCerts = ((HttpsUrlConnection)conn).getServerCertificates();
X509Certificate[] untrustedCerts = Arrays.copyOf(serverCerts, 
        serverCerts.length, 
        X509Certificate[].class);

If you are using OkHttp then you can just use the built in CertificatePinner that has since been updated to fix the issues mentioned in that article.