From e7314018383916bc437b7399e346dc10c3c77608 Mon Sep 17 00:00:00 2001 From: "Mr. Robot" Date: Sat, 1 May 2021 20:44:21 +0200 Subject: [PATCH] update certificate pinning logic --- .../challenges/CertificatePinning.java | 59 ++++++++++++++++--- 1 file changed, 52 insertions(+), 7 deletions(-) diff --git a/app/src/main/java/infosecadventures/allsafe/challenges/CertificatePinning.java b/app/src/main/java/infosecadventures/allsafe/challenges/CertificatePinning.java index fa6ef5e..5d026f7 100644 --- a/app/src/main/java/infosecadventures/allsafe/challenges/CertificatePinning.java +++ b/app/src/main/java/infosecadventures/allsafe/challenges/CertificatePinning.java @@ -13,6 +13,8 @@ import org.jetbrains.annotations.NotNull; import java.io.IOException; +import java.util.ArrayList; +import java.util.List; import java.util.Objects; import infosecadventures.allsafe.R; @@ -27,21 +29,28 @@ public class CertificatePinning extends Fragment { + private static final String INVALID_HASH = "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; + @Override public View onCreateView(@NonNull LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { View view = inflater.inflate(R.layout.fragment_certificate_pinning, container, false); setHasOptionsMenu(true); + + // make an intentional request with broken config + // to get the actual peer certificate chain public key hashes from okhttp exception + List hashes = extractPeerCertificateChain(); + Button test = view.findViewById(R.id.execute); test.setOnClickListener(v -> { - CertificatePinner certificatePinner = new CertificatePinner.Builder() - .add("httpbin.org", - "sha256/J0dKy1gw45muM4o/vm/tskFQ2BWudtp9XLxaW7OtowQ=") - .add("httpbin.org", - "sha256/JSMzqOOrtyOT1kmau6zKhgT676hGgczD5VMdRMyJZFA=") - .build(); + + CertificatePinner.Builder certificatePinner = new CertificatePinner.Builder(); + for (String hash : hashes) { + Log.d("ALLSAFE", hash); + certificatePinner.add("httpbing.org", hash); + } OkHttpClient okHttpClient = new OkHttpClient.Builder() - .certificatePinner(certificatePinner) + .certificatePinner(certificatePinner.build()) .build(); Request request = new Request.Builder() @@ -51,6 +60,7 @@ public View onCreateView(@NonNull LayoutInflater inflater, ViewGroup container, okHttpClient.newCall(request).enqueue(new Callback() { @Override public void onFailure(@NotNull Call call, @NotNull IOException e) { + Log.d("ALLSAFE", e.getMessage()); requireActivity().runOnUiThread(() -> SnackUtil.INSTANCE.simpleMessage(requireActivity(), e.getMessage())); } @@ -67,4 +77,39 @@ public void onResponse(@NotNull Call call, @NotNull Response response) throws IO }); return view; } + + private List extractPeerCertificateChain() { + List chain = new ArrayList<>(); + + OkHttpClient okHttpClient = new OkHttpClient.Builder() + .certificatePinner(new CertificatePinner.Builder() + .add("httpbin.org", INVALID_HASH) + .build()) + .build(); + + Request request = new Request.Builder() + .url("https://httpbin.org/json") + .build(); + + okHttpClient.newCall(request).enqueue(new Callback() { + @Override + public void onFailure(@NotNull Call call, @NotNull IOException e) { + requireActivity().runOnUiThread(() -> { + String[] lines = e.getMessage().split(System.getProperty("line.separator")); + for (String line : lines) { + if (!line.trim().equals(INVALID_HASH) && line.trim().startsWith("sha256")) { + String pin = line.trim().split(":")[0].trim(); + chain.add(pin); + } + } + }); + } + + @Override + public void onResponse(@NotNull Call call, @NotNull Response response) { + + } + }); + return chain; + } } \ No newline at end of file