search

datatheorem / TrustKit

Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
MIT License
1.99k stars 360 forks source link

Add support for RSA public keys of size 3072 or 1024 bits #241

Open spineau opened 3 years ago

spineau commented 3 years ago

Hi,

Would it be possible to add the support for pinning certificates with RSA public keys of size 3072 or 1024 bits ?

In TrustKit/Pinning/TSKSPKIHashCache.m, something like : 

/*
 * ASN1 header values for RSA public key of size 1024 and 3072 bits obtained from:
 * https://www.brightec.co.uk/blog/kotlin-multiplatform-ios-certificate-pinning
 */

static const unsigned char rsa1024Asn1Header[] =
{
    0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
    0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00
};

static const unsigned char rsa2048Asn1Header[] =
{
    0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
    0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00
};

static const unsigned char rsa3072Asn1Header[] =
{
    0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
    0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00
};

static const unsigned char rsa4096Asn1Header[] =
...

static BOOL isKeySupported(NSString *publicKeyType, NSNumber *publicKeySize)
{
    if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 1024))
    {
        return YES;
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 2048))
    {
        return YES;
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 3072))
    {
        return YES;
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 4096))
    ...

static char *getAsn1HeaderBytes(NSString *publicKeyType, NSNumber *publicKeySize)
{
    if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 1024))
    {
        return (char *)rsa1024Asn1Header;
    }
    else If (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 2048))
    {
        return (char *)rsa2048Asn1Header;
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 3072))
    {
        return (char *)rsa3072Asn1Header;
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 4096))
    ...

static unsigned int getAsn1HeaderSize(NSString *publicKeyType, NSNumber *publicKeySize)
{
    if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 1024))
    {
        return sizeof(rsa1024Asn1Header);
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 2048))
    {
        return sizeof(rsa2048Asn1Header);
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 3072))
    {
        return sizeof(rsa3072Asn1Header);
    }
    else if (([publicKeyType isEqualToString:(NSString *)kSecAttrKeyTypeRSA]) && ([publicKeySize integerValue] == 4096))
    ...

Regards.

sbayerlein commented 1 year ago

I am facing a similar problem. I have a intermediate pin with RSA 3072 bits. Is there a workaround to skip the intermediate and check the pin of the server certificate instead?

Louis-Marie-W commented 6 months ago

Hi team,

We have the same issue, and it took a very long time to identify this as the source of our problems.

Our new certificate is generated by Gandi, which is a well-known institution that generates thousands of certificates that need the intermediate certificate authority of Gandi.

However, their certificate is generated with a length of 3072 bits.

So, we have no option to change their certificate, and the TrustKit package generates errors when it tries to validate the chain certificate received from our server.

Your kind support would be really appreciated.

Thanks in advance. Louis-Marie

stperona commented 4 months ago

Looks like the original request is pretty old at this point but adding another +1 to this request to support 3072 bit RSA as we're seeing most of our new client certs be generated in 3072.

Can we get the changes from the first comment into a PR to help facilitate the review process? Or is this something already on the roadmap at this point?

stperona commented 4 months ago

I've put these changes and a corresponding test case into the PR noted above. @nabla-c0d3 any chance this could get on the road map to be reviewed and pulled in for release?

ebenezar-mccoy commented 4 weeks ago

Any chance to get an update?

stperona commented 3 weeks ago

I'm not totally sure who is actively maintaining the repo and would be best to tag to possibly get some eyes on this soon. Based on recent PR reviews maybe @EthanArbuckle?

EthanArbuckle commented 3 weeks ago

Acknowledged, thanks for the ping and PR! We'll review and aim for a new release of TrustKit by EOW