SSL 主机名匹配如何在 JWS 上工作? [英] How does SSL Hostname matching work on JWS?

问题描述

当使用 Google SafetyNet for Android 时，文档建议您

When using Google SafetyNet for Android the documentation suggest that you

验证 SSL 证书链并使用 SSL 主机名匹配来确保叶认证是 attest.android.com

Validate the SSL certificate chain and use SSL Hostname matching to ensure the leaf certification was issues to attest.android.com

现在这是如何工作的?我会假设我收到 JWS 消息，检查证书和签名等，但会根据从 attest.android.com 获取的证书进行验证，但 attest.android.com 不是实时主机.

Now how does this work? I would have assumed that I get the JWS message inspect the certs and signature etc but would validate against a cert grabbed from attest.android.com, but attest.android.com is not a live host.

在事先不知道域的公钥的情况下，SSL 签名是否适用于验证?即我可以验证传入的 JWS 消息中的所有内容吗?我不明白这怎么可能，是吗?

Does SSL signing cater for validation without previously knowing the public key of the domain? i.e. Can I validate everything from incoming JWS message? I don't see how this is possible, is it?

推荐答案

不幸的是，文档没有像您必须做的那样详细描述.

Unfortunately, the documentation is not very descriptive as what you have to do.

JWS 数据包括三个部分:标头、有效负载和签名.简单来说，头包含用于签署有效负载的公钥证书，签名包含在末尾.

The JWS data includes three sections: the header, the payload and the signature. Simplifying things, the header contains the public key certificates used to sign the payload, and the signature is included at the end.

要验证 SafetyNet JWS，您首先需要提取嵌入在标头中的证书.这些证书具有可以验证为公共根证书的信任链，因此您应该验证这些证书确实是有效的证书，并且它们已颁发给 attest.android.com.

To validate a SafetyNet JWS, you first need to extract the certificates embedded in the header. These certificates have trust chains that can be validated to a public root certificate, so you should verify that these are indeed valid certificates, and that they are issued to attest.android.com.

然后您取出签名，并根据嵌入的证书对其进行验证.

Then you take out the signature, and verify it against the embedded certificates.

如果你检查这个，那么你可以信任有效负载.但是在查看basicIntegrity 和ctsProfileMatch 之前，请确保apkPackageName、apkDigestSha256 和apkCertificateDigestSha256> 匹配您的应用程序，以便您知道响应实际上来自您未修改的应用程序.

If you check this, then you can trust the payload. But before looking at basicIntegrity and ctsProfileMatch, please ensure that apkPackageName, apkDigestSha256 and apkCertificateDigestSha256 match those of your app, so you know that the response actually comes from your unmodified app.

最理想的情况是，您的编程语言应该包含一个 JWS 库和一个可以为您执行此操作的 SSL 库，因此您不必自己编写.公共示例 包含一个 Java 示例供您仔细阅读.

Optimally, your programming language should include a JWS library and an SSL library that can do this for you, so you don't have to write this yourself. The public sample includes a Java sample for you to peruse.

这篇关于SSL 主机名匹配如何在 JWS 上工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！