Android Security Mechanisms Lecture 8
Operating Systems Practical
7 December 2016
This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.
OSP
Android Security Mechanisms, Lecture 8
1/35
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
2/35
Outline
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
3/35
Signing Applications
I
Each apk signed with a certificate I I I
OSP
Generated using the developer’s private key Identifies the developer of the application Can be self-signed
I
System applications signed with the platform key
I
Update allowed only if the certificate matches
Android Security Mechanisms, Lecture 8
4/35
Outline
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
5/35
UIDs and File Access
I
Unique UID at install time for each application
I
Access rights on application’s files - other applications cannot access those files Shared UID
I
I I I
I
Share files with other applications I
I
OSP
sharedUserId attribute of
Signed with the same key Treated as the same application, same UID and file permissions MODE_WORLD_READABLE or MODE_WORLD_WRITABLE when creating a file Gives read or write access to files
Android Security Mechanisms, Lecture 8
6/35
Outline
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
7/35
Android Permissions
I
By default, applications cannot perform operations to impact other apps, the OS or the user
I
Permission - the ability to perform a particular operation Built-in permissions documented in the platform API reference
I
I
I
Custom permissions - defined by system or user apps
I
pm list permissions Defining package + .permission + name
I
I I
OSP
Defined in the android package
android.permission.REBOOT com.android.laucher3.permission.RECEIVE_LAUNCH_BROADCASTS
Android Security Mechanisms, Lecture 8
8/35
Android Permissions
I
Apps request permissions in AndroidManifest.xml
I I
Permissions handled by the PackageManager service Central database of installed packages I
I
I
OSP
/data/system/packages.xml
Programatically access package information from android.content.pm.PackageManager getPackageInfo() returns PackageInfo instance
I
Cannot be changed or revoked without uninstalling app (until Android 5.1)
I
Android 6.0: apps request permissions at runtime
Android Security Mechanisms, Lecture 8
9/35
Permission Enforcement
I
A permission can be enforced in a number of places I I I I I
OSP
Making a call into the system Starting an activity Starting and binding a service Sending and receiving broadcasts Accessing a content provider
Android Security Mechanisms, Lecture 8
10/35
Permission Protection Levels
I I
Potential risk and procedure to grant permission Normal I I I
I
Dangerous I I I
OSP
Low risk Automatically granted without user confirmation ACCESS_NETWORK_STATE, GET_ACCOUNTS Access to user data or control over the device Requires user confirmation CAMERA, READ_SMS
Android Security Mechanisms, Lecture 8
11/35
Permission Protection Levels
I
Signature I I
I
I
I
SignatureOrSystem I
I
OSP
Highest level of protection Apps signed with the same key as the app that declared the permission Built-in signature permissions are used by system apps (signed with platform key) NET_ADMIN, ACCESS_ALL_EXTERNAL_STORAGE Apps part of system image or signed with the same key as the app that declared the permission Vendors may have preinstalled apps without using the platform key
Android Security Mechanisms, Lecture 8
12/35
Permission Groups
I I
All dangerous permissions belong to permission groups Until Android 5.1: I
I
On Android 6.0: I
I
I
If there is no other permission in that group, it requests the user’s confirmation for that permission group If there is another permission in that group already granted, it does not request any confirmation
Examples of dangerous permission groups: I
OSP
Permission groups are requested at install time (not the individual permissions)
Calendar, Camera, Contacts, Location, Phone, SMS, Sensors, Storage, Microphone
Android Security Mechanisms, Lecture 8
13/35
Kernel-Level Enforcement
I
Access to regular files, device nodes and local sockets managed by the Linux kernel, based on UID, GID
I
Permissions are mapped to supplementary GIDs
I
Built-in permission mapping in /etc/permission/platform.xml Example:
I
I I
I
OSP
INTERNET permission associated with GID inet Only apps with INTERNET permission can create network sockets The kernel verifies if the app belongs to GID inet
Android Security Mechanisms, Lecture 8
14/35
Framework-Level Enforcement I
Static permission enforcement I
I
I I I
I
Dynamic permission enforcement I
I
I I
OSP
System keeps track of permissions associated to each app component Checks whether callers have the required permission before allowing access Enforcement by runtime environment Isolating security decisions from business logic Less flexible Components check to see if the caller has the necessary permissions Decisions made by each component, not by runtime environment More fine-grained access control More operations in components
Android Security Mechanisms, Lecture 8
15/35
Dynamic Enforcement
I
I
Helper methods in android.content.Context class to perform permission check checkPermission(String permission, int pid, int uid) I I I I I
I
enforcePermission(String permission, int pid, int uid, String message) I
OSP
Returns PERMISSION_GRANTED or PERMISSION_DENIED For root and system, permission is automatically granted If permission is declared by calling app, it is granted Deny for private components Queries the Package Manager
Throws SecurityException with message if permission is not granted
Android Security Mechanisms, Lecture 8
16/35
Static Enforcement
I
An app tries to call a component of another app - intent
I
Target component - android:permission attribute
I
Caller - Activity Manager
I
I I I
OSP
Resolves intent Checks if target component has an associated permission Delegates permission check to Package Manager
I
If caller has necessary permission, the target component is started
I
Otherwise, a SecurityException is generated
Android Security Mechanisms, Lecture 8
17/35
Activity and Service Permission Enforcement
I
Permission checks for activities I
I
I
Permission checks for services I
I
I
OSP
Intent is passed to Context.startActivity() or startActivityForResult() Resolves to an activity that declares a permission Intent passed to Context.startService() or stopService() or bindService() Resolves to a service that declares a permission
If caller does not have the necessary permission, generates SecurityExceptions
Android Security Mechanisms, Lecture 8
18/35
Content Provider Permission Enforcement
OSP
I
Protect the whole component or a particular exported URI
I
Different permissions for reading and writing
I
Read permission - ContentResolver.query() on provider or URI
I
Write permission - ContentResolver.insert(), update(), delete() on provider or URI
I
Synchronous checks
Android Security Mechanisms, Lecture 8
19/35
Broadcast Permission Enforcement
I
Receivers may be required to have a permission I
I I
I
Broadcasters may need to have a permission to send a broadcast I I I
I
OSP
Context.sendBroadcast(Intent intent, String receiverPermission) Check when delivering intent to receivers No permission - broadcast not received, no exception
Specified in manifest or in registerReceiver Checked when delivering broadcast No permission - no delivery, no exception
2 checks for each delivery: for sender and receiver
Android Security Mechanisms, Lecture 8
20/35
Custom Permissions
I
Declared by apps
I
Checked statically by the system or dynamically by the components
I
Declared in AndroidManifest.xml
OSP
: name=”com . e x a m p l e . app . p e r m i s s i o n . PERMISSION1” : l a b e l =” @ s t r i n g / p e r m i s s i o n 1 l a b e l ” : d e s c r i p t i o n =” @ s t r i n g / p e r m i s s i o n 1 d e s c ” : p e r m i s s i o n G r o u p =”com . e x a m p l e . app . p e r m i s s i o n −g r o u p . TEST GROUP” : p r o t e c t i o n L e v e l =” s i g n a t u r e ” />
Android Security Mechanisms, Lecture 8
21/35
Outline
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
22/35
JCA Provider Architecture
I
Java Cryptography Architecture (JCA) I I I
I
Cryptographic Service Provider (CSP) I I I I
I
Package with implementation of cryptographic services Advertises the implemented services and algorithms JCA maintains a registry of providers and their algorithms Providers in a order of preference
Service Provider Interface (SPI) I I
OSP
Extensible cryptographic provider framework Set of APIs - major cryptographic primitives Applications specify an algorithm, do not depend on particular provider implementation
Common interface for implementations of a specific algorithm Abstract class implemented by provider
Android Security Mechanisms, Lecture 8
23/35
JCA Engine Classes I
JCA engines provide: I I
I
Cryptographic operations (encrypt/decrypt, sign/verify, hash) Generation or conversion of cryptographic material (keys, parameters) Management and storage of cryptographic objects (keys, certificates)
I
Decouple client code from algorithm implementation
I
Static factory method getInstance()
I
Request implementation indirectly s t a t i c EngineClassName g e t I n s t a n c e ( S t r i n g a l g o r i t h m ) throws NoSuchAlgorithmException s t a t i c EngineClassName g e t I n s t a n c e ( S t r i n g algorithm , S t r i n g p r o v i d e r ) throws NoSuchAlgorithmException , NoSuchProviderException s t a t i c EngineClassName g e t I n s t a n c e ( S t r i n g algorithm , P r o v i d e r p r o v i d e r ) throws NoSuchAlgorithmException
OSP
Android Security Mechanisms, Lecture 8
24/35
Message Digest
I
Hash function M e s s a g e D i g e s t md = M e s s a g e D i g e s t . g e t I n s t a n c e ( ”SHA− 2 5 6 ” ) ; byte [ ] data = getMessage ( ) ; b y t e [ ] h a s h = md . d i g e s t ( d a t a ) ;
OSP
I
Data provided in chuncks using update() then call digest()
I
If data is short and fixed - hashed in one step using digest()
Android Security Mechanisms, Lecture 8
25/35
Signature I
Digital signature algorithms based on asymmetric encryption
I
Algorithm name: with
I
Sign: b y t e [ ] d a t a = ” m e s s a g e t o be s i g n e d ” . g e t B y t e s ( ” A S C I I ” ) ; S i g n a t u r e s = S i g n a t u r e . g e t I n s t a n c e ( ” SHA256withRSA ” ) ; s . i n i t S i g n ( privKey ) ; s . update ( data ) ; byte [ ] s i g n a t u r e = s . sign ( ) ;
I
Verify: S i g n a t u r e s = S i g n a t u r e . g e t I n s t a n c e ( ” SHA256withRSA ” ) ; s . i n i t V e r i f y ( pubKey ) ; s . update ( data ) ; boolean v a l i d = s . v e r i f y ( signature ) ;
OSP
Android Security Mechanisms, Lecture 8
26/35
Cipher
I
Encryption and decryption operations
I
Encryption:
S e c r e t key = getSecretKey ( ) ; C i p h e r c = C i p h e r . g e t I n s t a n c e ( ” AES/CBC/ PKCS5Padding ” ) ; b y t e [ ] i v = new b y t e [ c . g e t B l o c k S i z e ( ) ] ; SecureRandom s r = new SecureRandom ( ) ; sr . nextBytes ( iv ) ; I v P a r a m e t e r S p e c i v p = new I v P a r a m e t e r S p e c ( i v ) ; c . i n i t ( C i p h e r . ENCRYPT MODE, key , i v p ) ; b y t e [ ] d a t a = ” Message t o e n c r y p t ” . g e t B y t e s ( ”UTF−8”); byte [ ] c i p h e r t e x t = c . doFinal ( data ) ;
OSP
Android Security Mechanisms, Lecture 8
27/35
Cipher
I
Decryption:
C i p h e r c = C i p h e r . g e t I n s t a n c e ( ” AES/CBC/ PKCS5Padding ” ) ; c . i n i t ( C i p h e r . DECRYPT MODE, key , i v p ) ; byte [ ] data = c . doFinal ( c i p h e r t e x t ) ;
OSP
Android Security Mechanisms, Lecture 8
28/35
MAC
I
Message Authentication Code algorithms
SecretKey key = getSecretKey ( ) ; Mac m = Mac . g e t I n s t a n c e ( ” HmacSha256 ” ) ; m. i n i t ( k e y ) ; b y t e [ ] d a t a = ” Message ” . g e t B y t e s ( ”UTF−8”); b y t e [ ] hmac = m. d o F i n a l ( d a t a ) ;
OSP
Android Security Mechanisms, Lecture 8
29/35
KeyGenerator
I
Generates symmetric keys
I
Additional checks for weak keys
I
Set key parity when necessary
I
Takes advantage of the cryptographic hardware
K e y G e n e r a t o r kg = K e y G e n e r a t o r . g e t I n s t a n c e ( ” HmacSha256 ” ) ; S e c r e t K e y k e y = kg . g e n e r a t e K e y ( ) ;
K e y G e n e r a t o r kg = K e y G e n e r a t o r . g e t I n s t a n c e ( ” AES ” ) ; kg . i n i t ( 2 5 6 ) ; S e c r e t K e y k e y = kg . g e n e r a t e K e y ( ) ;
OSP
Android Security Mechanisms, Lecture 8
30/35
KeyPairGenerator
I
Generates public and private keys
K e y P a i r G e n e r a t o r kpg = K e y P a i r G e n e r a t o r . g e t I n s t a n c e ( ”RSA ” ) ; kpg . i n i t i a l i z e ( 1 0 2 4 ) ; K e y P a i r p a i r = kpg . g e n e r a t e K e y P a i r ( ) ; PrivateKey p riv = pair . getPrivate ( ) ; P u b l i c K e y pub = p a i r . g e t P u b l i c ( ) ;
OSP
Android Security Mechanisms, Lecture 8
31/35
Android JCA Providers I
Harmony’s Crypto Provider I I I
I
Android’s Bouncy Castle Provider I I I
I
I
Full-featured JCA provider Part of the Bouncy Castle Crypto API Cipher, KeyGenerator, Mac, MessageDigest, SecretKeyFactory, Signature, CertificateFactory Large number of algorithms
AndroidOpenSSL Provider I I I I
OSP
Limited JCA provider part of the Java runtime library SecureRandom (SHA1PRNG), KeyFactory (DSA) MessageDigest (SHA-1), Signature (SHA1withDSA)
Native code, performance reasons Covers most functionality of Bouncy Castle Preferred provider Implementation uses JNI to access OpenSSL’s native code
Android Security Mechanisms, Lecture 8
32/35
Outline
Signing Applications UIDs and File Access Android Permissions Cryptographic Providers Bibliography
OSP
Android Security Mechanisms, Lecture 8
33/35
Bibliography
OSP
I
Android Security Internals, Nikolay Elenkov
I
http://developer.android.com/guide/topics/ security/permissions.html
Android Security Mechanisms, Lecture 8
34/35
Keywords
OSP
I
Permissions
I
Custom permissions
I
Protection levels
I
Java Cryptography Architecture
I
Static enforcement
I
Cryptographic Service Provider
I
Dynamic enforcement
I
Engine classes
Android Security Mechanisms, Lecture 8
35/35
