硬式編碼加密編譯密鑰
透過集合功能整理內容
你可以依據偏好儲存及分類內容。
OWASP 類別:MASVS-CRYPTO:加密編譯
總覽
開發人員會使用密碼編譯技術,透過強大的演算法來保護資料的機密性和完整性。不過,金鑰儲存庫經常未得到充分利用,我們也常看到有人在 strings.xml 之類的資產檔案中,使用硬式編碼的字串或位元組陣列建立金鑰儲存庫。如果應用程式的任何檔案揭露密鑰,就違反了 Kerchoff 原則,視同安全模型已損壞。
影響
具有反向工程工具的攻擊者可以輕而易舉地擷取硬式編碼密鑰。實際影響可能因情況而異,不過通常這會導致重大的安全問題,比如機密資料外洩。
因應措施
為了避免這個問題,若您想要系統層級的憑證時,我們會建議使用 KeyChain API。此外,您也可以使用 Android KeyStore 提供程式,以便個別應用程式存放只有自身能夠存取的專屬憑證。
想瞭解如何運用 KeyStore 存放及使用對稱金鑰,請參閱下列程式碼片段:
Kotlin
private val ANDROID_KEY_STORE_PROVIDER = "AndroidKeyStore"
private val ANDROID_KEY_STORE_ALIAS = "AES_KEY_DEMO"
@Throws(
KeyStoreException::class,
NoSuchAlgorithmException::class,
NoSuchProviderException::class,
InvalidAlgorithmParameterException::class
)
private fun createAndStoreSecretKey() {
val builder: KeyGenParameterSpec.Builder = KeyGenParameterSpec.Builder(
ANDROID_KEY_STORE_ALIAS,
KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
)
val keySpec: KeyGenParameterSpec = builder
.setKeySize(256)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
.setRandomizedEncryptionRequired(true)
.build()
val aesKeyGenerator: KeyGenerator =
KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_PROVIDER)
aesKeyGenerator.init(keySpec)
val key: SecretKey = aesKeyGenerator.generateKey()
}
@Throws(
KeyStoreException::class,
UnrecoverableEntryException::class,
NoSuchAlgorithmException::class,
CertificateException::class,
IOException::class,
NoSuchPaddingException::class,
InvalidKeyException::class,
IllegalBlockSizeException::class,
BadPaddingException::class
)
private fun encryptWithKeyStore(plainText: String): ByteArray? {
// Initialize KeyStore
val keyStore: KeyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER)
keyStore.load(null)
// Retrieve the key with alias androidKeyStoreAlias created before
val keyEntry: KeyStore.SecretKeyEntry =
keyStore.getEntry(ANDROID_KEY_STORE_ALIAS, null) as KeyStore.SecretKeyEntry
val key: SecretKey = keyEntry.secretKey
// Use the secret key at your convenience
val cipher: Cipher = Cipher.getInstance("AES/GCM/NoPadding")
cipher.init(Cipher.ENCRYPT_MODE, key)
return cipher.doFinal(plainText.toByteArray())
}
Java
static private final String ANDROID_KEY_STORE_PROVIDER = "AndroidKeyStore";
static private final String ANDROID_KEY_STORE_ALIAS = "AES_KEY_DEMO";
private void createAndStoreSecretKey() throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(
ANDROID_KEY_STORE_ALIAS,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);
KeyGenParameterSpec keySpec = builder
.setKeySize(256)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
.setRandomizedEncryptionRequired(true)
.build();
KeyGenerator aesKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_PROVIDER);
aesKeyGenerator.init(keySpec);
SecretKey key = aesKeyGenerator.generateKey();
}
private byte[] encryptWithKeyStore(final String plainText) throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException, CertificateException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
// Initialize KeyStore
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER);
keyStore.load(null);
// Retrieve the key with alias ANDROID_KEY_STORE_ALIAS created before
KeyStore.SecretKeyEntry keyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry(ANDROID_KEY_STORE_ALIAS, null);
SecretKey key = keyEntry.getSecretKey();
// Use the secret key at your convenience
final Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(plainText.getBytes());
}
資源
這個頁面中的內容和程式碼範例均受《內容授權》中的授權所規範。Java 與 OpenJDK 是 Oracle 和/或其關係企業的商標或註冊商標。
上次更新時間:2024-01-05 (世界標準時間)。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["缺少我需要的資訊","missingTheInformationINeed","thumb-down"],["過於複雜/步驟過多","tooComplicatedTooManySteps","thumb-down"],["過時","outOfDate","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["示例/程式碼問題","samplesCodeIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2024-01-05 (世界標準時間)。"],[],[],null,["# Hardcoded Cryptographic Secrets\n\n\u003cbr /\u003e\n\n**OWASP category:** [MASVS-CRYPTO: Cryptography](https://mas.owasp.org/MASVS/06-MASVS-CRYPTO)\n\nOverview\n--------\n\n| **Note:** This article isn't focused on how to protect API keys.\n\nDevelopers use cryptography to protect confidentiality and integrity of data using robust algorithms. However, the key storage is often underused, and it's common to find them hardcoded into the application as a string or byte array in the code or in an asset file such as `strings.xml`. If secrets are exposed in any files of the app, this goes against [Kerchoff's principle](https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle) and the security model can be considered as broken.\n\nImpact\n------\n\nAn attacker with access to reverse engineering tools can retrieve a hard-coded secret very easily. Depending on conditions the impact might vary, but in many cases it leads to major security issues, such as access to sensitive data.\n\nMitigations\n-----------\n\nTo mitigate this issue, consider using the [KeyChain](/reference/android/security/KeyChain) API when you want system-wide credentials, or the [Android Keystore](/training/articles/keystore) provider to let an individual app store its own credentials that only the app itself can access.\n\nThe following code snippet shows how to store and use a symmetric key using\n`KeyStore`: \n\n### Kotlin\n\n private val ANDROID_KEY_STORE_PROVIDER = \"AndroidKeyStore\"\n private val ANDROID_KEY_STORE_ALIAS = \"AES_KEY_DEMO\"\n\n @Throws(\n KeyStoreException::class,\n NoSuchAlgorithmException::class,\n NoSuchProviderException::class,\n InvalidAlgorithmParameterException::class\n )\n private fun createAndStoreSecretKey() {\n val builder: KeyGenParameterSpec.Builder = KeyGenParameterSpec.Builder(\n ANDROID_KEY_STORE_ALIAS,\n KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT\n )\n val keySpec: KeyGenParameterSpec = builder\n .setKeySize(256)\n .setBlockModes(KeyProperties.BLOCK_MODE_GCM)\n .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)\n .setRandomizedEncryptionRequired(true)\n .build()\n val aesKeyGenerator: KeyGenerator =\n KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_PROVIDER)\n aesKeyGenerator.init(keySpec)\n val key: SecretKey = aesKeyGenerator.generateKey()\n }\n\n @Throws(\n KeyStoreException::class,\n UnrecoverableEntryException::class,\n NoSuchAlgorithmException::class,\n CertificateException::class,\n IOException::class,\n NoSuchPaddingException::class,\n InvalidKeyException::class,\n IllegalBlockSizeException::class,\n BadPaddingException::class\n )\n private fun encryptWithKeyStore(plainText: String): ByteArray? {\n // Initialize KeyStore\n val keyStore: KeyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER)\n keyStore.load(null)\n // Retrieve the key with alias androidKeyStoreAlias created before\n val keyEntry: KeyStore.SecretKeyEntry =\n keyStore.getEntry(ANDROID_KEY_STORE_ALIAS, null) as KeyStore.SecretKeyEntry\n val key: SecretKey = keyEntry.secretKey\n // Use the secret key at your convenience\n val cipher: Cipher = Cipher.getInstance(\"AES/GCM/NoPadding\")\n cipher.init(Cipher.ENCRYPT_MODE, key)\n return cipher.doFinal(plainText.toByteArray())\n }\n\n### Java\n\n static private final String ANDROID_KEY_STORE_PROVIDER = \"AndroidKeyStore\";\n static private final String ANDROID_KEY_STORE_ALIAS = \"AES_KEY_DEMO\";\n\n private void createAndStoreSecretKey() throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {\n KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(\n ANDROID_KEY_STORE_ALIAS,\n KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT);\n KeyGenParameterSpec keySpec = builder\n .setKeySize(256)\n .setBlockModes(KeyProperties.BLOCK_MODE_GCM)\n .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)\n .setRandomizedEncryptionRequired(true)\n .build();\n KeyGenerator aesKeyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_PROVIDER);\n aesKeyGenerator.init(keySpec);\n SecretKey key = aesKeyGenerator.generateKey();\n }\n\n private byte[] encryptWithKeyStore(final String plainText) throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException, CertificateException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {\n // Initialize KeyStore\n KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER);\n keyStore.load(null);\n // Retrieve the key with alias ANDROID_KEY_STORE_ALIAS created before\n KeyStore.SecretKeyEntry keyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry(ANDROID_KEY_STORE_ALIAS, null);\n SecretKey key = keyEntry.getSecretKey();\n // Use the secret key at your convenience\n final Cipher cipher = Cipher.getInstance(\"AES/GCM/NoPadding\");\n cipher.init(Cipher.ENCRYPT_MODE, key);\n return cipher.doFinal(plainText.getBytes());\n }\n\nResources\n---------\n\n- [Android KeyStore system](/training/articles/keystore)\n\n- [KeyStore documentation](/reference/java/security/KeyStore)\n\n- [KeyChain documentation](/reference/android/security/KeyChain)\n\n- [CWE-321: Use of Hard-coded Cryptographic Key](https://cwe.mitre.org/data/definitions/321.html)"]]
