Is there a standard mechanism for javascript to detect TLS MITM?
I’m looking for something along the lines of reading the fingerprint for a server cert out of the browser, and comparing to an inlined constant.
Of couse, this might be of limited practical use, since a targeted MITM attack could also rewrite the content to match a fake cert.
4
This is a problem that should not be tackled on a JavaScript level, but on the TLS level. There are two mechanisms already in place that should make a MITM more difficult:
-
When a cert is issued by a certificate authority, the CA should verify the identity of the certificate holder. Provided that all CAs trusted by a browser only issue certs with proper verification, this means any fraudulent certs would be detected. Unfortunately, this doesn’t quite hold. Some CAs have issued certs without validation, e.g. for testing. Others might be compelled by governments to issue a cert that can then be used for MITM. Finally, a CA itself can be compromised, and a stolen root certificate be used to sign malicious certs which would be trusted by any browser trusting the compromised CA.
Wrong certificates might also be used by deep packet inspection software to re-sign data flowing through it, but that requires all clients behind that firewall to trust the certificate used for re-signing. The “correct” solution is to not trust that cert.
-
Certificate pinning allows a site to declare a certificate to be valid for a certain time frame via HTTP headers. The browser can store the fingerprint, and can compare subsequent connections to the pinned certificate. This only works if the first connection was not MITM’ed, and if the site actually uses certificate pinning. For example, certificate pinning will not help when it is only used in a corporate intranet where all outgoing traffic is MITM’ed.
Some systems do certificate pinning by hard-coding a public key inside a binary. This is done by various mobile apps and browsers, which allows the first connection to be secure as well, provided the binary was not compromised.
It might be possible to implement something like certificate pinning in JavaScript, but since it requires a cooperating server to send the required headers, this is not a general solution. If you’re in the situation that you’re trusting a cert you don’t want to trust, there’s just no good way to resolve or detect that.
1