堆栈内存溢出
  简体   繁体   English

使用Cordova进行证书验证

[英]Certificate verification with Cordova

 原文  2014-05-23 15:12:07       authentication/ cordova/ ssl/ certificate

问题描述

I wonder if there is a simple/recommended way for verifying the remote site certificate within Cordova. 我想知道是否有一种简单/推荐的方法来验证Cordova中的远程站点证书。 I would like my app to verify $remote.thumbprint is in a list of expected thumbprints and no one MITMs. 我希望我的应用程序验证$ remote.thumbprint是否在预期的指纹列表中,并且没有一个MITM。 The code (and the list) should be deployed on the phone through the app stores (I just assume they are trusted). 代码(和列表)应该通过应用程序商店部署在手机上(我只是假设它们是受信任的)。

Preferably a straight forward solution that does not require platform specific code for Android, IOS and WP? 最好是不需要针对Android,IOS和WP的平台特定代码的直接解决方案?

1 个解决方案

解决方案1
 0  2014-05-23 19:32:27

In order to see the cert information on a remote site you have to have access to that remote server. 为了查看远程站点上的证书信息,您必须有权访问该远程服务器。 But assuming you have access to the server you could write some server code that returns a list of thumbrint values and what ever else you may need returned. 但是,假设您有权访问服务器,则可以编写一些服务器代码,这些代码将返回thumbrint值列表以及您可能需要返回的其他值。 Here is how you could do it with C# using asp.net: 这是使用asp.net使用C#的方法: 

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
using System.Security.Permissions;
using System.IO;
using System.Security.Cryptography.X509Certificates;

namespace FIPWS01
{
    public partial class certtest : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {


            try

            {

                X509Store store = new X509Store(StoreLocation.LocalMachine);

                store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

                X509Certificate2Collection collection = (X509Certificate2Collection)store.Certificates;

               // X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindBySubjectName, "Kilpatrick", false);

                X509Certificate2Collection fcollection = (X509Certificate2Collection)collection.Find(X509FindType.FindBySubjectName, "[your info here]", false);

                Response.Write("Number of certificates: " + fcollection.Count + "<br>");

                foreach (X509Certificate2 x509 in fcollection)

                {

                    byte[] rawdata = x509.RawData;

                    Response.Write("Friendly Name: " + x509.FriendlyName + "<br>");

                    Response.Write("Simple Name: " + x509.GetNameInfo(X509NameType.SimpleName, true) +  "<br>");

                    Response.Write("Thumb Print: " + x509.Thumbprint + "<br>");

                }

                store.Close();

            }

            catch (CryptographicException)

                {

                    Response.Write("Information could not be written out for this certificate.");

                }




        }
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SSL证书和身份验证 - SSL Certificate and identity verification 客户验证 - Client verification 指纹验证 - fingerprint verification 验证系统 - verification system 保存 OTP 以供验证 - Save OTP for verification Java MongoDB认证验证 - Java MongoDB Authentication Verification 使用 Oauth 进行松动螺栓验证 - Slack Bolt Verification with Oauth 反应认证流程验证 - react authentication flow verification PayPal 电子邮件状态验证 - PayPal email status verification Firebase SMS验证/身份验证 - Firebase SMS Verification / Authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM