[英]Windows Phone 8.0 certificate pinning
在没有诸如SecureBlackbox之类的商业库的情况下,如何在Windows Phone 8.0中进行证书固定? 我可以为Windows Phone 8.1做到这一点,但不适用于WP8.0。
WP8.1的代码
private async Task<bool> GetPublicKeysFromServer(string serverUrl)
{
//clear old cers
serverPublicKyes = new List<string>();
Uri serverUri = new Uri(serverUrl);
HttpClient httpClient = new HttpClient();
string responseData = string.Empty;
HttpResponseMessage response = new HttpResponseMessage();
response = await httpClient.GetAsync(serverUri);
List<Certificate> listCerts = new List<Certificate>();
listCerts.Add(response.RequestMessage.TransportInformation.ServerCertificate);
foreach (Certificate aCertificate in listCerts)
{
IBuffer buffer = aCertificate.GetCertificateBlob();
byte[] bCert = buffer.ToArray();
string scert = BitConverter.ToString(bCert);
byte[] rsaOID = EncodeOID("1.2.840.113549.1.1.1");//1.2.840.113549.1.1.1
string sOID = BitConverter.ToString(rsaOID);
int length;
int index = FindX509PubKeyIndex(bCert, rsaOID, out length);
// Found X509PublicKey in certificate so copy it.
if (index > -1)
{
byte[] X509PublicKey = new byte[length];
Array.Copy(bCert, index, X509PublicKey, 0, length);
string URLCertPublicKey = BitConverter.ToString(X509PublicKey);
serverPublicKyes.Add(URLCertPublicKey);
Debug.WriteLine("Site Cert: " + URLCertPublicKey);
}
}
return true;
}
WP8.0 API不支持:
Windows.Security.Cryptography和HttpRequestMessage.TransportInformation
谢谢。
对于Windows Phone 8 / 8.1: 证书固定在Windows Phone 8 / 8.1上
我认为您不能不使用您提到的商业图书馆就做到这一点。 您应该尝试一下。 如果不是,那么我在堆栈溢出本身中找到了一些内容(请参阅WP8上的SSL证书详细信息 ):
对于WP8,您可以使用StreamSocket类,该类具有一个UpgradeToSslAsync()方法,它将作为异步操作为您执行TLS握手。 完成后,您可以使用.Information.ServerCertificate属性来检查您是否获得了期望的服务器证书。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.