[英]Xamarin.Android Http client that allow me to add client certificate from KeyStore
我正在嘗試添加從此方法獲得的客戶端證書功能:
private X509Certificate[] GetCertificateChain(string alias)
{
try
{
return KeyChain.GetCertificateChain(this, alias);
}
catch (KeyChainException e)
{
}
return null;
}
System.Net.Http.HttpClientHandler不允許我添加客戶端證書。 引發NotImplemented異常。 有什么辦法嗎? 也許其他Http客戶端?
您需要擴展AndroidClientHandler
並重寫ConfigureCustomSSLSocketFactory
public class HttpsClientHandler : AndroidClientHandler
{
private static readonly Logger LOG = LogManager.GetLogger();
private SSLContext sslContext;
private readonly ITrustManager[] trustManagers;
private IKeyManager[] keyManagers = null;
public HttpsClientHandler() : base()
{
trustManagers = GetTrustManagers();
sslContext = GetSSLContext();
}
private SSLContext GetSSLContext()
{
string protocol;
if (SslProtocols == SslProtocols.Tls11)
{
protocol = "TLSv1.1";
} else if (SslProtocols == SslProtocols.Tls || SslProtocols == SslProtocols.Tls12)
{
protocol = "TLSv1.2";
} else
{
throw new IOException("unsupported ssl protocol: " + SslProtocols.ToString());
}
SSLContext ctx = SSLContext.GetInstance(protocol);
ctx.Init(keyManagers, trustManagers, null);
return ctx;
}
public new SslProtocols SslProtocols { get; set; } = SslProtocols.Tls12;
public void SetClientCertificate(byte[] pkcs12, char[] password)
{
keyManagers = GetKeyManagersFromClientCert(pkcs12, password);
SSLContext newContext = GetSSLContext();
sslContext = newContext;
}
private ITrustManager[] GetTrustManagers()
{
TrustManagerFactory trustManagerFactory = TrustManagerFactory.GetInstance(TrustManagerFactory.DefaultAlgorithm);
trustManagerFactory.Init((KeyStore)null);
return trustManagerFactory.GetTrustManagers();
}
private IKeyManager[] GetKeyManagersFromClientCert(byte[] pkcs12, char[] password)
{
if (pkcs12 != null)
{
using (MemoryStream memoryStream = new MemoryStream(pkcs12))
{
KeyStore keyStore = KeyStore.GetInstance("pkcs12");
keyStore.Load(memoryStream, password);
KeyManagerFactory kmf = KeyManagerFactory.GetInstance("x509");
kmf.Init(keyStore, password);
return kmf.GetKeyManagers();
}
}
return null;
}
protected override SSLSocketFactory ConfigureCustomSSLSocketFactory(HttpsURLConnection connection)
{
SSLSocketFactory socketFactory = sslContext.SocketFactory;
if (connection != null)
{
connection.SSLSocketFactory = socketFactory;
}
return socketFactory;
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.