如果没有像 SecureBlackbox 这样的商业库,我如何在 Windows Phone 8.0 中进行证书固定? 我可以在 Windows Phone 8.1 上执行此操作,但它不适用于 WP8.0。
WP8.1 代码
private async Task<bool> GetPublicKeysFromServer(string serverUrl)
{
//clear old cers
serverPublicKyes = new List<string>();
Uri serverUri = new Uri(serverUrl);
HttpClient httpClient = new HttpClient();
string responseData = string.Empty;
HttpResponseMessage response = new HttpResponseMessage();
response = await httpClient.GetAsync(serverUri);
List<Certificate> listCerts = new List<Certificate>();
listCerts.Add(response.RequestMessage.TransportInformation.ServerCertificate);
foreach (Certificate aCertificate in listCerts)
{
IBuffer buffer = aCertificate.GetCertificateBlob();
byte[] bCert = buffer.ToArray();
string scert = BitConverter.ToString(bCert);
byte[] rsaOID = EncodeOID("1.2.840.113549.1.1.1");//1.2.840.113549.1.1.1
string sOID = BitConverter.ToString(rsaOID);
int length;
int index = FindX509PubKeyIndex(bCert, rsaOID, out length);
// Found X509PublicKey in certificate so copy it.
if (index > -1)
{
byte[] X509PublicKey = new byte[length];
Array.Copy(bCert, index, X509PublicKey, 0, length);
string URLCertPublicKey = BitConverter.ToString(X509PublicKey);
serverPublicKyes.Add(URLCertPublicKey);
Debug.WriteLine("Site Cert: " + URLCertPublicKey);
}
}
return true;
}
WP8.0 API 不支持:
Windows.Security.Cryptography 和 HttpRequestMessage.TransportInformation
谢谢。
最佳答案
对于 Windows Phone 8/8.1:Certificate pinning on windows phone 8/8.1
我认为如果不使用您提到的商业图书馆,您将无法做到这一点。你应该试一试。如果没有,那么我在这里找到了一些来自 Stack Overflow 本身的内容(Read SSL Certificate Details on WP8):
For WP8, you can use the StreamSocket class, which has an UpgradeToSslAsync() method that will do the TLS handshake for you as an async operation. Once that completes, you can use the .Information.ServerCertificate property to check that you got the server certificate you were expecting.
关于c# - Windows Phone 8.0 证书固定,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29816493/