KAP*_*OID 15 ssl android ssl-certificate pinning android-volley
我想在排球网络库中使用SSL Pinning.有没有办法用凌空实现SSL固定?凌空是否为安全性改进提供了这种支持?
nig*_*ann 11
我刚刚像这里描述的那样实现它:http://blog.ostorlab.co/2016/05/ssl-pinning-in-android-networking.html
以下是截击实现所需的代码:
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// Generate the certificate using the certificate file under res/raw/cert.cer
InputStream caInput = new BufferedInputStream(getResources().openRawResource(R.raw.cert));
Certificate ca = cf.generateCertificate(caInput);
caInput.close();
// Create a KeyStore containing our trusted CAs
String keyStoreType = KeyStore.getDefaultType();
KeyStore trusted = KeyStore.getInstance(keyStoreType);
trusted.load(null, null);
trusted.setCertificateEntry("ca", ca);
// Create a TrustManager that trusts the CAs in our KeyStore
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(trusted);
// Create an SSLContext that uses our TrustManager
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory sf = context.getSocketFactory();
mRequestQueue = Volley.newRequestQueue(mCtx.getApplicationContext(), new HurlStack(null, sf));
似乎工作!
我正在实施同样的事情。我找到了一篇博客文章,希望对你有帮助
http://ogrelab.ikratko.com/using-android-volley-with-self-signed-certificate/
| 归档时间: |
|
| 查看次数: |
5288 次 |
| 最近记录: |