7a6ac0 / SSLPinning

HttpURLConnection SSL Pinning

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

SSLPinning

HttpURLConnection透過憑證綁定方式作連線,在這是綁定Github的憑證,當使用Proxy(Ex. Charles)攔截傳輸內容時會無法正常連線。

Network Security Config

Android API 24以後才有的機制,利用script/cert.sh取得網站公鑰。

root@debian:~# ./script/cert.sh github.com
/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=88 Colin P Kelly, Jr Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=github.com
pL1+qb9HTMRZJmuC/bB/ZI9d302BYrrqiVuRyW+DGrU=
/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho=

將取得的公鑰加入network_security_config.xml

About

HttpURLConnection SSL Pinning


Languages

Language:Java 95.4%Language:Shell 4.6%