Windows Phone 8.0證書鎖定

Question

我如何在Windows Phone 8.0中執行證書鎖定而沒有像SecureBlackbox這樣的商業圖書館？ 我可以爲Windows Phone 8.1做，但它不適用於WP8.0。

代碼WP8.1

private async Task<bool> GetPublicKeysFromServer(string serverUrl) 
    { 
     //clear old cers 
     serverPublicKyes = new List<string>(); 

     Uri serverUri = new Uri(serverUrl); 
     HttpClient httpClient = new HttpClient(); 

     string responseData = string.Empty; 
     HttpResponseMessage response = new HttpResponseMessage(); 
     response = await httpClient.GetAsync(serverUri); 

     List<Certificate> listCerts = new List<Certificate>(); 
     listCerts.Add(response.RequestMessage.TransportInformation.ServerCertificate); 

     foreach (Certificate aCertificate in listCerts) 
     { 
      IBuffer buffer = aCertificate.GetCertificateBlob(); 
      byte[] bCert = buffer.ToArray(); 
      string scert = BitConverter.ToString(bCert); 
      byte[] rsaOID = EncodeOID("1.2.840.113549.1.1.1");//1.2.840.113549.1.1.1 
      string sOID = BitConverter.ToString(rsaOID); 
      int length; 
      int index = FindX509PubKeyIndex(bCert, rsaOID, out length); 
      // Found X509PublicKey in certificate so copy it. 
      if (index > -1) 
      { 
       byte[] X509PublicKey = new byte[length]; 
       Array.Copy(bCert, index, X509PublicKey, 0, length); 
       string URLCertPublicKey = BitConverter.ToString(X509PublicKey); 
       serverPublicKyes.Add(URLCertPublicKey); 
       Debug.WriteLine("Site Cert: " + URLCertPublicKey); 
      } 
     } 
     return true; 
    } 

WP8.0 API不支持：

Windows.Security.Cryptography 和 HttpRequestMessage.TransportInformation

感謝。

Answer 1

對於Windows Phone 8的/ 8.1：Certificate pinning on windows phone 8/8.1

我不認爲你可以做到這一點不爲你所提到的用商業庫。你應該試試看。如果沒有，那麼在這裏，我發現從堆棧溢出本身（Read SSL Certificate Details on WP8）的一些內容：

對於WP8，你可以使用StreamSocket類，它有一個 UpgradeToSslAsync（）方法，將做TLS握手你作爲 異步操作。一旦完成，您可以使用 .Information.ServerCertificate屬性檢查您是否獲得了您期望的 服務器證書。