安卓的WebViewClient
calls onReceivedSslError
当它遇到不受信任的证书时。但是,那SslError
我在该调用中收到的对象没有任何公共方式来访问底层X509Certificate
根据现有的验证它TrustStoreManager
。查看源代码,我可以访问X509Certificate
的编码字节如下:
public void onReceivedSslError(WebView view, SslErrorHandler handler,
SslError error) {
Bundle bundle = SslCertificate.saveState(error.getCertificate());
X509Certificate x509Certificate;
byte[] bytes = bundle.getByteArray("x509-certificate");
if (bytes == null) {
x509Certificate = null;
} else {
try {
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
x509Certificate = (X509Certificate) cert;
} catch (CertificateException e) {
x509Certificate = null;
}
}
// Now I have an X509Certificate I can pass to an X509TrustManager for validation.
}
显然,这是私有 API 并且很脆弱,尽管我认为它相当可靠,因为它们无法更改捆绑格式。有没有更好的办法?
经过漫长的等待,似乎有一个方法叫做getX509Certificate(): java.security.cert.X509Certificate
已添加到SslCertificate在我之后功能请求作为问题 36984840.
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)