//於AndroidManiFest加入網路權限
<uses-permission android:name="android.permission.INTERNET"/>
//於build.gradle新增okhttp
implementation 'com.squareup.okhttp3:okhttp:4.2.0'
//Import至Class
import okhttp3.OkHttpClient;
import okhttp3.CertificatePinner;
import okhttp3.Request;
//主要程式碼
//請注意Android4.2以後如再MainThread執行httpRequest會引發android.os.NetworkOnMainThreadException
new Thread(new Runnable(){
@Override
public void run() {
String hostname = "ivanli.nctu.me/";
CertificatePinner certificatePinner = new CertificatePinner.Builder()
//第一次填入sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=執行後出現錯誤
//從Exception取得正確的SHA256值
//.add(hostname, "sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=")
//第二次第二次填入正確得SHA256,填入後執行成功完成驗證
.add(hostname, "sha256/tl87oc9yrrqJ46gC3uBMBqBed5wM/qzdbLjO+1XE4to=")
.add(hostname, "sha256/YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=")
.add(hostname, "sha256/Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys=")
//....
.build();
OkHttpClient client = new OkHttpClient.Builder()
.certificatePinner(certificatePinner)
.build();
Request request = new Request.Builder()
.url("https://" + hostname)
.build();
try {
client.newCall(request).execute();
} catch (Exception e) {
System.out.println(e.toString());
}
}
}).start();
第一次執行憑證綁定失敗如下圖,藉由Exception獲得正確的SHA256
第二種方式,利用實體憑證檔(cer,der,pem,crt)來取得SHA256,取得後再利用OkHttp進行憑證驗證
public class OutputCerKey {
public static String GetSHA256(InputStream certFileInputSteam){
try{
X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509")
.generateCertificate(certFileInputSteam);
byte[] publicKeyEncoded = x509Certificate.getPublicKey().getEncoded();
MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
byte[] publicKeySha256 = messageDigest.digest(publicKeyEncoded);
//Base64.getEncoder() Android26以上
byte[] publicKeyShaBase64 = Base64.getEncoder().encode(publicKeySha256);
String Sha256key = "sha256/" + new String(publicKeyShaBase64);
return Sha256key;
}catch (Exception e){
e.printStackTrace();
} finally {
try {
if (certFileInputSteam != null) {
certFileInputSteam.close();
}
} catch (IOException e) {
e.printStackTrace();
}
}
return "";
}
}
AndroidStudio(Java)
專案檔下載