Cordova是否支持iOS上的证书固定?
答案 0 :(得分:1)
Cordova没有,但与大多数功能一样,可以使用插件。
"用于与HTTP服务器通信的Cordova / Phonegap插件。允许SSL固定!" - https://github.com/wymsee/cordova-HTTP
就像他在Cordova Security Guide中说的那样," ...假设您的应用程序能够使用插件执行所有网络请求(即:没有传统的XHR / AJAX请求等)。 #34;
答案 1 :(得分:1)
Cordova不支持证书固定,但可以使用Intel App Security API作为Cordova plugin来实现。
使用固定公钥代码段发送安全传输:
// TODO change server PK
var publicKey = "-----BEGIN PUBLIC KEY-----\n" +
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD99BcjGlZ+W988\n" +
"bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdqfnGk5sRgprDv\n" +
"gOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet8u5f\n" +
"a9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs\n" +
"0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9g\n" +
"OeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk\n" +
"+QIDAQAB\n" +
"-----END PUBLIC KEY-----\n";
// create the Transport Secure instance
intel.security.secureTransport.open( {url: "https://software.intel.com/en-us/app-security-api/api", serverKey: publicKey} )
// send the request
.then (function (transportInstanceID) {
// send the HTTPS request
return intel.security.secureTransport.sendRequest( {instanceID: transportInstanceID, requestBody: "data to send"} );
})
// process the response
.then (function(response) {
// assign response HTTP status
var responseHttpStatus = response.responseHttpStatus;
// assign response body
var responseBody = response.responseBody;
// assign response header
var responseHeader = response.responseHeader;
// now we have the following items:
// the response status in 'responseHttpStatus'
// the response body in 'responseBody'
// the response header in 'responseHeader'
// we can use those in our code.
doSomethingAfterReceiveWithKeyPinning(response);
})
.catch (function(error) {
console.log("Fail, error code is: " + error.code + ", error message is: " + error.message);
});
摘录的来源来自原始文档:https://software.intel.com/en-us/node/604523