问题
I am designing an application using Xamarin and I want to boost our security by using certificate pinning. But I cannot find a way to do it. I can use the native approach for android to do it, but I want to know if there is a cross-platform solution to this, or even a solution for windows phone at all.
回答1:
On Android and iOS you can use the standard .NET way with ServicePointManager.ServerCertificateValidationCallback.
On Windows Phone 8 you can use StreamSocket, call UpgradeToSslAsync after connecting and then read the certificate details.
On Windows Phone 8.1 you may also use
var uri = new Uri("https://someuri.com/");
var httpClient = new HttpClient();
var httpResponseMessage = await httpClient.GetAsync(uri);
var certificate = httpResponseMessage.RequestMessage.TransportInformation.ServerCertificate;
So not a cross platform solution...
SecureBlackbox might be able to help with a cross platform solution, but I've only used it with Windows Phone 7.x a while ago.
来源:https://stackoverflow.com/questions/26466115/xamarin-cross-platform-certificate-pinning