Windows Phone 8.0 certificate pinning

问题

How i can do certificate pinning in Windows Phone 8.0 without commercial libraries like SecureBlackbox? I can do it for Windows Phone 8.1, but it doesn't work for WP8.0.

Code for WP8.1

private async Task<bool> GetPublicKeysFromServer(string serverUrl)
    {
        //clear old cers
        serverPublicKyes = new List<string>();

        Uri serverUri = new Uri(serverUrl);
        HttpClient httpClient = new HttpClient();

        string responseData = string.Empty;
        HttpResponseMessage response = new HttpResponseMessage();
        response = await httpClient.GetAsync(serverUri);

        List<Certificate> listCerts = new List<Certificate>();
        listCerts.Add(response.RequestMessage.TransportInformation.ServerCertificate);

        foreach (Certificate aCertificate in listCerts)
        {
            IBuffer buffer = aCertificate.GetCertificateBlob();
            byte[] bCert = buffer.ToArray();
            string scert = BitConverter.ToString(bCert);
            byte[] rsaOID = EncodeOID("1.2.840.113549.1.1.1");//1.2.840.113549.1.1.1
            string sOID = BitConverter.ToString(rsaOID);
            int length;
            int index = FindX509PubKeyIndex(bCert, rsaOID, out length);
            // Found X509PublicKey in certificate so copy it.
            if (index > -1)
            {
                byte[] X509PublicKey = new byte[length];
                Array.Copy(bCert, index, X509PublicKey, 0, length);
                string URLCertPublicKey = BitConverter.ToString(X509PublicKey);
                serverPublicKyes.Add(URLCertPublicKey);
                Debug.WriteLine("Site Cert: " + URLCertPublicKey);
            }
        }
        return true;
    }

WP8.0 API does not support:

Windows.Security.Cryptography and HttpRequestMessage.TransportInformation

Thanks.

回答1:

For Windows Phone 8/8.1: Certificate pinning on windows phone 8/8.1

I don't think you can do it without using commercial library as you mentioned. You should give it a try. If not then here I found some content from Stack Overflow itself (Read SSL Certificate Details on WP8):

For WP8, you can use the StreamSocket class, which has an UpgradeToSslAsync() method that will do the TLS handshake for you as an async operation. Once that completes, you can use the .Information.ServerCertificate property to check that you got the server certificate you were expecting.

来源：https://stackoverflow.com/questions/29816493/windows-phone-8-0-certificate-pinning