我正在开发一个 windows phone 8 我正在连接一个带有可信证书的 HTTPS 服务器。我正在尝试读取服务器数字签名以使用本地字符串对其进行验证,以避免中间人攻击。
那么我应该发送什么来接收签名然后验证它
这是我的代码:
public static RequestSoap call webservice()
2. {
3. NetworkCredential credentials = new
4. NetworkCredential(Cryptography.getUserName(), Cryptography.getPassword(),
5. Cryptography.getDomain());
6.
7. string wsUrl = 'link';
8. HttpWebRequest request =
9. (HttpWebRequest)HttpWebRequest.Create(wsUrl);
10. request.UseDefaultCredentials = false;
11. request.AllowAutoRedirect = true;
12. request.Credentials = credentials;
13. request.Headers["SOAPAction"] = 'soapLink';
14. request.ContentType = "text/xml;charset=UTF-8";
15. request.Method = "POST";
16.
17. String envelope =
18. "<soap:Envelope
19.xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
20.xmlns:xsd='http://www.w3.org/2001/XMLSchema'
21.xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'>"
22. + "<soap:Body>"
23. ..........
24. + " </soap:Body>"
25. + " </soap:Envelope>";
26.
27. XDocument soapEnvelopeXml = XDocument.Parse(envelope);
28. InsertSoapEnvelopeIntoWebRequest(soapEnvelopeXml, request);
29. }
30.
31. private void InsertSoapEnvelopeIntoWebRequest(XDocument soapEnvelopeXml,
32. HttpWebRequest webRequest)
33. {
34. webRequest.BeginGetRequestStream((IAsyncResult
35. asynchronousResult) =>
36. {
37. HttpWebRequest request =
38. (HttpWebRequest)asynchronousResult.AsyncState;
39. Stream postStream =
40. request.EndGetRequestStream(asynchronousResult);
41. soapEnvelopeXml.Save(postStream);
42. postStream.Close();
43. request.BeginGetResponse(new
44. AsyncCallback(GetResponseCallback), request);
45. }, webRequest);
46. }
47.
48. private void GetResponseCallback(IAsyncResult asynchronousResult)
49. {
50.
51. try
52. {
53. HttpWebRequest request =
54. (HttpWebRequest)asynchronousResult.AsyncState;
55. HttpWebResponse response =
56. (HttpWebResponse)request.EndGetResponse(asynchronousResult);
57. Stream streamResponse = response.GetResponseStream();
58. StreamReader streamRead = new StreamReader(streamResponse);
59. string responseString = streamRead.ReadToEnd();
60.
61. Deployment.Current.Dispatcher.BeginInvoke(() =>
62. {
63. if
64. (request.Credentials.GetCredential(request.RequestUri, "NTLM").Domain !=
65. Cryptography.getDomain())
66. {
67. streamResponse.Close();
68. streamRead.Close();
69. response.Close();
70. return;
71. }
72.
73. responseString =
74. responseString.Replace("encoding=\"utf-8\"", "");
75. XmlReader reader = XmlReader.Create(new
76. MemoryStream(System.Text.UnicodeEncoding.Unicode.GetBytes(responseString)));
77. reader.MoveToContent();
78.
79. while (reader.Read())
80. {
81. // parsing
82. }
83. }
84. });
85.
86. streamResponse.Close();
87. streamRead.Close();
88. response.Close();
89. }
90. catch (Exception a)
91. {
92.
93. }
94. }