我一直在使用证书固定。但现在的要求是更改为公钥固定。我从别人那里拿了这个项目。我可以使用Trustkit实现公钥固定。但是如果我要使用 TrustKit,我必须更改很多实现。我添加了证书固定的代码。
我想使用 .pinPublicKeys 而不是 .pinCertificates。但是在这个实现中,我必须将证书添加到构建中,这是我试图避免的。我只想使用公钥哈希。对于 .pinPublicKey,我必须添加 [secKey]。我找不到将公共哈希密钥转换为 SecKey 的解决方案。请帮助解决这个问题。
class Client {
static let shared = Client()
var manager:SessionManager?
init() {
let certificates: [SecCertificate] = getCertificates()
let serverTrustPolicies: [String: ServerTrustPolicy] = [
"app.###.com": .pinCertificates(
certificates: certificates,//ServerTrustPolicy.certificates(),
validateCertificateChain: true,
validateHost: true
)
]
manager = Alamofire.SessionManager(
configuration: URLSessionConfiguration.default,
serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
)
}
private func getCertificates() -> [SecCertificate] {
let url = Bundle.main.url(forResource: "certificate", withExtension: "der")!
let localCertificate = try! Data(contentsOf: url) as CFData
guard let certificate = SecCertificateCreateWithData(nil, localCertificate)
else { return [] }
return [certificate]
}
}