protected bool ValidateCertificate (byte[] certificateData);

Parameters

certificateDataPEM 或 DER 格式的证书数据。如果证书数据包含多个证书,第一个便是树叶证书。

Returns

bool 如果证书应该被接受,则为 true,否则为 false

Description

为远程服务器发送的每个树叶证书调用的回调。

重载此函数以实现自定义证书验证方案。

using UnityEngine.Networking;
using System.Security.Cryptography.X509Certificates;

// Based on https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#.Net class AcceptAllCertificatesSignedWithASpecificKeyPublicKey : CertificateHandler { // Encoded RSAPublicKey private static string PUB_KEY = "30818902818100C4A06B7B52F8D17DC1CCB47362" + "C64AB799AAE19E245A7559E9CEEC7D8AA4DF07CB0B21FDFD763C63A313A668FE9D764E" + "D913C51A676788DB62AF624F422C2F112C1316922AA5D37823CD9F43D1FC54513D14B2" + "9E36991F08A042C42EAAEEE5FE8E2CB10167174A359CEBF6FACC2C9CA933AD403137EE" + "2C3F4CBED9460129C72B0203010001";

protected override bool ValidateCertificate(byte[] certificateData) { X509Certificate2 certificate = new X509Certificate2(certificateData); string pk = certificate.GetPublicKeyString(); if (pk.Equals(PUB_KEY)) return true;

// Bad dog return false; } }