Closed tele-bird closed 4 years ago
I made this change I described and tested in my iOS/Android projects.
The iOS app works nicely.
However, the Android app throws the following Exception. It appears that the Square.OkHttp3.CertificatePinner.Builder() method won't accept adding pins that start with "md5/". It's strange because the iOS implementation does accept pins that start with "md5/". Probably this is a bug in that package.
FullName: Java.Lang.IllegalArgumentException
Message: pins must start with 'sha256/' or 'sha1/': md5/mymd5fingerprint
StackTrace:
StackTrace: at Java.Interop.JniEnvironment+InstanceMethods.CallObjectMethod (Java.Interop.JniObjectReference instance, Java.Interop.JniMethodInfo method, Java.Interop.JniArgumentValue args) [0x00069] in
Sadly, OkHttp doesn't support MD5 so, i will remove it from the plugin next release.
Thanks. And probably the bug I noted in VerifyPins() should be fixed as well.
When I pass in a valid sha1 or md5 base64 string, I get the FormatException (The input is not a valid Base-64 string.) . After analyzing the problem, I found a bug in Utility.cs:
Currently, line 85 in VerifyPins() method assumes the prefix is 7 characters in length:
byte[] bytes = Convert.FromBase64String(pin.Remove(0, 7));
This is completely legit for "sha256/", but not "sha1/" or "md5/".
To fix this bug, you could change it like this:
byte[] bytes = Convert.FromBase64String(pin.Remove(0, pin.IndexOf('/') + 1));