search

datatheorem / TrustKit-Android

Easy SSL pinning validation and reporting for Android.
MIT License
583 stars 87 forks source link

Need Assistance regarding network_security_config file #103

Open microcian opened 1 year ago

microcian commented 1 year ago

Anyone please guide me about the following lines 

<domain includeSubdomains="true">www.datatheorem.com</domain>
<!-- Valid pins -->
<pin-set expiration="2018-01-01">
<pin digest="SHA-256">AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=</pin>
<pin digest="SHA-256">YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=</pin>
</pin-set>
 <trustkit-config enforcePinning="false" disableDefaultReportUri="true">
 <report-uri>https://overmind.datatheorem.com/trustkit/report</report-uri>
</trustkit-config>

I never saw SHA-256 in such format (e.g. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=) as normally SHA-256 formed as A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7:A2:F4:G6:U7

How can I generate it ? and why here are two SHA's by using this lib I just need to replace the SHA ID and domain only or do I need to do anything else in android code level?