以编程方式检查 Android 中是否已安装客户端证书
我有一个 Android 应用程序,我使用以下代码安装客户端证书。
val inputStream: InputStream = resources.openRawResource(R.raw.client)
val intent = KeyChain.createInstallIntent()
val p12: ByteArray = inputStream.readBytes()
intent.putExtra(KeyChain.EXTRA_PKCS12, p12)
intent.putExtra(KeyChain.EXTRA_NAME, "Sample cert")
startActivityForResult(intent,3)
现在,一旦用户安装了证书,我不想再次重复此操作,因此我想检查证书是否已安装。
我使用以下代码进行检查,但没有获得“AndroidCAStore”和“PKCS12”的证书。
“AndroidCAStore” - 返回所有受信任的 CA 证书,但我的证书位于用户凭据中。
“PKCS12” - 为空
//val ks = KeyStore.getInstance("AndroidCAStore")
val ks: KeyStore = KeyStore.getInstance("PKCS12")
if (ks != null) {
ks.load(null, null)
val aliases = ks.aliases()
while (aliases.hasMoreElements()) {
val alias = aliases.nextElement() as String
val cert = ks.getCertificate(alias) as X509Certificate
Log.d("Cert ---->",cert.issuerDN.name)
if (cert.issuerDN.name.contains(issuerDn)) {
return true
}
}
}
有人可以帮我解决这个问题吗?
I have an android app where I am installing the client certificate using the following code.
val inputStream: InputStream = resources.openRawResource(R.raw.client)
val intent = KeyChain.createInstallIntent()
val p12: ByteArray = inputStream.readBytes()
intent.putExtra(KeyChain.EXTRA_PKCS12, p12)
intent.putExtra(KeyChain.EXTRA_NAME, "Sample cert")
startActivityForResult(intent,3)
Now once user installs the certificate, I dont want to repeat this again so I want to check if the certificate is already installed.
I used the following code to check it, but doest get the certificate with both "AndroidCAStore" and "PKCS12".
"AndroidCAStore" - returns all trusted CA certs but my certificate is in user credentials.
"PKCS12" - IS empty
//val ks = KeyStore.getInstance("AndroidCAStore")
val ks: KeyStore = KeyStore.getInstance("PKCS12")
if (ks != null) {
ks.load(null, null)
val aliases = ks.aliases()
while (aliases.hasMoreElements()) {
val alias = aliases.nextElement() as String
val cert = ks.getCertificate(alias) as X509Certificate
Log.d("Cert ---->",cert.issuerDN.name)
if (cert.issuerDN.name.contains(issuerDn)) {
return true
}
}
}
Can some one help me fix this.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
当您调用
val Intent = KeyChain.createInstallIntent()时,您将证书存储在 Android 钥匙串中,我认为没有办法以编程方式访问存储在那里的证书,请参阅 这个未答复发布。
由于您想检查证书是否安装在
KeyChain中,因此可以调用KeyChain.getPrivateKey()或KeyChain.getCertificateChain()并如果它们返回 null,则表示证书尚未安装。注意:您有一个限制,必须首先调用
KeyChain.choosePrivateKeyAlias才能在应用和KeyChain之间建立信任,否则您将获取KeyChain异常。如果您不需要使用
KeyChain,那么您只需创建自己的KeyStore并向其中添加您的证书即可。然后,您将能够调用aliases()来获取KeyStore中证书的所有别名。When you call
val intent = KeyChain.createInstallIntent()you are storing the Certificate in the Android Keychain and I don't think there's a way of accessing the Certificates stored there programatecally, see this unanswered post.
Since you want to check if the certificate was installed in the
KeyChain, you can callKeyChain.getPrivateKey()orKeyChain.getCertificateChain()and if they return null, then it means that theCertificatehas not been installed yet.Note: You have the limitation that you have to call
KeyChain.choosePrivateKeyAliasfirst to establish trust between the app and theKeyChain, otherwise you'll get aKeyChainexception.If you don't need to use the
KeyChain, then you can simply create your ownKeyStoreand add your certificates to it. Then you will be able to callaliases()to get all of the aliases of the certificates in theKeyStore.