iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: http://github.com/rafi4204/SSL-Pinning-Android
GitHub - rafi4204/SSL-Pinning-Android: ๐Ÿ“Œ๐Ÿ“Œ SSL Pinning Demo in Android Project
Skip to content
/ SSL-Pinning-Android Public

๐Ÿ“Œ๐Ÿ“Œ SSL Pinning Demo in Android Project

5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rafi4204/SSL-Pinning-Android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

9 Commits
.idea
.idea
ย 
ย 
app
app
ย 
ย 
gradle/wrapper
gradle/wrapper
ย 
ย 
image
image
ย 
ย 
.gitignore
.gitignore
ย 
ย 
README.md
README.md
ย 
ย 
build.gradle
build.gradle
ย 
ย 
gradle.properties
gradle.properties
ย 
ย 
gradlew
gradlew
ย 
ย 
gradlew.bat
gradlew.bat
ย 
ย 
settings.gradle
settings.gradle
ย 
ย 

Repository files navigation

SSL-Pinning-Android

๐Ÿ“Œ๐Ÿ“Œ This project will show the implementation of SSL pinning with public key of the server certificate using retrofit okhttp client.

Overview

Github Api has been used to show the ssl pinning. Its a simple user info api which will show user name.After clicking the button github api will be called and it will fetch user data.

Alt text

Explanation

Create CertificatePinner object with hash pin and host name

Alt text

Create OkHttpClient with CertificatePinner object

Alt text

Add OkHttpClient with Retrofit

Alt text

Install Openssl

Mac OS

  • Run this command on terminal brew install openssl

Windows

https://thesecmaster.com/procedure-to-install-openssl-on-the-windows-platform/

How to Extract Public Key/Hash from .cer/.crt file

1st Approach

  • First download the server certificate and save the file in a folder
  • run this command on that folder openssl x509 -in your_cerficate.cer -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64

2nd Appraoch

  • Give a wrong hash in retrofit

Alt text

  • Hit github api then in logcat correct hash pin will be shown. Copy the first hash and use it for pinning

Alt text

3rd Appraoch

  • Run this command openssl s_client -connect www.yourdomain.com:443 | openssl x509 -pubkey -noout | openssl rsa -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64

Resources

https://tech.groww.in/ssl-pinning-in-android-part-2-b591dfc8c2f1 https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning https://mailapurvpandey.medium.com/ssl-pinning-in-android-90dddfa3e051#:~:text=Public%20Key%20Pinning,-Public%20key%20pinning&text=In%20this%20approach%2C%20we%20generate,throw%20a%20SSL%20certificate%20error.

About

๐Ÿ“Œ๐Ÿ“Œ SSL Pinning Demo in Android Project

Topics

android ssl retrofit2 ssl-pinning ssl-certificates public-key-pinning

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages