We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https://github.com/JsonChao/Awesome-Android-Interview/blob/master/%E8%AE%A1%E7%AE%97%E6%9C%BA%E5%9F%BA%E7%A1%80/%E7%BD%91%E7%BB%9C%E9%9D%A2%E8%AF%95%E9%A2%98.md
《客户端如何校验 CA 证书》这个子问题中,提到客户端是拿证书中的公钥去解密 hash 值,这一说法是不对的。应该是拿 ca 机构的公钥去解密。因为如果是拿证书的公钥的话,攻击者可以完全用自己的公、私钥构造一个证书。 参考:https://www.zhihu.com/question/37370216
The text was updated successfully, but these errors were encountered:
No branches or pull requests
https://github.com/JsonChao/Awesome-Android-Interview/blob/master/%E8%AE%A1%E7%AE%97%E6%9C%BA%E5%9F%BA%E7%A1%80/%E7%BD%91%E7%BB%9C%E9%9D%A2%E8%AF%95%E9%A2%98.md
《客户端如何校验 CA 证书》这个子问题中,提到客户端是拿证书中的公钥去解密 hash 值,这一说法是不对的。应该是拿 ca 机构的公钥去解密。因为如果是拿证书的公钥的话,攻击者可以完全用自己的公、私钥构造一个证书。
参考:https://www.zhihu.com/question/37370216
The text was updated successfully, but these errors were encountered: