安全认证

2019-08-27  本文已影响0人  忆痕无殇

即使被加密处理的通信,也会被窥视到通信内容,这点和未加密的数据道理是一样的,只不过就是加密之后的数据无法破解报文的含义,但是加密的报文信息本身也是能被看见的。
HTTP协议中没有加密机制,但可以通过SSL(Secure Socket layer 安全套接层)或者TLS (Transport layer Security 安全传输层协议)的组合使用,加密HTTP的通信内容。与SSL组合使用的HTTP被称为HTTPS(HTTP secure 超文本传输协议)。
HTTP + 加密 + 认证 + 完整性保护 = HTTPS

1:加密方式

2: Alamofire安全认证

public enum ServerTrustPolicy

- (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
                                             completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential))completionHandler;

认证核心逻辑


        if let sessionDidReceiveChallenge = sessionDidReceiveChallenge {
            (disposition, credential) = sessionDidReceiveChallenge(session, challenge)
        } else if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
            let host = challenge.protectionSpace.host

            if
                let serverTrustPolicy = session.serverTrustPolicyManager?.serverTrustPolicy(forHost: host),
                let serverTrust = challenge.protectionSpace.serverTrust
            {
                if serverTrustPolicy.evaluate(serverTrust, forHost: host) {
                    disposition = .useCredential
                    credential = URLCredential(trust: serverTrust)
                } else {
                    disposition = .cancelAuthenticationChallenge
                }
            }
        }

        completionHandler(disposition, credential)
认证过程.jpg
认证过程参考Alamofire进行Https网络请求自签名证书
上一篇 下一篇

猜你喜欢

热点阅读