Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

为什么不支持华为的证书链格式校验,是soter本身的问题吗? #70

Open
huma8848888 opened this issue Jul 7, 2020 · 4 comments

Comments

@huma8848888
Copy link

在接入soter sdk的过程中发现好多使用了证书链格式的华为设备在最终验证阶段都校验不通过,是soter本身的问题还是华为不支持soter

@liuxb-tofu
Copy link
Collaborator

具体哪一步验不过,可以试下如果微信没问题的话,这台设备应该就是正常的

@DingYong4223
Copy link

我也遇到同样的问题,没有官方支持,数据如下:

华为手机-证书链模式
ASK: rawJson: {"certs":["-----BEGIN CERTIFICATE-----\nMIIEojCCA4ygAwIBAgIBATALBgkqhkiG9w0BAQswbzELMAkGA1UEBhMCQ04xDzAN\nBgNVBAoMBkh1YXdlaTETMBEGA1UECwwKSHVhd2VpIENCRzE6MDgGA1UEAwwxSFVB\nV0VJX0hXQ0VUXzJmOTg3MTQwLTI5OTYtNDNjMi1iZTFjLWYwOGY4MzdjMWZlYzAe\nFw0yNDAzMjgwMjUyMzVaFw0zNDAzMjgwMjUyMzVaMBoxGDAWBgNVBAMTD0EgS2V5\nbWFzdGVyIEtleTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALDs+xtB\nW33HFuwXjSCcbFu0dWfQPmA/Kyov22R0eev7bMoymvemqoaHVMqvR2R9KNHdsyq6\nskX57+/RFeRMDhFfeWSdSoXcoUrmQt1LM6IHJM36G9Ii8CH7kKf6AB4tFpCeuU13\nU14sEVSTxNDdgOPI/6KsY2y9EK/y+9DI8H7puoxXxtqou/m5oVWjMOZaeFQuBbzw\n25RB1k45ZVXruyhxLd1jFa9LOC26CQYZIdaX8K/aErBdVT09B0tR5nryP8My3DiG\nxQWC06Q5xKFZPWAwpj1aB6iFqNaUrVwJr2bhC1mCF/kkCCTco7/BPkpS2NV0Q9mP\njglBxD8p/Hq0jNsCAwEAAaOCAaAwggGcMAsGA1UdDwQEAwIAADCCAWMGCisGAQQB\n1nkCAREEggFTMIIBTwIBAgoBAQIBAwoBAQR4eyJjcHVfaWQiOiJIVUFXRUlfSFdD\nRVRfMmY5ODcxNDAtMjk5Ni00M2MyLWJlMWMtZjA4ZjgzN2MxZmVjLWYzNWEyMzdh\nIiwiY291bnRlciI6NzQ0LCJ1aWQiOiIxMDY5NCIsInJzYV9wc3Nfc2FsdGxlbiI6\nMzJ9BAAwfb+DdwIFAL+FPQgCBgGOgvk5OL+FRWcEZTBjMR0wGwQWY29tLnRlbmNl\nbnQuc290ZXIuZGVtbwIBATFCBEA5NDQwM2VkNjBkMDRlMzQxOTg3OWEzZDFlNjI1\nZTFmNGYyZDdiOThiMDQwZGE2YWI5Y2QwN2IwNmFkYmY4YWYwMEahCTEHAgUA/wEA\nAaIDAgEBowQCAggApQUxAwIBBKYFMQMCAQO/gUgFAgMBAAG/hT4DAgEAv4VBBQID\nAdTAv4VCBQIDAxXgMCYGCSsGAQQBj1seAgEBAAQWMBQCAQCiAwEBAb+BSAgwBqEE\nAwIABjALBgkqhkiG9w0BAQsDggEBAJq91baB+1UrwE3FbcseT+rIfLpPV1oyXh0C\nFmKOITIDcb6YDOMtKsIcaOKlTDM/bUP0TimQ2K4OPBBJPYIsioZTsfYCPFHUmYTn\n0M+RA6VNLArlgy9CgUtQUSVLQLmVjz9Ov7Vd1lA8PU/ypB/CbWOeKh7BiwtPZAsH\nYqHAHSK3bujRmo7w7WpC7TF0N+Y4T5wtm2tZJj2aUYSOHyeUF+KkIJ3fXyF9C1TW\nJ/EUgPX2PinJXa2snDpxGoWtD9XY7b8MNzhpNQ6kd2e8S/FEKwAWGRUyZJswT6H/\n1TuWHmQEZGODjlwTgKs4Ow4s8KWFustHnHa7GQ03htiYuQ/rfUM=\n-----END CERTIFICATE-----\n","-----BEGIN CERTIFICATE-----\nMIIEdzCCA1+gAwIBAgISICIIIRVSAGWIf9ZwPOWNa4YRMA0GCSqGSIb3DQEBCwUA\nMFwxCzAJBgNVBAYTAkNOMQ8wDQYDVQQKDAZIdWF3ZWkxEzARBgNVBAsMCkh1YXdl\naSBDQkcxJzAlBgNVBAMMHkh1YXdlaSBDQkcgTW9iaWxlIEVxdWlwbWVudCBDQTAe\nFw0yMjA4MjEwNzUyMDBaFw0zMjA4MjAwNzUyMDBaMG8xCzAJBgNVBAYTAkNOMQ8w\nDQYDVQQKDAZIdWF3ZWkxEzARBgNVBAsMCkh1YXdlaSBDQkcxOjA4BgNVBAMMMUhV\nQVdFSV9IV0NFVF8yZjk4NzE0MC0yOTk2LTQzYzItYmUxYy1mMDhmODM3YzFmZWMw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCzMexhirIEEfoNrs12l2W\nRb5OaQtPjd13CbikHlbLQSHmDGeQ5D0Deqp1ArvIpP0eu7JUo1HRDC0RcEQ2Gogk\nqwnzwQcGJnydF5raBJWCMOlsgqinM59+6XNLRmgz7a5YKta/Txqg6eClbTHKr9uZ\n2yQlg099p1pmZepB6+R2+mWnenUFNuTQsoZzMqJEAQXv9pfh+ecEb1yPHDTxoBOr\nYbcIc4E5OgnfulSi5IDv21/I5Wthn5MYCWC+Sq/UP/FMabux0XhuDhI7Vrx13dYf\nCyf5aRgwrr904HKppsFSgPsj8etBuF4Z3+ADLUdST0HMNdacPpVolWzU0m3WaOTN\nAgMBAAGjggEeMIIBGjAfBgNVHSMEGDAWgBQ109lIT3BRTSOxMtXV3SUhzgUu3TAd\nBgNVHQ4EFgQU3ku1SZjF3xn1Erut7+syKu9lLHYwEgYDVR0TAQH/BAgwBgEB/wIB\nADBGBgNVHSAEPzA9MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cDovL3BraS5j\nb25zdW1lci5odWF3ZWkuY29tL2NhL2NwczAOBgNVHQ8BAf8EBAMCArQwTQYDVR0f\nBEYwRDBCoECgPoY8aHR0cDovL3BraS5jb25zdW1lci5odWF3ZWkuY29tL2NhL2Ny\nbC9tb2JpbGVfZXF1L2NybDIwMjIuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\nBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAhOQbRQwgw8P4wSg31FB/KNKyYEnp\nVgx9v6mO7KzQPFXDU7pS3s3lF0F1ezLlpnaWRS31mUxTAByezqPvj6NjVIHdV1OL\nOyoDjauPQH1wQ841ZRx1hVmoXKiNr1GAo5McAetBjsvj2nv5pBdXss+6SORMR9HT\nm9lqv2GRKUThhyK8rJr0OFC90uyFP2Sqv+4HV0G4NxlO2eRfQWKT6Vmnr0LdLeXa\n0BmKGfNKqHpydGgEnYVG0hFG3I7ZRSx4pTZJxydB9S1HLslGK5NnFPnQ1B7NC9ZW\nAgSVTYPMDsWiSmLvZg+7cCoIp5kvxLXyFrqFNHugLDfIw52cVetf80yDDg==\n-----END CERTIFICATE-----\n","-----BEGIN CERTIFICATE-----\nMIIE9jCCAt6gAwIBAgIIGLiVkB1V/dowDQYJKoZIhvcNAQELBQAwUDELMAkGA1UE\nBhMCQ04xDzANBgNVBAoMBkh1YXdlaTETMBEGA1UECwwKSHVhd2VpIENCRzEbMBkG\nA1UEAwwSSHVhd2VpIENCRyBSb290IENBMB4XDTE3MDgyMTExMTE1NFoXDTM3MDgx\nNjExMTE1NFowXDELMAkGA1UEBhMCQ04xDzANBgNVBAoMBkh1YXdlaTETMBEGA1UE\nCwwKSHVhd2VpIENCRzEnMCUGA1UEAwweSHVhd2VpIENCRyBNb2JpbGUgRXF1aXBt\nZW50IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFwCSSlfQ/sM\nyGs534kxNYPWFWSlNsduoSXHHDYmDqHoRON7dw256Ly4vQfz+YLcTqGh8Zkaqh+9\nlOb5Qj2N0dxrPqyxa8kMNdqtWyMRQC2JGrd1+stOVOTJ1zjsxABpL+9BOjO43Q4J\nsZH9xLK/Y7ObSCZPd+fKGLzw2SxjC031n40w0M2tAyKMqnPoxhWT7xJbZO1vXX1r\niBFVCbGYHviA0nJm7YIyepxvfvzELdp9c+IMNYSzvHQrpHMkHJxobiDnw289rZLK\n5RYuWxhzWaD5tafWeAgH8wqr7a8Z75f+4ZESkYWvQu/glyDAAUPn+/pQX2S3OSp2\nj9UZtNQHTQIDAQABo4HHMIHEMB8GA1UdIwQYMBaAFKrE03lH6G4ja+/wqWwicz16\nGWmhMB0GA1UdDgQWBBQ109lIT3BRTSOxMtXV3SUhzgUu3TAPBgNVHRMBAf8EBTAD\nAQH/MA4GA1UdDwEB/wQEAwIBBjBhBgNVHR8EWjBYMFagVKBShlBodHRwOi8vY3Br\naS1jYXdlYi5odWF3ZWkuY29tL2Nwa2kvc2VydmxldC9jcmxGaWxlRG93bi5jcmw/\nY2VydHlwZT0xJi9yb290Y3JsLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAW/ZYMPfM\nsxWoPUaG2rOk4FmdL8Jz2cxWKOIUvmG6qQ/4ITWthYJOS3SjTbDyhwQM6tPBCl67\nHlMhqgfstUTqU1byT7QneBmG4XndfyjlTs3yC3TRkfr4ySV21mddTvNMU2BCJtJQ\nTqISeLvjxLKwxX/syBRB5S2MdWQLPLaU2jvCWGM/qHoI3u5FVoCmtrgx/tncK1g/\nJ/8PRD4fYt4S2VpQqIzvqvoZSEdQuuP5FETTEo9Glc7UyDh4heqZovwDdla54E4i\nAtq09w4yYhqz1w3eis3csZFoUUKm9sLCXxDS9WFBYNtOnckmyu9uoJ8z2Sx2E/2c\nEF8DcbM9LB19BpR4PEEV6tXTNOD6doHJ9igF22UvHrWgiLHWcfTl7LLhfVxZuugE\n9GfJSKEID8WaKYxbR/FiwJfLXC4/mTtGevmV/NVKrMZ8t4WjXJCbSNQzvS4rZZ4W\n43yyXzlMJDDaQCujKNt5BcgyLKeT5QjY7I8fy33ODIZF8muYnpwE9iBYOy7BRyvV\nucN2p9uYJlfIvrHy4KZ2ik0jjcljlMqjDvmulnjPB+2OukKwoL2Hg+zKBVkfnIMF\nWpddI3wLQMJYfb7AnWyd1Dp/LvMJass3bLFV0dSmFe9NMB//EcyVeqKLFA3SRNqa\n0uVSOEYODEFGUT6oeTs6DvM+96q7tKi/Jt8=\n-----END CERTIFICATE-----\n","-----BEGIN CERTIFICATE-----\nMIIFZDCCA0ygAwIBAgIIYsLLTehAXpYwDQYJKoZIhvcNAQELBQAwUDELMAkGA1UE\nBhMCQ04xDzANBgNVBAoMBkh1YXdlaTETMBEGA1UECwwKSHVhd2VpIENCRzEbMBkG\nA1UEAwwSSHVhd2VpIENCRyBSb290IENBMB4XDTE3MDgyMTEwNTYyN1oXDTQyMDgx\nNTEwNTYyN1owUDELMAkGA1UEBhMCQ04xDzANBgNVBAoMBkh1YXdlaTETMBEGA1UE\nCwwKSHVhd2VpIENCRzEbMBkGA1UEAwwSSHVhd2VpIENCRyBSb290IENBMIICIjAN\nBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1OyKm3Ig/6eibB7Uz2o93UqGk2M7\n84WdfF8mvffvu218d61G5M3Px54E3kefUTk5Ky1ywHvw7Rp9KDuYv7ktaHkk+yr5\n9Ihseu3a7iM/C6SnMSGt+LfB/Bcob9Abw95EigXQ4yQddX9hbNrin3AwZw8wMjEI\nSYYDo5GuYDL0NbAiYg2Y5GpfYIqRzoi6GqDz+evLrsl20kJeCEPgJZN4Jg00Iq9k\n++EKOZ5Jc/Zx22ZUgKpdwKABkvzshEgG6WWUPB+gosOiLv++inu/9blDpEzQZhjZ\n9WVHpURHDK1YlCvubVAMhDpnbqNHZ0AxlPletdoyugrH/OLKl5inhMXNj3Re7Hl8\nWsBWLUKp6sXFf0dvSFzqnr2jkhicS+K2IYZnjghC9cOBRO8fnkonh0EBt0evjUIK\nr5ClbCKioBX8JU+d4ldtWOpp2FlxeFTLreDJ5ZBU4//bQpTwYMt7gwMK+MO5Wtok\nUx3UF98Z6GdUgbl6nBjBe82c7oIQXhHGHPnURQO7DDPgyVnNOnTPIkmiHJh/e3vk\nVhiZNHFCCLTip6GoJVrLxwb9i4q+d0thw4doxVJ5NB9OfDMV64/ybJgpf7m3Ld2y\nE0gsf1prrRlDFDXjlYyqqpf1l9Y0u3ctXo7UpXMgbyDEpUQhq3a7txZQO/17luTD\noA6Tz1ADavvBwHkCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF\nMAMBAf8wHQYDVR0OBBYEFKrE03lH6G4ja+/wqWwicz16GWmhMA0GCSqGSIb3DQEB\nCwUAA4ICAQC1d3TMB+VHZdGrWJbfaBShFNiCTN/MceSHOpzBn6JumQP4N7mxCOwd\nRSsGKQxV2NPH7LTXWNhUvUw5Sek96FWx/+Oa7jsj3WNAVtmS3zKpCQ5iGb08WIRO\ncFnx3oUQ5rcO8r/lUk7Q2cN0E+rF4xsdQrH9k2cd3kAXZXBjfxfKPJTdPy1XnZR/\nh8H5EwEK5DWjSzK1wKd3G/Fxdm3E23pcr4FZgdYdOlFSiqW2TJ3Qe6lF4GOKOOyd\nWHkpu54ieTsqoYcuMKnKMjT2SLNNgv9Gu5ipaG8Olz6g9C7Htp943lmK/1Vtnhgg\npL3rDTsFX/+ehk7OtxuNzRMD9lXUtEfok7f8XB0dcL4ZjnEhDmp5QZqC1kMubHQt\nQnTauEiv0YkSGOwJAUZpK1PIff5GgxXYfaHfBC6Op4q02ppl5Q3URl7XIjYLjvs9\nt4S9xPe8tb6416V2fe1dZ62vOXMMKHkZjVihh+IceYpJYHuyfKoYJyahLOQXZykG\nK5iPAEEtq3HPfMVF43RKHOwfhrAH5KwelUA/0EkcR4Gzth1MKEqojdnYNemkkSy7\naNPPT4LEm5R7sV6vG1CjwbgvQrWCgc4nMb8ngdfnVF7Ydqjqi9SAqUzIk4+Uf0ZY\n+6RY5IcHdCaiPaWIE1xURQ8B0DRUURsQwXdjZhgLN/DKJpCl5aCCxg==\n-----END CERTIFICATE-----\n"],"cpu_id":"HUAWEI_HWCET_2f987140-2996-43c2-be1c-f08f837c1fec-f35a237a","uid":10694,"counter":744}
ASK: signature:

AuthKey: rawJson: {"pub_key":"-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnOG6QD5QMyQ5FzfZZ+u02AKslP1FlJ9QtdN+Nc/r0dBkQjBZAYfSORskpqgNPHprmMV3Y54fj6jMyQBmRzZZxw5vd6iEpjzYIMhiJKmRUWj2QPnKYGamk2TgAAp+tO90ZISvjG5X8SqjGl7kCHfMqOR04uQNY5XrgZVNYnx7WU6PFgW27aTPUoNRFwhlLUsjaoXYKAX8MOOwb55qBVXc2Rz+PRDaA4iLIdRR7VOJjH6e8JHiuq78bH/A1F4dKMG3Yt2g13VE5PuozBd41Qxfv9XtXd8hQ4VH6XP0vmOsKxlJy2qRHdRzSEx6UD2hIJ5PsmWeX1NjBMPrCeri7c0cwIDAQAB
-----END PUBLIC KEY-----","cpu_id":"HUAWEI_HWCET_2f987140-2996-43c2-be1c-f08f837c1fec-f35a237a","counter":828,"uid":"10694","rsa_pss_saltlen":32}
AuthKey: signature: Gq1r43exPZfpsWh4L5GKW3sa9L4Tj5IeFJBFbTRIb2kXtCUTvOMVgMeI7MH52uFXPDMGcxXeW8yMjFIDOoRcQbVnHQzDiLzmPSkSIlMkFsCLZ1DgHCvM9mon8SviIF/OSOcisNvzcC3LYKWDULhk8kGFFqJtlQN4sozDNd7yRlA2HBaWjM7jFR+XBKywgNul5QPoPzDpSxGRSWf4XEjlW07W3N7v7s2HwU4RGBuF8eeqn5Hpahh/KG1UBKDsocFYuSlAKVVH1eXeGExEwfPECj98NxtSpK71rO9nz9ZZSapT4G4DGof9VvZve7hw9rDAgZkeEA/1eQALSaWvWYJUow==

biometric: rawJson: {"bo_t":"1","raw":"I'm a demo challenge string","fid":"3871513443","counter":829,"tee_n":"hwteeos","tee_v":"version_1.0","fp_n":"fpc_goodix","fp_v":"goodix_1.0","rsa_pss_saltlen":32,"cpu_id":"HUAWEI_HWCET_2f987140-2996-43c2-be1c-f08f837c1fec-f35a237a","uid":"10694","fc_n":"hwbioalgo","fc_v":"bioalgo_1.0"}
biometric: signature: HIlXku+bURN2mmwPklJ1qNW9G5QsrbLhIzZ7Sixv8m8NbqcQvGh2Xvxdt4luxG2S1nHmrBpe0jzxpjVVQhBG18YyhSOVC0f65FgbBEBD1jw/D4yPtYHim06XksQca9n4IGwZuZm/wlpd3RFCsOqyh10Hb+KoWeG9hV5wmmiADoDALN7XsbKCHHlVRPTH6S+lmG92vQfw3aDMypOxsoTwdu2TE0FW57z/rwD+9IJm8F2KNyYSPSdiAxefoTcw7m4DUyQycYPNVhTW7O3bSuUMHIttXpqKa1EXw5VFOVV7yPIYuhNRBN3FgU/4IwaQZkZqfbVtJe0WX1R4KMUN6qfURw==

@DingYong4223
Copy link

在接入soter sdk的过程中发现好多使用了证书链格式的华为设备在最终验证阶段都校验不通过,是soter本身的问题还是华为不支持soter

请问解决了吗,我也遇到同样的问题

@SniperXiaoJun
Copy link

我也遇到这个问题,已经解决。问题出在我测试时,将签名原文【auth_key_json.txt】在从文本编辑器拷贝时,因为ide的原因,保存时修改了原文的换行符。在安卓的原文【auth_key_json.txt】中,换行符为“\n”。但是在我测试时,在ide中,保存的原文的【换行符】为【\r\n】了。

解决办法:可临时在后端验证时,调整示例代码如下,将换行符修正下(正式环境因为是网络传输,不会有此问题)
String hwAuthKeyString = (new String (hwAuthKeyJson,"utf-8"));//hwAuthKeyJson是demo中读取到的内容byte[]
hwAuthKeyString = hwAuthKeyString.replaceAll("\r\n", "\n");//换行符修正
hwAuthKeyJson= hwAuthKeyString.getBytes(StandardCharsets.UTF_8);//重新还原为byte[]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants