TrustKit-Android icon indicating copy to clipboard operation
TrustKit-Android copied to clipboard

Published 20 hours ago verified publisher icon datatheorem

May I use SHA256 key dynamic instead of paste it in network_security_config file

Open microcian opened this issue 2 years ago • 3 comments

I need to secure the key as well as security of the project If I paste the key in network_security_config file it can be hacked using reverse engineering so How can i secure it more.?

microcian avatar Feb 22 '23 07:02 microcian

Hi microcian. why u need a key . i supposed that truskit do automatic

i found an example using by code image

about dynamic i want a dynamic way to not to updated my app each 5 months(left certificat pin expiration)

rogergcc avatar Apr 13 '23 01:04 rogergcc

i testing with the file but support only from Android 7 +

for below now using code way with okhttp, retrofit .certificatePinner

rogergcc avatar Apr 23 '23 15:04 rogergcc

it can be hacked using reverse engineering so How can i secure it more

u tested that can be hacked? test this cases key in buidconfig key in sharepreferences key in database room or sqlite

rogergcc avatar Apr 28 '23 20:04 rogergcc