zoukankan      html  css  js  c++  java
  • android中进行https连接的方式的详解

    比较不错的帖子哦

    android Video Buffer傳輸流程
    http://www.eoeandroid.com/thread-195728-1-1.html

    利用反射机制,封装 SAX解析类,从而解析网络xml文件
    http://www.eoeandroid.com/thread-193789-1-1.html

    关于Android root工具SuperOneClick教程详解
    http://www.eoeandroid.com/thread-190233-1-1.html

    如果不需要验证服务器端证书,直接照这里做。

        public class Demo extends Activity {
     
            /** Called when the activity is first created. */ 
                private TextView text;
     
            @Override
     
            public void onCreate(Bundle savedInstanceState) {
     
                super.onCreate(savedInstanceState);
     
                setContentView(R.layout.main); 
                text = (TextView)findViewById(R.id.text); 
                GetHttps();
     
            }
             
             private void GetHttps(){
     
                    String https = " https://800wen.com/"; 
                    try{
     
                            SSLContext sc = SSLContext.getInstance("TLS"); 
                            sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());
                             HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); 
                            HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());
                            HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection(); 
    
    conn.setDoOutput(
    true); conn.setDoInput(true); conn.connect(); BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); StringBuffer sb = new StringBuffer(); String line; while ((line = br.readLine()) != null) sb.append(line); text.setText(sb.toString()); }catch(Exception e){ Log.e(this.getClass().getName(), e.getMessage()); } } private class MyHostnameVerifier implements HostnameVerifier{ @Override public boolean verify(String hostname, SSLSession session) { // TODO Auto-generated method stub return true; } } private class MyTrustManager implements X509TrustManager{ @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // TODO Auto-generated method stub } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // TODO Auto-generated method stub } @Override public X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } } }

    如果需要验证服务器端证书(这样能够防钓鱼),我是这样做的,还有些问题问大牛:
    a. 导出公钥。在浏览器上用https访问tomcat,查看其证书,并另存为一个文件(存成了X.509格式:xxxx.cer)
    b. 导入公钥。把xxxx.cer放在Android的assets文件夹中,以方便在运行时通过代码读取此证书,留了两个问题给大牛:

        AssetManager am = context.getAssets();
     
        InputStream ins = am.open("robusoft.cer");
     
        try {
     
                //读取证书
     
                CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");  //问1
     
                Certificate cer = cerFactory.generateCertificate(ins);
     
                //创建一个证书库,并将证书导入证书库
     
                KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");   //问2
     
                keyStore.load(null, null);
     
                keyStore.setCertificateEntry("trust", cer);
     
                return keyStore;
     
        } finally {
     
                ins.close();
     
        }
     
        //把咱的证书库作为信任证书库
     
        SSLSocketFactory socketFactory = new SSLSocketFactory(keystore);
     
        Scheme sch = new Scheme("https", socketFactory, 443);
     
        //完工
     
        HttpClient mHttpClient = new DefaultHttpClient();
     
        mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);
     

    问1:这里用"PKCS12"不行
    答1:PKCS12和JKS是keystore的type,不是Certificate的type,所以X.509不能用PKCS12代替

    问2:这里用"JKS"不行。

    答2:android平台上支持的keystore type好像只有PKCS12,不支持JKS,所以不能用JKS代替在PKCS12,不过在windows平台上是可以代替的

    原文链接:http://www.eoeandroid.com/thread-197276-1-1.html

  • 相关阅读:
    [国嵌攻略][152][I2C总线介绍]
    [国嵌攻略][151][nandflash驱动程序设计]
    [国嵌攻略][150][实际嵌入式系统环境搭建]
    [国嵌攻略][149][Yaffs2文件系统应用]
    [国嵌攻略][148][MTD系统架构]
    [国嵌攻略][147][简单块设备驱动设计]
    [国嵌攻略][146][块设备驱动实例分析]
    PhpStorm Git 配置
    PHP 创建重用数据库连接函数 mysqli与PDO
    【转载】php程序员:从1.5K到18K 一个程序员的5年成长之路
  • 原文地址:https://www.cnblogs.com/vus520/p/2674725.html
Copyright © 2011-2022 走看看