java ssl套接字服务器握手中止

时间:2012-11-29 12:37:47

标签: java android ssl serversocket

我有一个Android应用程序正在侦听套接字连接,可以读取httpheaders(通过浏览器发送(工作得很好!))。现在我不会切换到SSL套接字,但我无法完成它。

我开始工作的事情

  • 密钥库
  • ServerSocketFactory

我没有工作的事情(以及我需要帮助的地方):

  • 客户接受部分

public void run() {

try {           

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),"password".toCharArray());

    ServerSocketFactory socketFactory = SSLServerSocketFactory
                .getDefault();
    SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory
                .createServerSocket(8080);
    while (!mServerSocket.isClosed()) {
            mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
            mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());



            System.out.println("waiting");
            SSLSocket client = (SSLSocket) mServerSocket.accept(); 




            client.addHandshakeCompletedListener(new HandshakeCompletedListener(){

                public void handshakeCompleted(HandshakeCompletedEvent arg0) {
                    System.out.println("handshakeCompleted");

                }

            });
            client.startHandshake(); //MultiThreadWebServer.java:136


            client.getOutputStream().flush();



            client.close();
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}

例外:

11-29 11:15:01.046: W/System.err(29941): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x4fec3da8: Failure in SSL library, usually a protocol error
11-29 11:15:01.046: W/System.err(29941): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher (external/openssl/ssl/s3_srvr.c:1365 0x41b1e7f8:0x00000000)
11-29 11:15:01.046: W/System.err(29941):    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:436)
11-29 11:15:01.046: W/System.err(29941):    at at.aichinger.mario.aws.MultiThreadWebServer.run(MultiThreadWebServer.java:136)

连接到服务器我使用google cheome并访问“https://192.168.0.25:8080”如果我这样做,Exception会被抛出。

代码在线MultiThreadWebServer.java:136:

client.startHandshake();

2 个答案:

答案 0 :(得分:0)

首先,这两行没有任何意义。如果要限制支持的密码套件和协议,请专门定义它们。但是你必须要小心,并非浏览器都支持所有密码套件。

mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());

代码中的问题是您没有使用密钥库。试试这个:

public void run() {
    try {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),
                "password".toCharArray());

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "password".toCharArray());

        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(keyManagerFactory.getKeyManagers(), null, null);

        ServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
        SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory.createServerSocket(8080);
        while (!mServerSocket.isClosed()) {

            System.out.println("waiting");
            SSLSocket client = (SSLSocket) mServerSocket.accept();

            client.addHandshakeCompletedListener(new HandshakeCompletedListener() {

                public void handshakeCompleted(HandshakeCompletedEvent arg0) {
                    System.out.println("handshakeCompleted");

                }

            });
            client.startHandshake(); // MultiThreadWebServer.java:136

            client.getOutputStream().flush();

            client.close();
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}

答案 1 :(得分:0)

请始终定义将在应用程序中使用的密钥库的类型,而不是使用密钥库的缺省类型。否则,服务器和客户端之间可能会发生密钥库不匹配的情况。