我想通过套接字,Android Server和python Client进行通信。没有SSL,套接字通信良好,现在我需要实现https(SSL)套接字。我的要求是,每当服务器收到客户端请求时,它都必须验证客户端是否有效,并且对于客户端也是如此,就像客户端连接到服务器时一样,它必须检查它是否是有效服务器,我想确保它的安全性。我想使这种通信免受入侵者的侵害。现在我不知道我需要多少个证书,以及像服务器或客户端这样的谁将开始握手。我是Socket编程的新手。请帮助我:)
我正在使用此代码创建SSL套接字,我使用我在Android Server中创建的BKS密钥创建的证书将客户端与服务器连接,然后出现错误“连接被对等方关闭”
InputStream clientTruststoreIs = context.getResources().openRawResource(R.raw.sslkeystore);
KeyStore trustStore = null;
trustStore = KeyStore.getInstance("BKS");
trustStore.load(clientTruststoreIs, "sslsocket".toCharArray());
System.out.println("Loaded server certificates: " + trustStore.size());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
tmf.init(trustStore);
kmf.init(trustStore,"sslsocket".toCharArray());
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
//SSLSocketFactory factory = sslContext.getSocketFactory();
SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
serverSocket = (SSLServerSocket) factory.createServerSocket(this.listenPort);
//SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory.createServerSocket(8080);
((SSLServerSocket)serverSocket).setEnabledProtocols(new String[]{"TLSv1.2"});
String[] supportedProtocols = ((SSLServerSocket)serverSocket).getSupportedProtocols();
String[] enProtocols = ((SSLServerSocket)serverSocket).getEnabledProtocols();
String[] supportedCiphers = ((SSLServerSocket)serverSocket).getSupportedCipherSuites();
String[] enCiphersuite=((SSLServerSocket)serverSocket).getEnabledCipherSuites();
Log.i("Supported Cipher Array:", Arrays.toString(enCiphersuite));
((SSLServerSocket)serverSocket).setEnabledCipherSuites(enCiphersuite);
socket = (SSLSocket) serverSocket.accept();
socket.startHandshake();
socket.addHandshakeCompletedListener(new HandshakeCompletedListener() {
public void handshakeCompleted(HandshakeCompletedEvent arg0) {
Log.i(TAG, "handshakeCompleted");
}
});
}