我正在尝试更改我的应用程序的通信。它可以与Sockets一起使用,但是我必须使用SSLSockets使其起作用,所以我做了一些更改,这就是我得到的。
String pemData = readPemFile();
pemData = pemData.replace("-----BEGIN CERTIFICATE-----","")
.replace("-----END CERTIFICATE-----","");
byte[] byteArray = android.util.Base64.decode(pemData, android.util.Base64.DEFAULT);
InputStream is = new ByteArrayInputStream(byteArray);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Certificate cert = cf.generateCertificate(is);
String keyStoreType = KeyStore.getDefaultType();
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
keyStore.setCertificateEntry("cert", cert);
String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
tmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory tlsSocketFactory = sslContext.getSocketFactory();
sslSocket = (SSLSocket) tlsSocketFactory.createSocket(host, port);
sslSocket.setEnabledProtocols(new String[] {"TLSv1.2"});
基本上,我使用了https://developer.android.com/training/articles/security-ssl#java中的代码并进行了更改,以便使用SSL套接字并加载X.509证书(我只有PEM文件)。
要发送和读取套接字,我使用了相同的代码,但使用了sslSocket:
inputStream = new DataInputStream(sslSocket.getInputStream());
outputStream = new DataOutputStream(sslSocket.getOutputStream());
LOG.info("trying to write ");
byte[] messageBytes = this.message.getBytes(Constans.FORMATO_TEXTO_TCPIP);
outputStream.write(messageBytes);
outputStream.flush();
LOG.info("Data sent to the socket " + this.message);
nRead = inputStream.read(data, 0, data.length);
if(nRead != -1) {
/* ... */
}
运行它时,得到以下日志:
D/NativeCrypto: doing handshake ++
D/NativeCrypto: ssl=0x52ab0830 info_callback where=0x1001 ret=1
D/NativeCrypto: ssl=0x52ab0830 SSL_connect:3RFINA SSLv3 read finished A
D/NativeCrypto: ssl=0x52ab0830 info_callback ignored
D/NativeCrypto: ssl=0x52ab0830 info_callback where=0x20 ret=1
D/NativeCrypto: ssl=0x52ab0830 handshake done in SSLOK SSL negotiation finished successfully
D/NativeCrypto: ssl=0x52ab0830 info_callback calling handshakeCompleted
D/NativeCrypto: ssl=0x52ab0830 info_callback completed
D/NativeCrypto: ssl=0x52ab0830 info_callback where=0x1002 ret=1
D/NativeCrypto: ssl=0x52ab0830 SSL_connect:ok exit in SSLOK SSL negotiation finished successfully
D/NativeCrypto: ssl=0x52ab0830 info_callback ignored
D/NativeCrypto: doing handshake -- ret=1
D/NativeCrypto: ssl=0x52ab0830 NativeCrypto_SSL_get_certificate => NULL
I/TcpConnectionThread: trying to write
D/NativeCrypto: ssl=0x52ab0830 sslWrite buf=0x41476750 len=46 write_timeout_millis=0
D/NativeCrypto: Doing SSL_write() with 46 bytes to go ssl=0x52ab0830, appData=0x51810998
D/NativeCrypto: Returned from SSL_write() with result 46, error code 0 ssl=0x52ab0830, appData=0x51810998
I/TcpConnectionThread: Data sent to the socket //some special characters...
D/NativeCrypto: ssl=0x52ab0830 sslRead buf=0x4146dbe8 len=16384,timeo=40000
D/NativeCrypto: Doing SSL_Read() ssl=0x52ab0830, appData=0x51810998
D/NativeCrypto: Returned from SSL_Read() with result -1, error code 2 ssl=0x52ab0830, appData=0x51810998
D/NativeCrypto: sslSelect type=READ fd=46 appData=0x51810998 timeout_millis=40000
一些事实:
我将不胜感激