0

我正在尝试在 java 主机和 android 客户端之间设置相互身份验证 SSL 连接。不知道为什么连不上。以下是 Android 客户端应用程序和 Java 服务器的代码。

客户端代码:

private SSLContext createSSLContext(final Context cont){
    SSLContext ssl_cont = null;
    try {
        Log.d(TAG, "TrustStore - Initializing");   
        KeyStore trustStore = KeyStore.getInstance("BKS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        InputStream trustStoreStream = cont.getResources().openRawResource(R.raw.myclienttruststore);
        trustStore.load(trustStoreStream, "client".toCharArray());
        trustManagerFactory.init(trustStore);
        Log.d(TAG, "TrustStore - Initialized");

        // Setup keystore
        Log.d(TAG, "KeyStore - Initializing");
        KeyStore keyStore = KeyStore.getInstance("BKS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        InputStream keyStoreStream = cont.getResources().openRawResource(R.raw.myclient);
        keyStore.load(keyStoreStream, "client".toCharArray());
        keyManagerFactory.init(keyStore, "client".toCharArray());
        Log.d(TAG, "KeyStore - Initialized");

        ssl_cont = SSLContext.getInstance("TLS");
        ssl_cont.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null); 
    } catch (Exception e) {
        // TODO Auto-generated catch block
        alertbox("SSLClient", "ERROR: " + e.getMessage());
        Log.d(TAG, "ERROR: " + e.getMessage());
    }
    return ssl_cont;
}

OnClickListener onConnClick = new OnClickListener() {

    public void onClick(View arg0) {
        // TODO Auto-generated method stub
        try {
            // Setup the SSL context to use the truststore and keystore
            Log.d(TAG, "Started..");
            SSLContext ssl_context = createSSLContext(cont);
            Log.d(TAG,"here 1...");
            SSLSocketFactory socketFactory = (SSLSocketFactory) ssl_context.getSocketFactory();
            Log.d(TAG,"here 2...");
            socket = (SSLSocket) socketFactory.createSocket(ipadd.getText().toString().trim(), Integer.parseInt(port.getText().toString().trim()));
            Log.d(TAG,"here 3...");
            dataOut = new DataOutputStream(socket.getOutputStream());
            dataIn = new DataInputStream(socket.getInputStream());
            dataOut.writeUTF("Hello !!");
            msgin.setText("Connected");
            Log.d(TAG, "Completed..");
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            msgin.setText("Not connected");
            alertbox("Main", "ERROR: " + e.getMessage());
            Log.d(TAG, "ERROR: " + e.getMessage());
        }
    }
};

服务器代码:

    try {
        mySSLServerFac = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        mySSLServerSocket = (SSLServerSocket) mySSLServerFac.createServerSocket(9999);
        System.out.println("Listening on 9999\n");
        mySSLSocket = (SSLSocket) mySSLServerSocket.accept();           
        DataInputStream input = new DataInputStream(mySSLSocket.getInputStream());
        DataOutputStream output = new DataOutputStream(mySSLSocket.getOutputStream());      
        do{
            System.out.println("Remote IP Address : " + mySSLSocket.getInetAddress());
            msg = input.readUTF().toString();
            System.out.println(msg);
            java.util.Scanner sc = new java.util.Scanner(System.in);
            output.writeUTF(sc.nextLine());
        }while(msg != "exit");
        System.out.println(msg);                
    } catch (Exception e) {
        e.printStackTrace();
    }

我在服务器上遇到“没有通用密码套件”错误。因为我在 SSL 连接设置中无处可去。如果您发现错误或主要问题,请让我帮助。

这是我创建证书和信任库所遵循的链接。我创建的 Truststore 和 kestore 在这里

我正在使用 Android 2.2 和 BKSProvider 1.46,请告诉我哪里出错了。我必须尽快结束这个项目。

提前致谢。

4

2 回答 2

1

从堆栈跟踪看来,您捕获的异常不包含消息。

Log.d(TAG, e.getMessage());

它与 SSL 无关。

于 2012-04-05T18:24:18.450 回答
0

解决了!问题出在java主机的信任库上,跟着这篇文章。

需要为客户端/服务器指定 trustStore,因为它们使用默认的 trustStore,导致失败。在服务器上使用 -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server 并在客户端创建自己的密钥库和信任库允许会话完成。这是 -Djavax.net.debug=ssl,handshake 帮助很大。

整个命令是: java -Djavax.net.ssl.keyStore=server.jks -Djavax.net.ssl.keyStorePassword=server -Djavax.net.ssl.trustStore=servertruststore.jks -Djavax.net.ssl.trustStorePassword=server SSL服务器

现在我开始创建 sslsession 和多线程编程。

于 2012-04-14T12:34:36.863 回答