0

我有一个 android 应用程序,它正在侦听套接字连接并且可以读取 httpheaders(由浏览器发送(一切正常!))。现在我不会切换到 SSL 套接字,但我无法完成它。

我开始工作的事情:

  • 密钥库
  • 服务器套接字工厂

我没有工作的事情(以及我需要帮助的地方):

  • 客户接受部分

代码:

public void run() {

try {           

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),"password".toCharArray());

    ServerSocketFactory socketFactory = SSLServerSocketFactory
                .getDefault();
    SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory
                .createServerSocket(8080);
    while (!mServerSocket.isClosed()) {
            mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
            mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());



            System.out.println("waiting");
            SSLSocket client = (SSLSocket) mServerSocket.accept(); 




            client.addHandshakeCompletedListener(new HandshakeCompletedListener(){

                public void handshakeCompleted(HandshakeCompletedEvent arg0) {
                    System.out.println("handshakeCompleted");

                }

            });
            client.startHandshake(); //MultiThreadWebServer.java:136


            client.getOutputStream().flush();



            client.close();
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}

例外:

11-29 11:15:01.046: W/System.err(29941): javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x4fec3da8: Failure in SSL library, usually a protocol error
11-29 11:15:01.046: W/System.err(29941): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher (external/openssl/ssl/s3_srvr.c:1365 0x41b1e7f8:0x00000000)
11-29 11:15:01.046: W/System.err(29941):    at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:436)
11-29 11:15:01.046: W/System.err(29941):    at at.aichinger.mario.aws.MultiThreadWebServer.run(MultiThreadWebServer.java:136)

要连接到服务器,我使用 google cheome 并访问“https://192.168.0.25:8080”,如果我这样做,则会抛出异常。

MultiThreadWebServer.java:136 中的代码:

client.startHandshake();
4

2 回答 2

0

首先,这两行没有任何意义。如果您想限制支持的密码套件和协议,请专门定义它们。但是您必须小心,并非所有密码套件都受浏览器支持。

mServerSocket.setEnabledCipherSuites(mServerSocket.getSupportedCipherSuites());
mServerSocket.setEnabledProtocols(mServerSocket.getSupportedProtocols());

您的代码中的问题是您没有使用您的密钥库。尝试这个:

public void run() {
    try {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(service.getBaseContext().getResources().openRawResource(R.raw.keystore),
                "password".toCharArray());

        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "password".toCharArray());

        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(keyManagerFactory.getKeyManagers(), null, null);

        ServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
        SSLServerSocket mServerSocket = (SSLServerSocket) socketFactory.createServerSocket(8080);
        while (!mServerSocket.isClosed()) {

            System.out.println("waiting");
            SSLSocket client = (SSLSocket) mServerSocket.accept();

            client.addHandshakeCompletedListener(new HandshakeCompletedListener() {

                public void handshakeCompleted(HandshakeCompletedEvent arg0) {
                    System.out.println("handshakeCompleted");

                }

            });
            client.startHandshake(); // MultiThreadWebServer.java:136

            client.getOutputStream().flush();

            client.close();
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}
于 2012-11-30T00:33:12.420 回答
0

不要使用密钥库作为默认类型,而是始终定义您将在应用程序中使用的密钥库类型。否则,服务器和客户端之间可能会发生密钥库不匹配的情况。

于 2020-02-04T09:23:23.707 回答