1

我正在尝试使用适用于 Android 平台的 SSL 来保护我的基于 TCP/IP 的套接字连接。这是我的代码中的一些片段:

客户端:

  SSLSocketFactory sslFact = null;  
    SSLContext ctx;
    KeyStore ks;

    char[] passphrase = "hosttest".toCharArray();

    ks = KeyStore.getInstance("BKS");
    ks.load(SSLActivity.mContext.getResources().openRawResource(R.raw.hosttestcert), passphrase);

    TrustManagerFactory tmf =TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);

    ctx = SSLContext.getInstance("TLS");
    ctx.init(null,tmf.getTrustManagers(), null);
    sslFact = ctx.getSocketFactory();

    mySocket = (SSLSocket)sslFact.createSocket();
    mySocket.connect(new InetSocketAddress(InetAddress.getByName("127.0.0.1"), 7891),1000);

服务器端:

SSLServerSocketFactory sslSrvFact = null;  
SSLContext ctx;
KeyManagerFactory kmf;
KeyStore ks;
// Load the self-signed server certificate

char[] passphrase = "hosttest".toCharArray();

ks = KeyStore.getInstance("BKS");
ks.load(SSLActivity.mContext.getResources().openRawResource(R.raw.hosttestcert), passphrase);
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());

kmf.init(ks, passphrase);

// Create a SSLContext with the certificate

ctx = SSLContext.getInstance("TLS");
ctx.init(kmf.getKeyManagers(),null, null);

sslSrvFact = ctx.getServerSocketFactory();
myServerSocket =(SSLServerSocket)sslSrvFact.createServerSocket(port);

当我从服务器调用 accept() 套接字调用时,我收到以下异常:

 javax.net.ssl.SSLException: Could not find any key store entries to support the enabled cipher suites.
org.apache.harmony.xnet.provider.jsse.OpenSSLServerSocketImpl.checkEnabledCipherSuites(OpenSSLServerSocketImpl.java:241)
org.apache.harmony.xnet.provider.jsse.OpenSSLServerSocketImpl.accept(OpenSSLServerSocketImpl.java:186)  
at com.aricent.ssltesst.ApplinkTCPServer$1.run(ApplinkTCPServer.java:189)
at java.lang.Thread.run(Thread.java:856)

我正在关注这篇文章以生成我的证书和密钥库: http ://randomizedsort.blogspot.in/2010/09/step-to-step-guide-to-programming.html 请建议我是否遗漏了什么或什么其他需要为 Android 平台上的密钥库完成。

4

1 回答 1

1

不确定您是否有与我所做的相同的逻辑,在我的应用程序中,我生成了 1 个 JKS 密钥库,然后我使用转换器为 Android 复制了 BKS 密钥库的副本。如果这是您正在做的事情,这是我的服务器端代码:

String keyStorePath = "absolute path to your JKS keystore file";
String keyStorePass = "keystore password";

System.setProperty("javax.net.ssl.keyStore", keyStorePath);
System.setProperty("javax.net.ssl.keyStorePassword", keyStorePass);

SSLServerSocketFactory sslserversocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket serverSocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(port_number);

while (true) {
    new ClientThread((SSLSocket) serverSocket.accept()).start();
}
于 2013-05-13T12:32:46.963 回答