2

我在这个问题上苦苦挣扎了一周......我在android设备中安装了一个客户端证书。我的应用程序必须将文件上传到服务器,并且需要客户端证书才能进行握手。

是否有任何提示来实现此连接?谢谢...

4

1 回答 1

6

试试下面的..

您应该拥有客户端证书的别名,该别名存储在您的 android 设备的密钥库中。这可以通过使用获得

private void chooseCert() {
        KeyChain.choosePrivateKeyAlias(this, this, // Callback
                new String[] {"RSA", "DSA"}, // Any key types.
                null, // Any issuers.
                null, // Any host
                -1, // Any port
                DEFAULT_ALIAS);
    }

在此之后,您将收到回调。你的类应该实现 KeyChainAliasCallback

在这次尝试之后..

 private void connect(){
            String alias = getAliasForClientCertificate();

            final X509Certificate[] certificates =getCertificateChain(alias);
            final PrivateKey pk = getPrivateKey(alias);



            KeyStore trustStore = KeyStore.getInstance(KeyStore
                    .getDefaultType());


            X509ExtendedKeyManager keyManager = new X509ExtendedKeyManager() {

                @Override
                public String chooseClientAlias(String[] strings, Principal[] principals, Socket socket) {
                    return alias;
                }

                @Override
                public String chooseServerAlias(String s, Principal[] principals, Socket socket) {
                    return alias;
                }

                @Override
                public X509Certificate[] getCertificateChain(String s) {
                    return certificates;
                }

                @Override
                public String[] getClientAliases(String s, Principal[] principals) {
                    return new String[]{alias};
                }

                @Override
                public String[] getServerAliases(String s, Principal[] principals) {
                    return new String[]{alias};
                }

                @Override
                public PrivateKey getPrivateKey(String s) {
                    return pk;
                }
            };

            TrustManagerFactory trustFactory = TrustManagerFactory
                    .getInstance(TrustManagerFactory.getDefaultAlgorithm());

            trustFactory.init(trustStore);

            TrustManager[] trustManagers = trustFactory.getTrustManagers();



            X509TrustManager[] tm = new X509TrustManager[] { new X509TrustManager() {
                public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }

                public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                }

                //            public X509Certificate[] getAcceptedIssuers() {
                //                return certificates;
                //            }

                public X509Certificate[] getAcceptedIssuers() {
                    return certificates;
                }

                public boolean isClientTrusted(X509Certificate[] arg0) {
                    return true;
                }
            public boolean isServerTrusted(X509Certificate[] arg0) {
                return true; 
            }


        } };
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(new KeyManager[] {keyManager}, tm, null);
        SSLContext.setDefault(sslContext);

        URL url = new URL("url..");
        HttpsURLConnection urlConnection = (HttpsURLConnection) url
                .openConnection();
        urlConnection.setSSLSocketFactory(sslContext.getSocketFactory());

        HostnameVerifier hv = new HostnameVerifier() {

            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };
        urlConnection.setHostnameVerifier(hv);


        urlConnection.setInstanceFollowRedirects(false);
        urlConnection.connect();
        int responseCode = urlConnection.getResponseCode();

}

private X509Certificate[] getCertificateChain(String alias) {
        try {
            return KeyChain.getCertificateChain(this, alias);
        } catch (KeyChainException e) {
            e.printStackTrace();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        return null;
}
于 2013-12-02T08:55:45.133 回答