0

我正在测试在 Android 应用程序上运行时SSLSocket运行的服务器的连接。IntentService为此,我使用PacketSender发送带有数据的 SSL 数据包,当使用 Socket 而不是SSLSocket.

当试图从 PacketSender 接收数据时,应用程序设法接受连接,但在尝试调用时抛出异常(见下文)getInputStream

Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb967c838: Failure in SSL library, usually a protocol error
error:100b60c1:SSL routines:ssl3_get_client_hello:NO_SHARED_CIPHER (external/boringssl/src/ssl/s3_srvr.c:1085 0xac4e759f:0x00000000)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:324)
... 7 more

我按照这个答案尝试从普通切换SocketSSLSocket.

编辑:尝试为服务器应用程序实现自签名证书,但错误仍然存​​在。

private SSLContext createSSLContext(){
    try{
        byte[] der = SERVER_CERT.getBytes();
        ByteArrayInputStream derInputStream = new ByteArrayInputStream(der);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        X509Certificate cert = (X509Certificate) certificateFactory.generateCertificate(derInputStream);
        String alias = cert.getSubjectX500Principal().getName();

        // Create keystore and add to ssl context
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null);
        trustStore.setCertificateEntry(alias, cert);

        KeyManagerFactory kmf = KeyManagerFactory.getInstance("X509");
        kmf.init(trustStore, null);
        KeyManager[] keyManagers = kmf.getKeyManagers();

        TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
        tmf.init(trustStore);
        TrustManager[] trustManagers = tmf.getTrustManagers();

        SSLContext sslContext = SSLContext.getInstance("TLSv1.1");
        sslContext.init(keyManagers, trustManagers, null);

        return sslContext;
    } catch (Exception ex){
        ex.printStackTrace();
    }

    return null;
}
4

0 回答 0