2

我正在努力开发一个开放项目以在 Java 中实现 Libimobiledevice 库。

我已经实现了 Usbmuxd / PlistService / DeviceConnexion 等。

一切正常,除非我试图包装 SSL 套接字。

根据 C (Libimobiledevice) 或 Python (pymobiledevice) 中的不同实现,我使用主机和设备配对期间提供的 PEM 生成 X509Certificat。

我使用以下 PEM 生成我的 X509Certificat(首先使用 libimobiledevice 生成):

-----BEGIN CERTIFICATE-----
MIICujCCAaKgAwIBAgIBADANBgkqhkiG9w0BAQUFADAAMB4XDTIxMDExMjE0MDcy
OVoXDTMxMDExMDE0MDcyOVowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtALTNIPEv1KjnzSarFl5ahC6UB9SMCRZbaPP3270Fxl8BW8BcbhqEn5j5K
pB+f+f4QXSh8ITx2/LPPuwd2YNlpR+pYmvKCLZRTxyrNLDY5srj3bIxAcJKIcuiQ
zISbGxNd/1jK52Y6ZmB9ntFpK094ZCL40TRvlghlzdYhS9Fr82OvIetyC+WXn64D
+gyrrtASvydOSzyiVJELDWe7ULHsVSafBBOL76BOmA6g4iruFujuMfrxFydg5RGp
TwTe9VnwJJO1xuKTlgMP9zQKxTP0EoEOGJ+rcqfmwExYRELQe4YwAkEKiq48BIxp
WHMo88Kj6MFmCnaDY9is18g+2yUCAwEAAaM/MD0wDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUHx2bzAmGPtEdlX34YL6pu9cfqMkwDgYDVR0PAQH/BAQDAgWgMA0GCSqG
SIb3DQEBBQUAA4IBAQDQeLnRXk3LWVBdZ7OzgtmHM236bDms2dgBPZv3WfTSHriT
l3PTssO08elH6/WAT2ljRluu3jtkwaqwKsEsG+8XAoMyHbW8VmzqC+PNou0PZPpY
cLMqTVdDq+9Do1AyQ8i3V16GGCxBb8NCHyfUcRnnq04KiuwaKBwWtttpTwMoAkYB
I+aH1drtRDiBcxuALZqEcAg5jfatgaRfgWsWNE0NJiXdk1PHUcF9dBOUhNttp1AS
THwqJXdBEiPc00zRlUQEx5Wu5pO4SVvhwbEM1F00srcDK6yYz0s+23eU7XLH6bGd
ik7hOSZjkEP/mmkrYHZUYYY9obpFbtLLsTWp0b0S
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDLQC0zSDxL9So5
80mqxZeWoQulAfUjAkWW2jz99u9BcZfAVvAXG4ahJ+Y+SqQfn/n+EF0ofCE8dvyz
z7sHdmDZaUfqWJrygi2UU8cqzSw2ObK492yMQHCSiHLokMyEmxsTXf9YyudmOmZg
fZ7RaStPeGQi+NE0b5YIZc3WIUvRa/NjryHrcgvll5+uA/oMq67QEr8nTks8olSR
Cw1nu1Cx7FUmnwQTi++gTpgOoOIq7hbo7jH68RcnYOURqU8E3vVZ8CSTtcbik5YD
D/c0CsUz9BKBDhifq3Kn5sBMWERC0HuGMAJBCoquPASMaVhzKPPCo+jBZgp2g2PY
rNfIPtslAgMBAAECggEBAJblvqkkKB/8lK0Rgs/WgwTB6/NF0Ml9Fk05Ga8zdc4Q
l6mk4ftF5F4hUT9OCyuvidqmK4OzJLnPXS3iO+j+akj/cPT7c444N763tFaCnSBl
FdtdVqmJ7gncY/NmDXEl9qQaVUmG2uV61ictHIw8mHsX1sBgGnHjpm/1pSwk7DU9
rC8ZsaNlDhEWGETohqXxUvK0e1MXNWWjg+XNSYrkj8b0f6SLKOFQcUQqreGDyg5I
uz/5pS6IGpetqWt43WbcgeRAELhtWBZsJgWv07Esf52RIqY1tW12QCguJUTP+Hqv
qfO7B+RJcv+m1Y4KEfMbShcl+SbMNagtjOQzGNmhlAECgYEA+J8ryB1cUdIuxtgG
EPBy+2JCb1Hjr8mIvdzuBj9Mbtlp9/n1tGCsex2T+Ct8IkohS/lOMgGXy+aw+Ats
pW9Z0XfEucyg8WgZ7zRPl83YIMDAXkOEQhNxZ+mgBHKPFCKLGzLOL392Le7niUxw
CX6mNVkKesP1Tn2gm+g+I3lMzNUCgYEA0UhP/tGV2G76hK3qp/X15ao3yG2FgEZv
qFU7rIi/jrJaFwCpPZ4y828iv3nScSgBBSUOKwhY/k+LTPHaSkpgeX5Rhpj1mW+t
cVeEjbHLAlhX/FivfaJOLJfQTU2YChqA9Ax5VVPMTjhVS77BU68omUZpG2xzBp6K
clDn8XE8vRECgYEA4kEwPcACeO+W5BxJgPbhHMZyAQ5770ivqWE6N/M44pP27NXL
9agYrz3en/Uq1aWyoYoy0C1E8ClzmXgEGpW4HnkpTZDcUnTTTS3E1Thd3IitR9uX
q+43wUIJ/qImdUNuZoUYwH71lJ2algc62lkodtoeQFS+k/ydweRbUDseWjUCgYEA
yscSG4jfc9I0EhKhZxS+qUUAv8a+r8ePsL7FDyuAz7an69nMIdQC8jQgqv5SlSl5
s45v5+oysFZKVseQBqOCTrXCMHRMo9q9ZzCxUsmONjt7JRqZD1YQAM0oG36vbjq3
77+WYMLNFo0muDmgAIGbCMhcVyIBYcyDwLf7xMk/XMECgYBim0gMEYAE+2U2b1wm
5CnTDcObOTf2cUh56YWwPOlmQIbXKQxlEajCBYCfX51HHi0TyozutJ9oFuGQJzzH
h4UHmSykionM7KTgQOtnEbYVzTSyx4wlQWciHSHUZ3RhOGTM1jbeTXTUXwcXVfLA
z0UpDK0tm1S3o/aQFS1RkX+chg==
-----END PRIVATE KEY-----

当我解码这个 PEM File 时,我可以看到这个键中没有提供 DN。

在 SSLHandshake 期间,我收到此异常:

Exception in thread "main" java.io.IOException: java.io.IOException: javax.net.ssl.SSLProtocolException: Empty issuer DN not allowed in X509Certificates

这是导致此异常的代码的一部分:

SSLSocket sslSocket = (SSLSocket) SSLContext.getDefault().getSocketFactory().createSocket(socket, "127.0.0.1", 62078, true);
                System.out.println("Socket open");
                
                sslSocket.setEnabledCipherSuites(new String[] { "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" });
                sslSocket.setEnabledProtocols(new String[] { "TLSv1.2" });
                try{
                    sslSocket.startHandshake();
                    System.out.println("================================Socket open success");
                }catch(Exception e){
                    throw new IOException(e);
                }

有一种方法可以绕过 Java 中的“Empty issuer Exception”吗?还是有人有其他想法?我真的需要你的帮助。

谢谢你。

4

0 回答 0