luckliu521
- 浏览: 253003 次
- 性别:
- 来自: 深圳
-
最新评论
-
whizkid:
[img] private void enableNdefEx ...
android通过NFC读写数据 -
zhangminglife:
您好!不错,最近正在弄这个东西,能否把demo发给我一份谢谢了 ...
SSL双向认证java实现(转) -
water卡:
android如何调用显示和隐藏系统默认的输入法 -
water卡:
android如何调用显示和隐藏系统默认的输入法 -
sjp524617477:
good
生成android使用的BKS证书
Android的私钥和信任证书的格式必须是BKS格式的,通过配置本地JDK,让keytool可以生成BKS格式的私钥和信任证书,java本身没有BouncyCastle密库
服务端:
Java代码
public class SSLServer {
private static final int SERVER_PORT = 50030;
private static final String SERVER_KEY_PASSWORD = "123456";
private static final String SERVER_AGREEMENT = "TLS";//使用协议
private static final String SERVER_KEY_MANAGER = "SunX509";//密钥管理器
private static final String SERVER_KEY_KEYSTORE = "JKS";//密库,这里用的是Java自带密库
private static final String SERVER_KEYSTORE_PATH = "src/data/kserver.keystore";//密库路径
private SSLServerSocket serverSocket;
public static void main(String[] args) {
SSLServer server = new SSLServer();
server.init();
server.start();
}
//由于该程序不是演示Socket监听,所以简单采用单线程形式,并且仅仅接受客户端的消息,并且返回客户端指定消息
public void start() {
if (serverSocket == null) {
System.out.println("ERROR");
return;
}
while (true) {
try {
System.out.println("Server Side......");
Socket s = serverSocket.accept();
InputStream input = s.getInputStream();
OutputStream output = s.getOutputStream();
BufferedInputStream bis = new BufferedInputStream(input);
BufferedOutputStream bos = new BufferedOutputStream(output);
byte[] buffer = new byte[20];
bis.read(buffer);
System.out.println(new String(buffer));
bos.write("This is Server".getBytes());
bos.flush();
s.close();
} catch (Exception e) {
System.out.println(e);
}
}
}
public void init() {
try {
//取得SSLContext
SSLContext ctx = SSLContext.getInstance(SERVER_AGREEMENT);
//取得SunX509私钥管理器
KeyManagerFactory kmf = KeyManagerFactory.getInstance(SERVER_KEY_MANAGER);
//取得JKS密库实例
KeyStore ks = KeyStore.getInstance(SERVER_KEY_KEYSTORE);
//加载服务端私钥
ks.load(new FileInputStream(SERVER_KEYSTORE_PATH), SERVER_KEY_PASSWORD.toCharArray());
//初始化
kmf.init(ks, SERVER_KEY_PASSWORD.toCharArray());
//初始化SSLContext
ctx.init(kmf.getKeyManagers(),null, null);
//通过SSLContext取得ServerSocketFactory,创建ServerSocket
serverSocket = (SSLServerSocket) ctx.getServerSocketFactory().createServerSocket(SERVER_PORT);
} catch (Exception e) {
System.out.println(e);
}
}
}
客户端:
Java代码
public class MySSLSocket extends Activity {
private static final int SERVER_PORT = 50030;//端口号
private static final String SERVER_IP = "218.206.176.146";//连接IP
private static final String CLIENT_KET_PASSWORD = "123456";//私钥密码
private static final String CLIENT_TRUST_PASSWORD = "123456";//信任证书密码
private static final String CLIENT_AGREEMENT = "TLS";//使用协议
private static final String CLIENT_KEY_MANAGER = "X509";//密钥管理器
private static final String CLIENT_TRUST_MANAGER = "X509";//
private static final String CLIENT_KEY_KEYSTORE = "BKS";//密库,这里用的是BouncyCastle密库
private static final String CLIENT_TRUST_KEYSTORE = "BKS";//
private static final String ENCONDING = "utf-8";//字符集
private SSLSocket Client_sslSocket;
private Log tag;
private TextView tv;
private Button btn;
private Button btn2;
private Button btn3;
private EditText et;
/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
tv = (TextView) findViewById(R.id.TextView01);
et = (EditText) findViewById(R.id.EditText01);
btn = (Button) findViewById(R.id.Button01);
btn2 = (Button) findViewById(R.id.Button02);
btn3 = (Button) findViewById(R.id.Button03);
btn.setOnClickListener(new Button.OnClickListener(){
@Override
public void onClick(View arg0) {
if(null != Client_sslSocket){
getOut(Client_sslSocket, et.getText().toString());
getIn(Client_sslSocket);
et.setText("");
}
}
});
btn2.setOnClickListener(new Button.OnClickListener(){
@Override
public void onClick(View arg0) {
try {
Client_sslSocket.close();
Client_sslSocket = null;
} catch (IOException e) {
e.printStackTrace();
}
}
});
btn3.setOnClickListener(new View.OnClickListener(){
@Override
public void onClick(View arg0) {
init();
getIn(Client_sslSocket);
}
});
}
public void init() {
try {
//取得SSL的SSLContext实例
SSLContext sslContext = SSLContext.getInstance(CLIENT_AGREEMENT);
//取得KeyManagerFactory和TrustManagerFactory的X509密钥管理器实例
KeyManagerFactory keyManager = KeyManagerFactory.getInstance(CLIENT_KEY_MANAGER);
TrustManagerFactory trustManager = TrustManagerFactory.getInstance(CLIENT_TRUST_MANAGER);
//取得BKS密库实例
KeyStore kks= KeyStore.getInstance(CLIENT_KEY_KEYSTORE);
KeyStore tks = KeyStore.getInstance(CLIENT_TRUST_KEYSTORE);
//加客户端载证书和私钥,通过读取资源文件的方式读取密钥和信任证书
kks.load(getBaseContext()
.getResources()
.openRawResource(R.drawable.kclient),CLIENT_KET_PASSWORD.toCharArray());
tks.load(getBaseContext()
.getResources()
.openRawResource(R.drawable.lt_client),CLIENT_TRUST_PASSWORD.toCharArray());
//初始化密钥管理器
keyManager.init(kks,CLIENT_KET_PASSWORD.toCharArray());
trustManager.init(tks);
//初始化SSLContext
sslContext.init(keyManager.getKeyManagers(),trustManager.getTrustManagers(),null);
//生成SSLSocket
Client_sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(SERVER_IP,SERVER_PORT);
} catch (Exception e) {
tag.e("MySSLSocket",e.getMessage());
}
}
public void getOut(SSLSocket socket,String message){
PrintWriter out;
try {
out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(
socket.getOutputStream()
)
),true);
out.println(message);
} catch (IOException e) {
e.printStackTrace();
}
}
public void getIn(SSLSocket socket){
BufferedReader in = null;
String str = null;
try {
in = new BufferedReader(
new InputStreamReader(
socket.getInputStream()));
str = new String(in.readLine().getBytes(),ENCONDING);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
new AlertDialog
.Builder(MySSLSocket.this)
.setTitle("服务器消息")
.setNegativeButton("确定", null)
.setIcon(android.R.drawable.ic_menu_agenda)
.setMessage(str)
.show();
}
}
服务端:
Java代码
public class SSLServer {
private static final int SERVER_PORT = 50030;
private static final String SERVER_KEY_PASSWORD = "123456";
private static final String SERVER_AGREEMENT = "TLS";//使用协议
private static final String SERVER_KEY_MANAGER = "SunX509";//密钥管理器
private static final String SERVER_KEY_KEYSTORE = "JKS";//密库,这里用的是Java自带密库
private static final String SERVER_KEYSTORE_PATH = "src/data/kserver.keystore";//密库路径
private SSLServerSocket serverSocket;
public static void main(String[] args) {
SSLServer server = new SSLServer();
server.init();
server.start();
}
//由于该程序不是演示Socket监听,所以简单采用单线程形式,并且仅仅接受客户端的消息,并且返回客户端指定消息
public void start() {
if (serverSocket == null) {
System.out.println("ERROR");
return;
}
while (true) {
try {
System.out.println("Server Side......");
Socket s = serverSocket.accept();
InputStream input = s.getInputStream();
OutputStream output = s.getOutputStream();
BufferedInputStream bis = new BufferedInputStream(input);
BufferedOutputStream bos = new BufferedOutputStream(output);
byte[] buffer = new byte[20];
bis.read(buffer);
System.out.println(new String(buffer));
bos.write("This is Server".getBytes());
bos.flush();
s.close();
} catch (Exception e) {
System.out.println(e);
}
}
}
public void init() {
try {
//取得SSLContext
SSLContext ctx = SSLContext.getInstance(SERVER_AGREEMENT);
//取得SunX509私钥管理器
KeyManagerFactory kmf = KeyManagerFactory.getInstance(SERVER_KEY_MANAGER);
//取得JKS密库实例
KeyStore ks = KeyStore.getInstance(SERVER_KEY_KEYSTORE);
//加载服务端私钥
ks.load(new FileInputStream(SERVER_KEYSTORE_PATH), SERVER_KEY_PASSWORD.toCharArray());
//初始化
kmf.init(ks, SERVER_KEY_PASSWORD.toCharArray());
//初始化SSLContext
ctx.init(kmf.getKeyManagers(),null, null);
//通过SSLContext取得ServerSocketFactory,创建ServerSocket
serverSocket = (SSLServerSocket) ctx.getServerSocketFactory().createServerSocket(SERVER_PORT);
} catch (Exception e) {
System.out.println(e);
}
}
}
客户端:
Java代码
public class MySSLSocket extends Activity {
private static final int SERVER_PORT = 50030;//端口号
private static final String SERVER_IP = "218.206.176.146";//连接IP
private static final String CLIENT_KET_PASSWORD = "123456";//私钥密码
private static final String CLIENT_TRUST_PASSWORD = "123456";//信任证书密码
private static final String CLIENT_AGREEMENT = "TLS";//使用协议
private static final String CLIENT_KEY_MANAGER = "X509";//密钥管理器
private static final String CLIENT_TRUST_MANAGER = "X509";//
private static final String CLIENT_KEY_KEYSTORE = "BKS";//密库,这里用的是BouncyCastle密库
private static final String CLIENT_TRUST_KEYSTORE = "BKS";//
private static final String ENCONDING = "utf-8";//字符集
private SSLSocket Client_sslSocket;
private Log tag;
private TextView tv;
private Button btn;
private Button btn2;
private Button btn3;
private EditText et;
/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
tv = (TextView) findViewById(R.id.TextView01);
et = (EditText) findViewById(R.id.EditText01);
btn = (Button) findViewById(R.id.Button01);
btn2 = (Button) findViewById(R.id.Button02);
btn3 = (Button) findViewById(R.id.Button03);
btn.setOnClickListener(new Button.OnClickListener(){
@Override
public void onClick(View arg0) {
if(null != Client_sslSocket){
getOut(Client_sslSocket, et.getText().toString());
getIn(Client_sslSocket);
et.setText("");
}
}
});
btn2.setOnClickListener(new Button.OnClickListener(){
@Override
public void onClick(View arg0) {
try {
Client_sslSocket.close();
Client_sslSocket = null;
} catch (IOException e) {
e.printStackTrace();
}
}
});
btn3.setOnClickListener(new View.OnClickListener(){
@Override
public void onClick(View arg0) {
init();
getIn(Client_sslSocket);
}
});
}
public void init() {
try {
//取得SSL的SSLContext实例
SSLContext sslContext = SSLContext.getInstance(CLIENT_AGREEMENT);
//取得KeyManagerFactory和TrustManagerFactory的X509密钥管理器实例
KeyManagerFactory keyManager = KeyManagerFactory.getInstance(CLIENT_KEY_MANAGER);
TrustManagerFactory trustManager = TrustManagerFactory.getInstance(CLIENT_TRUST_MANAGER);
//取得BKS密库实例
KeyStore kks= KeyStore.getInstance(CLIENT_KEY_KEYSTORE);
KeyStore tks = KeyStore.getInstance(CLIENT_TRUST_KEYSTORE);
//加客户端载证书和私钥,通过读取资源文件的方式读取密钥和信任证书
kks.load(getBaseContext()
.getResources()
.openRawResource(R.drawable.kclient),CLIENT_KET_PASSWORD.toCharArray());
tks.load(getBaseContext()
.getResources()
.openRawResource(R.drawable.lt_client),CLIENT_TRUST_PASSWORD.toCharArray());
//初始化密钥管理器
keyManager.init(kks,CLIENT_KET_PASSWORD.toCharArray());
trustManager.init(tks);
//初始化SSLContext
sslContext.init(keyManager.getKeyManagers(),trustManager.getTrustManagers(),null);
//生成SSLSocket
Client_sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(SERVER_IP,SERVER_PORT);
} catch (Exception e) {
tag.e("MySSLSocket",e.getMessage());
}
}
public void getOut(SSLSocket socket,String message){
PrintWriter out;
try {
out = new PrintWriter(
new BufferedWriter(
new OutputStreamWriter(
socket.getOutputStream()
)
),true);
out.println(message);
} catch (IOException e) {
e.printStackTrace();
}
}
public void getIn(SSLSocket socket){
BufferedReader in = null;
String str = null;
try {
in = new BufferedReader(
new InputStreamReader(
socket.getInputStream()));
str = new String(in.readLine().getBytes(),ENCONDING);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
new AlertDialog
.Builder(MySSLSocket.this)
.setTitle("服务器消息")
.setNegativeButton("确定", null)
.setIcon(android.R.drawable.ic_menu_agenda)
.setMessage(str)
.show();
}
}
分享到:
发表评论
-
Android APK 签名比对
2014-04-10 14:11 635发布过Android应用的朋友 ... -
Android小知识点
2014-04-10 09:45 6751、 最近翻看以前的项目时候,想更改下布局文件,谁知道就改了 ... -
Android 获取基站信息
2013-10-18 10:39 1028Android 基站分CdmaCellLocation和Gsm ... -
Android 打开PDF,PPT,WORD,EXCEL,CHM,HTML,TEXT,AUDIO,VIDEO 格式文件代码
2013-03-15 16:42 1756import android.app.Activity; im ... -
Android平板上开发App的准则
2013-03-14 11:38 10661、保证符合App的通用开发准则 在谈Android平板A ... -
android程序发布时的常用工具
2012-07-12 14:38 10191.为应用程序设定版本,在应用程序清单文件中设置。 ... -
java CA证书相关操作,Android,java
2012-06-11 16:16 3435一:需要包含的包 import java.securi ... -
Android PhoneGap简析
2012-05-22 10:52 3725前言 上周研究了一下Pho ... -
android播放多媒体的两种方式
2012-05-19 21:42 998转载,原文地址:http://blog.csdn.net/xi ... -
android通过NFC读写数据
2012-05-17 15:56 4088/* * Writes an NdefMessage to a ... -
NFC相关研究
2012-05-15 14:07 1132NFC概述 NFC是短距离的无线通信,通常距 ... -
Android 面试题
2012-05-15 14:05 965Android 面试题 经典 1、 Android dvm的进 ... -
生成android使用的BKS证书
2012-05-10 12:21 2854生成android使用的BKS证书 android 系统中 ... -
windows+eclipse+cygwin+cdt+ndk
2012-03-07 10:34 965一:什么是NDK? NDK 提 ... -
在android2.1如何实现对ssl的无证书访问?(转)
2012-03-01 17:25 2602在网上看了,httpchlent的 ... -
Android系统目录结构详解(转)
2012-03-01 10:34 1097Android系统基于linux内核、JAVA应用,算是一 ... -
Android开发规范(转)
2012-03-01 10:20 797Android开发规范 一、Andr ... -
如何让Android程序支持安装到SD卡(APP2SD)
2012-02-29 15:19 964Android系统在2.1版本之前,应用程序是只能安装到机身内 ... -
生成android的bks证书
2011-07-14 15:40 3294生成android的bks证书 pushd %CD% cd / ... -
系统文件夹功能详谈
2011-07-13 17:46 922【文件夹功能简介】 \system\app 这个里面主要存放 ...
相关推荐
实现了数字证书的制作、SSL安全通讯、加解密操作等功能
android MQTT 带SSL加密连接例子demo 安卓使用BKS加密文件进行SSL加密MQTT连接
android ssl证书验证
基于国密算法的Android智能终端SSL协议设计与实现.pdf
含bcprov-jdk15on-146.jar的简单Android实现双向SSL验证的小例子,服务端是java小程序,客户端是Android
ssl demo 测试双向认证握手时间消耗 华为的手机消耗比较多时间
SSL双向认证握手过程 非常详细
本demo使用HttpsURLConnection方式的SSL双向认证,实现oauth2.0客户端请求方式,并且实现了普通post接口请求,及多图上传的post请求接口,做了网络请求的封装。
SSL握手过程实例分析
为了便于更好的认识和理解SSL 协议,这里着重介绍SSL 协议的握手协议。介绍SSL协议双向认证的具体过程。
Android applications for SSL/TLS
SSL握手协议的研究,安全技术分析,usbkey融入java JSSE案例
libcurl for Android,支持ssl,使用cyassl编译,非常小,附带一个下载文件的示例
android webview SSL认证配置(p12证书)
国密SSL握手协议抓包
使用方法见:... 1. Android使用HTTPCLIENT访问国密SSL协议的HTTPS服务 2. 示例代码为单向认证,可支持双向认证 3. 获取服务端的国密数字证书 4. 适用于Android 7.0(API 24)及以上
主要给大家介绍了关于如何利用C#实现SSLSocket加密通讯的相关资料,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面来一起学习学习吧
SSL(安全套接层)握手协议利用公开密钥体制(RSA)保护通信实体之间传输信息的机密性和完整性,其存在信息处理速度过慢的缺点,基于batch RSA的SSL握手协议能较好地解决这一问题,但当服务器收到大量客户端请求或遭受...
CXF实现SSL安全验证,实现https的WebService