安卓TLS通讯

上一篇文章介绍了运行portecle.jar，通过图形界面，可以生成安卓可用的client.bks签名文件，

这里介绍怎么使用。网上看了很多，有点乱，我这个是自己实际在用的

1、把client.bks文件放到res raw目录下

2、创建EasyX509TrushManager  implements X509TrustManager

import java.security.KeyStore;import java.security.KeyStoreException;import java.security.NoSuchAlgorithmException;import java.security.cert.CertificateException;import java.security.cert.X509Certificate;import javax.net.ssl.TrustManager;import javax.net.ssl.TrustManagerFactory;import javax.net.ssl.X509TrustManager;/** * Created by zhangdk on 2017/6/19. */public class EasyX509TrushManager implements X509TrustManager {    private X509TrustManager standardTrustManager = null;    /**     * Constructor for EasyX509TrustManager.     */    public EasyX509TrushManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {        super();        TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());        factory.init(keystore);        TrustManager[] trustmanagers = factory.getTrustManagers();        if (trustmanagers.length == 0) {            throw new NoSuchAlgorithmException("no trust manager found");        }        this.standardTrustManager = (X509TrustManager) trustmanagers[0];    }    /**     * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)     */    public void checkClientTrusted(X509Certificate[] certificates, String authType) throws CertificateException {        standardTrustManager.checkClientTrusted(certificates, authType);    }    /**     * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)     */    public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException {        if ((certificates != null) && (certificates.length == 1)) {            certificates[0].checkValidity();        } else {            standardTrustManager.checkServerTrusted(certificates, authType);        }    }    /**     * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()     */    public X509Certificate[] getAcceptedIssuers() {        return this.standardTrustManager.getAcceptedIssuers();    }}

3、取得TLS的SSLContent实例

SSLContext sslContext = SSLContext.getInstance("TLS");//取得KeyManagerFactory和TrustManagerFactory的X509密钥管理器实例KeyStore tks= KeyStore.getInstance("BKS");tks.load(getResources().openRawResource(R.raw.client),        "123456".toCharArray());EasyX509TrushManager trushManager = new EasyX509TrushManager(tks);sslContext.init(null, new TrustManager[]{trushManager}, null);

4、获取SocketFactory，创建SSLSocket

SocketFactory factory = sslContext.getSocketFactory();

this.socket = (SSLSocket) factory.createSocket(host, port);
this.socket.setKeepAlive(true);this.socket.setSoTimeout(0);

this.socket.startHandshake();

其他就没什么不一样了，拿输入输出流去写数据、接收数据就好