Android Https请求的简单使用(Volley Https请求的示例)
来源:互联网 发布:sum服务器监控软件 编辑:程序博客网 时间:2024/06/05 13:29
导语
官方文档:https://developer.android.com/training/articles/security-ssl.html#CommonProblems
Https使用了数字签名,对于数字签名的理解,阮一峰翻译一篇关于这方面很好的文章
数字签名一般会使用RSA算法,对于RSA算法的理解,阮一峰也提供两篇生动的文章来说明:
- 上篇
- 下篇
如果看到一大段数学公式就不想往下看的同学,我这里给个简化版的:
将两个大质数相乘十分容易,但是想要对其乘积进行因式分解却极其困难,文章中给出了的例子:
将
1230186684530117755130494958384962720772853569595334
7921973224521517264005072636575187452021997864693899
5647494277406384592519255732630345373154826850791702
6122142913461670429214311602221240479274737794080665
351419597459856902143413
分解成两个质数的乘积,因为现在的方法只能暴力破解,以目前电子计算机的运算速率来看,即使破解了,也会耗费相当长的时间,导致破解行为本身没有什么意义
一般网站的链接
google给的示例代码有些过于简单,我添加了一些东西,复制粘贴就可以运行:
public class MainActivity extends AppCompatActivity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); new Thread() { @Override public void run() { try { URL url = new URL("https://wikipedia.org"); URLConnection urlConnection = url.openConnection(); InputStream in = urlConnection.getInputStream(); printInputStream(in); } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } }.start(); } private void printInputStream(InputStream is){ BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuffer sb = new StringBuffer(); String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } String rs = sb.toString(); Log.e("inputSteam",rs); }}
正常访问,结果为:
点击这里查看大图
有数字签名的网站
不做任何处理
将上面代码的第11行的网址改为:https://certs.cac.washington.edu/CAtest/
运行的结果会报错:
点击这里查看大图
官方给的处理
这里同样处理一下细节,复制可以直接运行
public class MainActivity extends AppCompatActivity { private final String load = "-----BEGIN CERTIFICATE-----\n" + "MIIEBzCCA3CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT\n" + "AldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNVBAsTC1VXIFNlcnZp\n" + "Y2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYXaGVscEBjYWMud2Fz\n" + "aGluZ3Rvbi5lZHUwHhcNMDMwMjI1MTgyNTA5WhcNMzAwOTAzMTgyNTA5WjCBlDELMAkGA1UEBhMC\n" + "VVMxCzAJBgNVBAgTAldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNV\n" + "BAsTC1VXIFNlcnZpY2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYX\n" + "aGVscEBjYWMud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwCo6h4\n" + "T44m+7ve+BrnEqflqBISFaZTXyJTjIVQ39ZWhE0B3LafbbZYju0imlQLG+MEVAtNDdiYICcBcKsa\n" + "pr2dxOi31Nv0moCkOj7iQueMVU4E1TghYIR2I8hqixFCQIP/CMtSDail/POzFzzdVxI1pv2wRc5c\n" + "L6zNwV25gbn3AgMBAAGjggFlMIIBYTAdBgNVHQ4EFgQUVdfBM8b6k/gnPcsgS/VajliXfXQwgcEG\n" + "A1UdIwSBuTCBtoAUVdfBM8b6k/gnPcsgS/VajliXfXShgZqkgZcwgZQxCzAJBgNVBAYTAlVTMQsw\n" + "CQYDVQQIEwJXQTEhMB8GA1UEChMYVW5pdmVyc2l0eSBvZiBXYXNoaW5ndG9uMRQwEgYDVQQLEwtV\n" + "VyBTZXJ2aWNlczEXMBUGA1UEAxMOVVcgU2VydmljZXMgQ0ExJjAkBgkqhkiG9w0BCQEWF2hlbHBA\n" + "Y2FjLndhc2hpbmd0b24uZWR1ggEAMAwGA1UdEwQFMAMBAf8wKwYDVR0RBCQwIoYgaHR0cDovL2Nl\n" + "cnRzLmNhYy53YXNoaW5ndG9uLmVkdS8wQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NlcnRzLmNh\n" + "Yy53YXNoaW5ndG9uLmVkdS9VV1NlcnZpY2VzQ0EuY3JsMA0GCSqGSIb3DQEBBAUAA4GBAIn0PNmI\n" + "JjT9bM5d++BtQ5UpccUBI9XVh1sCX/NdxPDZ0pPCw7HOOwILumpulT9hGZm9Rd+W4GnNDAMV40we\n" + "s8REptvOZObBBrjaaphDe1D/MwnrQythmoNKc33bFg9RotHrIfT4EskaIXSx0PywbyfIR1wWxMpr\n" + "8gbCjAEUHNF/\n" + "-----END CERTIFICATE-----"; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); new Thread() { @Override public void run() { super.run(); URL url = null; HttpsURLConnection urlConnection = null; InputStream in = null; try { //1.生成证书:Certificate CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new ByteArrayInputStream(load.getBytes()); Certificate ca = null; try { ca = cf.generateCertificate(caInput); System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN()); } catch (CertificateException e) { e.printStackTrace(); } finally { caInput.close(); } //2.初始化公钥:keyStore String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); //3.初始化TrustManagerFactory String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); //4.初始化sslContext SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); //5.建立Https链接 url = new URL("https://certs.cac.washington.edu/CAtest/"); //注意,这里是HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); urlConnection.setSSLSocketFactory(context.getSocketFactory()); in = urlConnection.getInputStream(); } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } copyInputStreamToOutputStream(in); } }.start(); } private void copyInputStreamToOutputStream(InputStream is) { if (is == null) return; BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuffer sb = new StringBuffer(); String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } Log.e("inputstrem", sb.toString()); }}
运行结果:
点击这里查看大图
第二行的load的由来:
- 下载load-der.crt
- 在cmd中输入命令:keytool -printcert -rfc -file 文件地址
点击这里查看大图
实现的流程也很简单:
Volley的示例
在实际开发中,我们使用网络框架来进行网络中的交互,所以上面的代码肯定是用不到的;现在通用的网络请求框架,都给HTTPS请求留出了空间来实现,下面以Volley为例:
public class MainActivity extends Activity { private final String load = "-----BEGIN CERTIFICATE-----\n" + "MIIEBzCCA3CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT\n" + "AldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNVBAsTC1VXIFNlcnZp\n" + "Y2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYXaGVscEBjYWMud2Fz\n" + "aGluZ3Rvbi5lZHUwHhcNMDMwMjI1MTgyNTA5WhcNMzAwOTAzMTgyNTA5WjCBlDELMAkGA1UEBhMC\n" + "VVMxCzAJBgNVBAgTAldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNV\n" + "BAsTC1VXIFNlcnZpY2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYX\n" + "aGVscEBjYWMud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwCo6h4\n" + "T44m+7ve+BrnEqflqBISFaZTXyJTjIVQ39ZWhE0B3LafbbZYju0imlQLG+MEVAtNDdiYICcBcKsa\n" + "pr2dxOi31Nv0moCkOj7iQueMVU4E1TghYIR2I8hqixFCQIP/CMtSDail/POzFzzdVxI1pv2wRc5c\n" + "L6zNwV25gbn3AgMBAAGjggFlMIIBYTAdBgNVHQ4EFgQUVdfBM8b6k/gnPcsgS/VajliXfXQwgcEG\n" + "A1UdIwSBuTCBtoAUVdfBM8b6k/gnPcsgS/VajliXfXShgZqkgZcwgZQxCzAJBgNVBAYTAlVTMQsw\n" + "CQYDVQQIEwJXQTEhMB8GA1UEChMYVW5pdmVyc2l0eSBvZiBXYXNoaW5ndG9uMRQwEgYDVQQLEwtV\n" + "VyBTZXJ2aWNlczEXMBUGA1UEAxMOVVcgU2VydmljZXMgQ0ExJjAkBgkqhkiG9w0BCQEWF2hlbHBA\n" + "Y2FjLndhc2hpbmd0b24uZWR1ggEAMAwGA1UdEwQFMAMBAf8wKwYDVR0RBCQwIoYgaHR0cDovL2Nl\n" + "cnRzLmNhYy53YXNoaW5ndG9uLmVkdS8wQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NlcnRzLmNh\n" + "Yy53YXNoaW5ndG9uLmVkdS9VV1NlcnZpY2VzQ0EuY3JsMA0GCSqGSIb3DQEBBAUAA4GBAIn0PNmI\n" + "JjT9bM5d++BtQ5UpccUBI9XVh1sCX/NdxPDZ0pPCw7HOOwILumpulT9hGZm9Rd+W4GnNDAMV40we\n" + "s8REptvOZObBBrjaaphDe1D/MwnrQythmoNKc33bFg9RotHrIfT4EskaIXSx0PywbyfIR1wWxMpr\n" + "8gbCjAEUHNF/\n" + "-----END CERTIFICATE-----"; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); //生成SSLSocketFactory SSLSocketFactory sslSocketFactory = initSSLSocketFactory(); //HurlStack两个参数默认都是null,如果传入SSLSocketFactory,那么会以Https的方式来请求网络 HurlStack stack = new HurlStack(null, sslSocketFactory); //通常,我们调用的是Volley.newRequestQueue(context),HurlStack为默认的,也就是不处理Https的情况 //现在传入处理Https的HurlStack,Volley就会去处理相应的请求 RequestQueue requestQueue = Volley.newRequestQueue(this, stack); //去访问网络 StringRequest request = new StringRequest("https://certs.cac.washington.edu/CAtest/", new Response.Listener<String>() { @Override public void onResponse(String response) { Log.e("onResponse", response); } }, new Response.ErrorListener() { @Override public void onErrorResponse(VolleyError error) { Log.e("error", error.getMessage()); } }); requestQueue.add(request); } /** * 生成SSLSocketFactory * 这里的代码与之前相比,没有什么不同 * * @return */ private SSLSocketFactory initSSLSocketFactory() { //生成证书:Certificate CertificateFactory cf = null; SSLSocketFactory factory = null; try { cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new ByteArrayInputStream(load.getBytes()); Certificate ca = null; try { ca = cf.generateCertificate(caInput); } finally { try { caInput.close(); } catch (IOException e) { e.printStackTrace(); } } //初始化公钥:keyStore String keyType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); //初始化TrustManagerFactory String algorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory managerFactory = TrustManagerFactory.getInstance(algorithm); managerFactory.init(keyStore); //初始化sslContext SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, managerFactory.getTrustManagers(), null); factory = sslContext.getSocketFactory(); } catch (CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } return factory; }}
结果展示:
点击这里查看大图
示例代码很简单,如果有需要,在项目里稍微写写代码,就可以集成进去。
成熟网络请求框架都给使用者留出了传递“SSLSocketFactory ”的入口,仔细阅读下网络请求框架初始化的代码,就可以找对应的地方。
结语
HTTPS认证貌似要花不少的银子,一般各位也不会用到,如果要使用HTTPS,可以参考下上面的示例代码。另外,开头推荐阮一峰的几篇文章,希望各位看官查阅。
转载请标明出处http://blog.csdn.net/qq_26411333/article/details/52056809
- Android Https请求的简单使用(Volley Https请求的示例)
- Android Https请求的简单使用(Volley Https请求的示例)
- Android Https请求的简单使用(Volley Https请求的示例)
- Volley的Https请求
- Volley的Https请求
- android Https请求的使用
- android https请求的使用
- 让Volley具有https请求的功能
- android 使用https请求
- Volley支持https请求
- https的get请求代码示例
- Android中原http请求的https实现(URLConnection 、volley)(volley不修改源码)
- Android中原http请求的https实现(URLConnection 、volley)(volley不修改源码)
- Android Volley框架支持https请求
- java Https的请求
- Volley框架支持HTTPS请求。
- Volley框架支持HTTPS请求
- Volley框架支持HTTPS请求。
- 用S-函数编写Simulink中的正弦模块
- 105.各加密算法总结
- Android studio 导入另外一个项目作为依赖包问题集锦!!!
- 工厂方法模式
- HBase-1.2.1之查找Region位置的源码学习
- Android Https请求的简单使用(Volley Https请求的示例)
- Android中使用定时器的三种方法
- fetch()函数
- Linux内核之数据结构--队列
- makefile
- Maven项目打包不了的问题
- 图灵连发几十款机器人应用,开放战略将持续
- 1092. To Buy or Not to Buy (20)
- Kali Linux 秘籍 第二章 定制 Kali Linux