Android开发中实现https校验

在安卓开发中需要自己写代码实现校验公钥的功能

 

当然,  如果是自己服务器，就不用校验,
如果是别人的服务器，比如银行，就需要校验

 

在这里, 小编采用从github上下载的开源框架实现,在开源框架中添加部分代码

 

 

 

下载到开源框架后, 在 AsyncHttpClient.java文件中添加

 

 

找到215行代码, 在这里添加校验的代码

 

证书文件需要拷贝到src的根目录

 

 1  //在这里添加一段 代码, 实现 https 连接,   检验  , 主要是去校验 证书的合法性  2          try { 3             InputStream ins = AsyncHttpClient.class.getClassLoader() 4                     .getResourceAsStream("hehe.cer"); // 这个文件就是网站的公钥 5              6              7             CertificateFactory cerFactory = CertificateFactory 8                     .getInstance("X.509");// X.509 公钥文件 .pk8 私钥文件的扩展名 9             Certificate cer = cerFactory.generateCertificate(ins);10             KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");11             keyStore.load(null, null);12             keyStore.setCertificateEntry("trust", cer);13             SSLSocketFactory socketFactory = new SSLSocketFactory(keyStore);14             schemeRegistry.register(new Scheme("https", socketFactory,15                     httpsPort));16 17         } catch (Exception e) {18             // TODO Auto-generated catch block19             e.printStackTrace();20         }21         22         return schemeRegistry;

 

 

 

还有不校验的代码

 

 1 //在这里添加一段 代码, 实现 https 连接,  不检验  2         try { 3             KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); 4             trustStore.load(null, null); 5             SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore); 6             //相当于 不在校验数据的合法性 7             sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); // 允许所有主机的验证 8             schemeRegistry.register(new Scheme("https", sslSocketFactory, 9             httpsPort));10             schemeRegistry.register(new Scheme("https",sf, httpsPort));11         } catch (Exception e) {12             e.printStackTrace();13         }14         15         16         return schemeRegistry;

 

 

 

注意,

在拷贝代码的过程中 SSLSocketFactory 需要自己创建出来, 代码如下:

 

 1 package com.loopj.android.http; 2  3 import java.io.IOException; 4 import java.net.Socket; 5 import java.net.UnknownHostException; 6 import java.security.KeyManagementException; 7 import java.security.KeyStore; 8 import java.security.KeyStoreException; 9 import java.security.NoSuchAlgorithmException;10 import java.security.UnrecoverableKeyException;11 12 import javax.net.ssl.SSLContext;13 import javax.net.ssl.TrustManager;14 import javax.net.ssl.X509TrustManager;15 16 import org.apache.http.conn.ssl.SSLSocketFactory;17 18 class SSLSocketFactoryEx extends SSLSocketFactory {19 20     SSLContext sslContext = SSLContext.getInstance("TLS");21 22     public SSLSocketFactoryEx(KeyStore truststore)23             throws NoSuchAlgorithmException, KeyManagementException,24             KeyStoreException, UnrecoverableKeyException {25         super(truststore);26 27         TrustManager tm = new X509TrustManager() {28 29             @Override30             public java.security.cert.X509Certificate[] getAcceptedIssuers() {31                 return null;32             }33 34             @Override35             public void checkClientTrusted(36                     java.security.cert.X509Certificate[] chain,37                     String authType)38                     throws java.security.cert.CertificateException {39 40             }41 42             @Override43             public void checkServerTrusted(44                     java.security.cert.X509Certificate[] chain,45                     String authType)46                     throws java.security.cert.CertificateException {47 48             }49         };50 51         sslContext.init(null, new TrustManager[] { tm }, null);52     }53 54     @Override55     public Socket createSocket(Socket socket, String host, int port,56             boolean autoClose) throws IOException, UnknownHostException {57         return sslContext.getSocketFactory().createSocket(socket, host,58                 port, autoClose);59     }60 61     @Override62     public Socket createSocket() throws IOException {63         return sslContext.getSocketFactory().createSocket();64     }65 }