握手失败 Android 23
Handshake failed Android 23
我在 Android 中遇到密钥库问题。
我正在尝试将 android 中的客户端连接到 java 中的服务器。我的代码在 API 从 android 的 15 到 22 中运行良好,但不适用于新的 API 23 更新:
我在 android 客户端上遇到错误:
javax.net.ssl.SSLHandshakeException: Handshake failed
服务器上出现此错误:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
这是我的代码,适用于 API 22 或更早版本:
客户端中,R.raw.publickey是public.bks证书,R.raw.publickey_v1是旧版本的.bks,与API15兼容。
服务器:
public static SSLServerSocket getServerSocketWithCert(int port, InputStream pathToCert, String passwordFromCert) throws IOException,
KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException{
TrustManager[] tmm;
KeyManager[] kmm;
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(pathToCert, passwordFromCert.toCharArray());
tmm=tm(ks);
kmm=km(ks, passwordFromCert);
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kmm, tmm, null);
SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) ctx.getServerSocketFactory();
SSLServerSocket ssocket = (SSLServerSocket) socketFactory.createServerSocket(port);
return ssocket;
}
private static TrustManager[] tm(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustMgrFactory.init(keystore);
return trustMgrFactory.getTrustManagers();
};
private static KeyManager[] km(KeyStore keystore, String password) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyMgrFactory.init(keystore, password.toCharArray());
return keyMgrFactory.getKeyManagers();
};
public static void main(String[] args){
SSLServerSocket ss = null;
try {
ss = getServerSocketWithCert(12345, Server.class.getResourceAsStream("/privateKey.store"), "password");
} catch(BindException e){
e.printStackTrace();
System.exit(1);
} catch (KeyManagementException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
}
while(true){
SSLSocket s = ss.accept();
new DataOutputStream(s.getOutputStream()).writeUTF("test");
//TODO ERROR IS APPENING HERE
}
}
客户:
public static SSLSocket getSocketWithCert(InetAddress ip, int port, InputStream pathToCert, String passwordFromCert) throws IOException,
KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
TrustManager[] tmm;
KeyStore ks = KeyStore.getInstance("BKS");
ks.load(pathToCert, passwordFromCert.toCharArray());
tmm=tm(ks);
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, tmm, null);
SSLSocketFactory SocketFactory = (SSLSocketFactory) ctx.getSocketFactory();
SSLSocket socket = (SSLSocket) SocketFactory.createSocket();
socket.connect(new InetSocketAddress(ip, port), 5000);
return socket;
}
private static TrustManager[] tm(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustMgrFactory.init(keystore);
return trustMgrFactory.getTrustManagers();
};
public static void(String[] args){
int id;
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN){
id = R.raw.publickey;
} else {
id = R.raw.publickey_v1;
}
try {
Socket s = SSLSocketKeystoreFactory.getSocketWithCert("myip", 12345, HackerMainActivity.this.getResources().openRawResource(id), "password");
} catch (UnknownHostException | SecurityException e) {
e.printStackTrace();
return;
} catch(SocketTimeoutException e){
e.printStackTrace();
return;
} catch (KeyManagementException | NoSuchAlgorithmException | CertificateException | KeyStoreException e) {
e.printStackTrace();
}
DataInputStream in = new DataInputStream(s.getInputStream());
//TODO ERROR IS APPENING HERE
}
非常感谢您的帮助!
我终于修好了...
错误是 Android 6.0 版本放弃了对 SHA-1 的支持。
对于有同样错误的人,只需使用 SHA-256 重新创建您的证书...
我在 Android 中遇到密钥库问题。
我正在尝试将 android 中的客户端连接到 java 中的服务器。我的代码在 API 从 android 的 15 到 22 中运行良好,但不适用于新的 API 23 更新:
我在 android 客户端上遇到错误:
javax.net.ssl.SSLHandshakeException: Handshake failed
服务器上出现此错误:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
这是我的代码,适用于 API 22 或更早版本:
客户端中,R.raw.publickey是public.bks证书,R.raw.publickey_v1是旧版本的.bks,与API15兼容。
服务器:
public static SSLServerSocket getServerSocketWithCert(int port, InputStream pathToCert, String passwordFromCert) throws IOException,
KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException{
TrustManager[] tmm;
KeyManager[] kmm;
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(pathToCert, passwordFromCert.toCharArray());
tmm=tm(ks);
kmm=km(ks, passwordFromCert);
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(kmm, tmm, null);
SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) ctx.getServerSocketFactory();
SSLServerSocket ssocket = (SSLServerSocket) socketFactory.createServerSocket(port);
return ssocket;
}
private static TrustManager[] tm(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustMgrFactory.init(keystore);
return trustMgrFactory.getTrustManagers();
};
private static KeyManager[] km(KeyStore keystore, String password) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyMgrFactory.init(keystore, password.toCharArray());
return keyMgrFactory.getKeyManagers();
};
public static void main(String[] args){
SSLServerSocket ss = null;
try {
ss = getServerSocketWithCert(12345, Server.class.getResourceAsStream("/privateKey.store"), "password");
} catch(BindException e){
e.printStackTrace();
System.exit(1);
} catch (KeyManagementException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
}
while(true){
SSLSocket s = ss.accept();
new DataOutputStream(s.getOutputStream()).writeUTF("test");
//TODO ERROR IS APPENING HERE
}
}
客户:
public static SSLSocket getSocketWithCert(InetAddress ip, int port, InputStream pathToCert, String passwordFromCert) throws IOException,
KeyManagementException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
TrustManager[] tmm;
KeyStore ks = KeyStore.getInstance("BKS");
ks.load(pathToCert, passwordFromCert.toCharArray());
tmm=tm(ks);
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, tmm, null);
SSLSocketFactory SocketFactory = (SSLSocketFactory) ctx.getSocketFactory();
SSLSocket socket = (SSLSocket) SocketFactory.createSocket();
socket.connect(new InetSocketAddress(ip, port), 5000);
return socket;
}
private static TrustManager[] tm(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustMgrFactory.init(keystore);
return trustMgrFactory.getTrustManagers();
};
public static void(String[] args){
int id;
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN){
id = R.raw.publickey;
} else {
id = R.raw.publickey_v1;
}
try {
Socket s = SSLSocketKeystoreFactory.getSocketWithCert("myip", 12345, HackerMainActivity.this.getResources().openRawResource(id), "password");
} catch (UnknownHostException | SecurityException e) {
e.printStackTrace();
return;
} catch(SocketTimeoutException e){
e.printStackTrace();
return;
} catch (KeyManagementException | NoSuchAlgorithmException | CertificateException | KeyStoreException e) {
e.printStackTrace();
}
DataInputStream in = new DataInputStream(s.getInputStream());
//TODO ERROR IS APPENING HERE
}
非常感谢您的帮助!
我终于修好了...
错误是 Android 6.0 版本放弃了对 SHA-1 的支持。 对于有同样错误的人,只需使用 SHA-256 重新创建您的证书...