我正在尝试在服务器和Android客户端之间创建TLS v1.2通信。 我与任何问题建立了TLS v1.0连接,但我无法获得v1.2。 这是服务器代码:TLS v1.2上的Android客户端/服务器
char[] passphrase = "myComplexPass1".toCharArray();
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(new FileInputStream("cacerts"), passphrase);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(keystore, passphrase);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
SSLContext sslContext.init(keyManagers, null, null);
SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(port);
sslServerSocket.setEnabledProtocols(new String [] { "TLSv1", "TLSv1.1", "TLSv1.2" });
sslServerSocket.setUseClientMode(false);
sslServerSocket.setWantClientAuth(false);
sslServerSocket.setNeedClientAuth(false);
sslSocket = (SSLSocket)sslServerSocket.accept();
,而这是客户端代码:
char[] passphrase = "myComplexPass1".toCharArray();
KeyStore keystore = KeyStore.getInstance("BKS");
keystore.load(this.getApplicationContext().getResources().openRawResource(R.raw.jb), passphrase);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keystore, passphrase);
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
Log.d("Context Protocol",sslContext.getProtocol());//this prints correctly TLS v1.2!
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
TrustManager[] trustManagers = new TrustManager[]{
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
{
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
{
}
}
};
sslContext.init(keyManagers, trustManagers, new SecureRandom());
SSLSocketFactory sslSocketFactory = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket skt = (SSLSocket) sslSocketFactory.createSocket(HOST, PORT);
skt.setKeepAlive(true);
客户端代码,写在我的电脑上JRE7运行的Java客户端,完美的作品和我的getProtocol(服务器见端)带有正确密码的TLSv1.2,由tlsv1.2支持。 在android上的相同的代码使tlsv1.0连接! 我真的不明白。 在Java客户端JRE7上工作,在android ONLY tlsv1.0 任何建议?
这是我的第一个问题,我搜查了很多。也许我的格式不正确:(
TLS 1.2在Android 4.1上可用。请参阅http://stackoverflow.com/questions/5950178/执行tls-1-2-on-android-2-3-3了解更多详情。 – 2013-05-14 06:03:20
谢谢,但根据此[链接](http://source.android.com/tech/security/android_4_2_security_enhancements.html)它应该被支持。我正在运行android 4.2.2 – 2013-05-14 07:04:00