Android中原http请求的https实现(URLConnection 、volley)(volley不修改源码)
发布日期:2021-11-12 07:57:11 浏览次数:25 分类:技术文章

本文共 17780 字,大约阅读时间需要 59 分钟。

原文地址:http://blog.csdn.net/qq_26411333/article/details/52056809

volley修改源码原文地址:http://blog.csdn.net/Jiang_Rong_Tao/article/details/51304796

忽略证书认证的原文地址:http://blog.csdn.net/zi413293813/article/details/42874299

导语

  1. 官方文档:

  2. Https使用了数字签名,对于数字签名的理解,

  3. 数字签名一般会使用RSA,对于RSA算法的理解,阮一峰也提供两篇生动的文章来说明:

    如果看到一大段数学公式就不想往下看的同学,我这里给个简化版的:

    将两个大质数相乘十分容易,但是想要对其乘积进行因式分解极其困难,给出了的例子: 
    将 
    1230186684530117755130494958384962720772853569595334 
    7921973224521517264005072636575187452021997864693899 
    5647494277406384592519255732630345373154826850791702 
    6122142913461670429214311602221240479274737794080665 
    351419597459856902143413 
    分解成两个质数的乘积,因为现在的方法只能暴力破解,以目前电子计算机的运算速率来看,即使破解了,也会耗费相当长的时间,导致破解行为本身没有什么意义

一般网站的链接

google给的示例代码有些过于简单,我添加了一些东西,复制粘贴就可以运行:

public class MainActivity extends AppCompatActivity {
@Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); new Thread() { @Override public void run() { try { URL url = new URL("https://wikipedia.org"); URLConnection urlConnection = url.openConnection(); InputStream in = urlConnection.getInputStream(); printInputStream(in); } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } } }.start(); } private void printInputStream(InputStream is){ BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuffer sb = new StringBuffer(); String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } String rs = sb.toString(); Log.e("inputSteam",rs); }}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44

正常访问,结果为: 
 
这里写图片描述

有数字签名的网站

不做任何处理

将上面代码的第11行的网址改为: 
运行的结果会报错: 
 
这里写图片描述

官方给的处理

这里同样处理一下细节,复制可以直接运行

public class MainActivity extends AppCompatActivity {
private final String load = "-----BEGIN CERTIFICATE-----\n" + "MIIEBzCCA3CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT\n" + "AldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNVBAsTC1VXIFNlcnZp\n" + "Y2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYXaGVscEBjYWMud2Fz\n" + "aGluZ3Rvbi5lZHUwHhcNMDMwMjI1MTgyNTA5WhcNMzAwOTAzMTgyNTA5WjCBlDELMAkGA1UEBhMC\n" + "VVMxCzAJBgNVBAgTAldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNV\n" + "BAsTC1VXIFNlcnZpY2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYX\n" + "aGVscEBjYWMud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwCo6h4\n" + "T44m+7ve+BrnEqflqBISFaZTXyJTjIVQ39ZWhE0B3LafbbZYju0imlQLG+MEVAtNDdiYICcBcKsa\n" + "pr2dxOi31Nv0moCkOj7iQueMVU4E1TghYIR2I8hqixFCQIP/CMtSDail/POzFzzdVxI1pv2wRc5c\n" + "L6zNwV25gbn3AgMBAAGjggFlMIIBYTAdBgNVHQ4EFgQUVdfBM8b6k/gnPcsgS/VajliXfXQwgcEG\n" + "A1UdIwSBuTCBtoAUVdfBM8b6k/gnPcsgS/VajliXfXShgZqkgZcwgZQxCzAJBgNVBAYTAlVTMQsw\n" + "CQYDVQQIEwJXQTEhMB8GA1UEChMYVW5pdmVyc2l0eSBvZiBXYXNoaW5ndG9uMRQwEgYDVQQLEwtV\n" + "VyBTZXJ2aWNlczEXMBUGA1UEAxMOVVcgU2VydmljZXMgQ0ExJjAkBgkqhkiG9w0BCQEWF2hlbHBA\n" + "Y2FjLndhc2hpbmd0b24uZWR1ggEAMAwGA1UdEwQFMAMBAf8wKwYDVR0RBCQwIoYgaHR0cDovL2Nl\n" + "cnRzLmNhYy53YXNoaW5ndG9uLmVkdS8wQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NlcnRzLmNh\n" + "Yy53YXNoaW5ndG9uLmVkdS9VV1NlcnZpY2VzQ0EuY3JsMA0GCSqGSIb3DQEBBAUAA4GBAIn0PNmI\n" + "JjT9bM5d++BtQ5UpccUBI9XVh1sCX/NdxPDZ0pPCw7HOOwILumpulT9hGZm9Rd+W4GnNDAMV40we\n" + "s8REptvOZObBBrjaaphDe1D/MwnrQythmoNKc33bFg9RotHrIfT4EskaIXSx0PywbyfIR1wWxMpr\n" + "8gbCjAEUHNF/\n" + "-----END CERTIFICATE-----"; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); new Thread() { @Override public void run() { super.run(); URL url = null; HttpsURLConnection urlConnection = null; InputStream in = null; try { //1.生成证书:Certificate CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new ByteArrayInputStream(load.getBytes()); Certificate ca = null; try { ca = cf.generateCertificate(caInput); System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN()); } catch (CertificateException e) { e.printStackTrace(); } finally { caInput.close(); } //2.初始化公钥:keyStore String keyStoreType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); //3.初始化TrustManagerFactory String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); //4.初始化sslContext SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); //5.建立Https链接 url = new URL("https://certs.cac.washington.edu/CAtest/"); //注意,这里是HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); urlConnection.setSSLSocketFactory(context.getSocketFactory()); in = urlConnection.getInputStream(); } catch (MalformedURLException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } copyInputStreamToOutputStream(in); } }.start(); } private void copyInputStreamToOutputStream(InputStream is) { if (is == null) return; BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuffer sb = new StringBuffer(); String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } } Log.e("inputstrem", sb.toString()); }}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

运行结果: 
 
这里写图片描述

第二行的load的由来

  1. 下载load-der.crt
  2. 在cmd中输入命令:keytool -printcert -rfc -file 文件地址

 
这里写图片描述

实现的流程也很简单:

开始生成证书:Certificate初始化公钥:keyStore初始化TrustManagerFactory初始化sslContext建立Https链接后续的处理

Volley的示例

在实际开发中,我们使用网络框架来进行网络中的交互,所以上面的代码肯定是用不到的;现在通用的网络请求框架,都给HTTPS请求留出了空间来实现,下面以Volley为例:

public class MainActivity extends Activity {
private final String load = "-----BEGIN CERTIFICATE-----\n" + "MIIEBzCCA3CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBlDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT\n" + "AldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNVBAsTC1VXIFNlcnZp\n" + "Y2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYXaGVscEBjYWMud2Fz\n" + "aGluZ3Rvbi5lZHUwHhcNMDMwMjI1MTgyNTA5WhcNMzAwOTAzMTgyNTA5WjCBlDELMAkGA1UEBhMC\n" + "VVMxCzAJBgNVBAgTAldBMSEwHwYDVQQKExhVbml2ZXJzaXR5IG9mIFdhc2hpbmd0b24xFDASBgNV\n" + "BAsTC1VXIFNlcnZpY2VzMRcwFQYDVQQDEw5VVyBTZXJ2aWNlcyBDQTEmMCQGCSqGSIb3DQEJARYX\n" + "aGVscEBjYWMud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwCo6h4\n" + "T44m+7ve+BrnEqflqBISFaZTXyJTjIVQ39ZWhE0B3LafbbZYju0imlQLG+MEVAtNDdiYICcBcKsa\n" + "pr2dxOi31Nv0moCkOj7iQueMVU4E1TghYIR2I8hqixFCQIP/CMtSDail/POzFzzdVxI1pv2wRc5c\n" + "L6zNwV25gbn3AgMBAAGjggFlMIIBYTAdBgNVHQ4EFgQUVdfBM8b6k/gnPcsgS/VajliXfXQwgcEG\n" + "A1UdIwSBuTCBtoAUVdfBM8b6k/gnPcsgS/VajliXfXShgZqkgZcwgZQxCzAJBgNVBAYTAlVTMQsw\n" + "CQYDVQQIEwJXQTEhMB8GA1UEChMYVW5pdmVyc2l0eSBvZiBXYXNoaW5ndG9uMRQwEgYDVQQLEwtV\n" + "VyBTZXJ2aWNlczEXMBUGA1UEAxMOVVcgU2VydmljZXMgQ0ExJjAkBgkqhkiG9w0BCQEWF2hlbHBA\n" + "Y2FjLndhc2hpbmd0b24uZWR1ggEAMAwGA1UdEwQFMAMBAf8wKwYDVR0RBCQwIoYgaHR0cDovL2Nl\n" + "cnRzLmNhYy53YXNoaW5ndG9uLmVkdS8wQQYDVR0fBDowODA2oDSgMoYwaHR0cDovL2NlcnRzLmNh\n" + "Yy53YXNoaW5ndG9uLmVkdS9VV1NlcnZpY2VzQ0EuY3JsMA0GCSqGSIb3DQEBBAUAA4GBAIn0PNmI\n" + "JjT9bM5d++BtQ5UpccUBI9XVh1sCX/NdxPDZ0pPCw7HOOwILumpulT9hGZm9Rd+W4GnNDAMV40we\n" + "s8REptvOZObBBrjaaphDe1D/MwnrQythmoNKc33bFg9RotHrIfT4EskaIXSx0PywbyfIR1wWxMpr\n" + "8gbCjAEUHNF/\n" + "-----END CERTIFICATE-----"; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); //生成SSLSocketFactory SSLSocketFactory sslSocketFactory = initSSLSocketFactory(); //HurlStack两个参数默认都是null,如果传入SSLSocketFactory,那么会以Https的方式来请求网络 HurlStack stack = new HurlStack(null, sslSocketFactory); //通常,我们调用的是Volley.newRequestQueue(context),HurlStack为默认的,也就是不处理Https的情况 //现在传入处理Https的HurlStack,Volley就会去处理相应的请求 RequestQueue requestQueue = Volley.newRequestQueue(this, stack); //去访问网络 StringRequest request = new StringRequest("https://certs.cac.washington.edu/CAtest/", new Response.Listener
() { @Override public void onResponse(String response) { Log.e("onResponse", response); } }, new Response.ErrorListener() { @Override public void onErrorResponse(VolleyError error) { Log.e("error", error.getMessage()); } }); requestQueue.add(request); } /** * 生成SSLSocketFactory * 这里的代码与之前相比,没有什么不同 * * @return */ private SSLSocketFactory initSSLSocketFactory() { //生成证书:Certificate CertificateFactory cf = null; SSLSocketFactory factory = null; try { cf = CertificateFactory.getInstance("X.509"); InputStream caInput = new ByteArrayInputStream(load.getBytes()); Certificate ca = null; try { ca = cf.generateCertificate(caInput); } finally { try { caInput.close(); } catch (IOException e) { e.printStackTrace(); } } //初始化公钥:keyStore String keyType = KeyStore.getDefaultType(); KeyStore keyStore = KeyStore.getInstance(keyType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); //初始化TrustManagerFactory String algorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory managerFactory = TrustManagerFactory.getInstance(algorithm); managerFactory.init(keyStore); //初始化sslContext SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, managerFactory.getTrustManagers(), null); factory = sslContext.getSocketFactory(); } catch (CertificateException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (KeyStoreException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (KeyManagementException e) { e.printStackTrace(); } return factory; }}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

结果展示: 
 
这里写图片描述

示例代码很简单,如果有需要,在项目里稍微写写代码,就可以集成进去。 
成熟网络请求框架都给使用者留出了传递“SSLSocketFactory ”的入口,仔细阅读下网络请求框架初始化的代码,就可以找对应的地方。

结语

HTTPS认证貌似要花不少的银子,一般各位也不会用到,如果要使用HTTPS,可以参考下上面的示例代码。另外,开头推荐阮一峰的几篇文章,希望各位看官查阅。

忽略证书验证:

[java]   
 
  1. public static StringBuffer post(String urlString, String param) {  
  2.         StringBuffer sb = new StringBuffer();  
  3.         URL url = null;  
  4.         HttpURLConnection connection = null;  
  5.         DataOutputStream out = null;  
  6.         BufferedReader in = null;  
  7.         try {  
  8.             url = new URL(urlString);  
  9.               
  10.             //关键代码  
  11.             //ignore https certificate validation |忽略 https 证书验证  
  12.             if (url.getProtocol().toUpperCase().equals("HTTPS")) {  
  13.                 trustAllHosts();  
  14.                 HttpsURLConnection https = (HttpsURLConnection) url  
  15.                         .openConnection();  
  16.                 https.setHostnameVerifier(HttpIgnoreSSL.DO_NOT_VERIFY);  
  17.                 connection = https;  
  18.             } else {  
  19.                 connection = (HttpURLConnection) url.openConnection();  
  20.             }  
  21.               
  22.             connection.setReadTimeout(10000);  
  23.             connection.setDoInput(true);  
  24.             connection.setDoOutput(true);  
  25.             connection.setRequestMethod("POST");  
  26.             connection.setUseCaches(false);  
  27.             connection.setInstanceFollowRedirects(true);  
  28.             connection.setRequestProperty("Content-Type",  
  29.                     "application/x-www-form-urlencoded");  
  30.             connection.connect();  
  31.             out = new DataOutputStream(  
  32.                     connection.getOutputStream());  
  33.             out.writeBytes(param);  
  34.             out.flush();  
  35.   
  36.             in = new BufferedReader(new InputStreamReader(  
  37.                     connection.getInputStream()), 512);  
  38.             String line;  
  39.             while ((line = in.readLine()) != null) {  
  40.                 sb.append(line.trim());  
  41.             }  
  42.         } catch (IOException e) {  
  43.             e.printStackTrace();  
  44.         } catch (Exception e) {  
  45.             e.printStackTrace();  
  46.         }finally {  
  47.             if (out != null) {  
  48.                 try {  
  49.                     out.close();  
  50.                 } catch (IOException e) {  
  51.                 }  
  52.             }  
  53.             if (in != null) {  
  54.                 try {  
  55.                     in.close();  
  56.                 } catch (IOException e) {  
  57.                 }  
  58.             }  
  59.             if (connection != null) {  
  60.                 connection.disconnect();  
  61.             }  
  62.         }  
  63.         return sb;  
  64.     }  

[java]   
 
  1. public static void trustAllHosts() {  
  2.         // Create a trust manager that does not validate certificate chains  
  3.         // Android use X509 cert  
  4.         TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {  
  5.             public java.security.cert.X509Certificate[] getAcceptedIssuers() {  
  6.                 return new java.security.cert.X509Certificate[] {};  
  7.             }  
  8.   
  9.             public void checkClientTrusted(X509Certificate[] chain,  
  10.                     String authType) throws CertificateException {  
  11.             }  
  12.   
  13.             public void checkServerTrusted(X509Certificate[] chain,  
  14.                     String authType) throws CertificateException {  
  15.             }  
  16.         } };  
  17.   
  18.         // Install the all-trusting trust manager  
  19.         try {  
  20.             SSLContext sc = SSLContext.getInstance("TLS");  
  21.             sc.init(null, trustAllCerts, new java.security.SecureRandom());  
  22.             HttpsURLConnection  
  23.                     .setDefaultSSLSocketFactory(sc.getSocketFactory());  
  24.         } catch (Exception e) {  
  25.             e.printStackTrace();  
  26.         }  
  27.     }  

[java]   
 
  1. public final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {  
  2.         public boolean verify(String hostname, SSLSession session) {  
  3.             return true;  
  4.         }  
  5.     };  

转载地址:https://blog.csdn.net/happy_love1990/article/details/70038207 如侵犯您的版权,请留言回复原文章的地址,我们会给您删除此文章,给您带来不便请您谅解!

上一篇:ViewPager撤消左右滑动切换功能
下一篇:Android 重写EditText回车事件

发表评论

最新留言

感谢大佬
[***.8.128.20]2024年03月25日 23时47分47秒

关于作者

    喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!
-- 愿君每日到此一游!

推荐文章

mysql 自带压测工具_centos7中mysql自带压测工具mysqlslap使用 2019-04-21
python中pca算法_使用python的numpy库实现PCA算法 2019-04-21
2020word替换所有文本_Excel字符函数(5):REPLACE、SUBSTITUTE查找替换函数之区别... 2019-04-21
win10安装ipython_win10环境 ipython app.py 8080 这里为什么是ipython 这步无法启动 2019-04-21
statelesswidget 初始化执行方法_Spring的初始化回调你真的搞懂了吗? 2019-04-21
nhibernate和mysql_利用NHibernate与MySQL交互 2019-04-21
python22期_python22期第八天(正则表达式-模块,总结) 2019-04-21
假定在MYSQL_假定在名称为教学库的数据库中包含有学生、课程和选课三个表,它们的定义如下 - 问答库... 2019-04-21
mysql多字段存储过程_mysql 的存储过程_多字段 2019-04-21
python怎么创建字符串列表_如何在python列表中为每个字符串创建子列表? 2019-04-21
vba ado 执行多条mysql 语句_access 按钮 多条sql语句 VBA 2019-04-21
弹性方法计算连续梁板内力_(梁板结构)混凝土结构设计复习题及答案 2019-04-21
java root权限_android java获得root权限调用linux命令 | 学步园 2019-04-21
java最小化窗体_JAVA窗体最大化最小化控制+托盘 2019-04-21
java 注解 数组默认值_Java注解默认值 2019-04-21
java流程语句_Java流程控制语句 2019-04-21
java require_java正则中的requireEnd和hitEnd 2019-04-21
400错误java_java代码转化成c#代码 报400错误 2019-04-21
java常见对象_Java 常见对象 02 2019-04-21
spring java配置_Spring Java配置要点 2019-04-21