Android Https详细请求全方案实现,包括HttpUrlConnection及HttpClient方式实现指定证书及信任所有的实现,不多说了,以下代码都经过详细测试,可以直接使用。
Java代码 package com.example.httpstest; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URL; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.methods.HttpGet; import org.apache.http.conn.ClientConnectionManager; import org.apache.http.conn.scheme.PlainSocketFactory; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager; import org.apache.http.params.BasicHttpParams; import org.apache.http.params.HttpConnectionParams; import org.apache.http.params.HttpParams; import android.app.Activity; import android.os.Bundle; import android.util.Log; /** * HTTPS测试 测试地址:https://certs.cac.washington.edu/CAtest/ * 测试证书:https://www.washington.edu/itconnect/security/ca/load-der.crt * * * @author guojing09 * */ public class MainActivity extends Activity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); new Thread(new Runnable() { @Override public void run() { try { initSSLWithHttpClinet(); } catch (Exception e) { Log.e("HTTPS TEST", e.getMessage()); } } }).start(); } /** * HttpUrlConnection 方式,支持指定load-der.crt证书验证,此种方式Android官方建议 * * @throws CertificateException * @throws IOException * @throws KeyStoreException * @throws NoSuchAlgorithmException * @throws KeyManagementException */ public void initSSL() throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, KeyManagementException { CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream in = getAssets().open("load-der.crt"); Certificate ca = cf.generateCertificate(in); KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setCertificateEntry("ca", ca); String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keystore); // Create an SSLContext that uses our TrustManager SSLContext context = SSLContext.getInstance("TLS"); context.init(null, tmf.getTrustManagers(), null); URL url = new URL("https://certs.cac.washington.edu/CAtest/"); HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); urlConnection.setSSLSocketFactory(context.getSocketFactory()); InputStream input = urlConnection.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(input, "UTF-8")); StringBuffer result = new StringBuffer(); String line = ""; while ((line = reader.readLine()) != null) { result.append(line); } Log.e("TTTT", result.toString()); } /** * HttpUrlConnection支持所有Https免验证,不建议使用 * * @throws KeyManagementException * @throws NoSuchAlgorithmException * @throws IOException */ public void initSSLALL() throws KeyManagementException, NoSuchAlgorithmException, IOException { URL url = new URL("https://certs.cac.washington.edu/CAtest/"); SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] { new TrustAllManager() }, null); HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String arg0, SSLSession arg1) { return true; } }); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setDoInput(true); connection.setDoOutput(false); connection.setRequestMethod("GET"); connection.connect(); InputStream in = connection.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); String line = ""; StringBuffer result = new StringBuffer(); while ((line = reader.readLine()) != null) { result.append(line); } Log.e("TTTT", result.toString()); } /** * HttpClient方式实现,支持所有Https免验证方式链接 * * @throws ClientProtocolException * @throws IOException */ public void initSSLAllWithHttpClient() throws ClientProtocolException, IOException { int timeOut = 30 * 1000; HttpParams param = new BasicHttpParams(); HttpConnectionParams.setConnectionTimeout(param, timeOut); HttpConnectionParams.setSoTimeout(param, timeOut); HttpConnectionParams.setTcpNoDelay(param, true); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); registry.register(new Scheme("https", TrustAllSSLSocketFactory.getDefault(), 443)); ClientConnectionManager manager = new ThreadSafeClientConnManager(param, registry); DefaultHttpClient client = new DefaultHttpClient(manager, param); HttpGet request = new HttpGet("https://certs.cac.washington.edu/CAtest/"); // HttpGet request = new HttpGet("https://www.alipay.com/"); HttpResponse response = client.execute(request); HttpEntity entity = response.getEntity(); BufferedReader reader = new BufferedReader(new InputStreamReader(entity.getContent())); StringBuilder result = new StringBuilder(); String line = ""; while ((line = reader.readLine()) != null) { result.append(line); } Log.e("HTTPS TEST", result.toString()); } /** * HttpClient方式实现,支持验证指定证书 * * @throws ClientProtocolException * @throws IOException */ public void initSSLCertainWithHttpClient() throws ClientProtocolException, IOException { int timeOut = 30 * 1000; HttpParams param = new BasicHttpParams(); HttpConnectionParams.setConnectionTimeout(param, timeOut); HttpConnectionParams.setSoTimeout(param, timeOut); HttpConnectionParams.setTcpNoDelay(param, true); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); registry.register(new Scheme("https", TrustCertainHostNameFactory.getDefault(this), 443)); ClientConnectionManager manager = new ThreadSafeClientConnManager(param, registry); DefaultHttpClient client = new DefaultHttpClient(manager, param); // HttpGet request = new // HttpGet("https://certs.cac.washington.edu/CAtest/"); HttpGet request = new HttpGet("https://www.alipay.com/"); HttpResponse response = client.execute(request); HttpEntity entity = response.getEntity(); BufferedReader reader = new BufferedReader(new InputStreamReader(entity.getContent())); StringBuilder result = new StringBuilder(); String line = ""; while ((line = reader.readLine()) != null) { result.append(line); } Log.e("HTTPS TEST", result.toString()); } public class TrustAllManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // TODO Auto-generated method stub } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // TODO Auto-generated method stub } @Override public X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } } }
Java代码 package com.example.httpstest; import java.io.IOException; import java.lang.reflect.Field; import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLException; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.http.conn.scheme.SocketFactory; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.conn.ssl.X509HostnameVerifier; import android.os.Build; public class TrustAllSSLSocketFactory extends SSLSocketFactory { private javax.net.ssl.SSLSocketFactory factory; private static TrustAllSSLSocketFactory instance; private TrustAllSSLSocketFactory() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException { super(null); SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] { new TrustAllManager() }, null); factory = context.getSocketFactory(); setHostnameVerifier(new X509HostnameVerifier() { @Override public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { // TODO Auto-generated method stub } @Override public void verify(String host, X509Certificate cert) throws SSLException { // TODO Auto-generated method stub } @Override public void verify(String host, SSLSocket ssl) throws IOException { // TODO Auto-generated method stub } @Override public boolean verify(String host, SSLSession session) { // TODO Auto-generated method stub return true; } }); } public static SocketFactory getDefault() { if (instance == null) { try { instance = new TrustAllSSLSocketFactory(); } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (UnrecoverableKeyException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (KeyStoreException e) { // TODO Auto-generated catch block e.printStackTrace(); } } return instance; } @Override public Socket createSocket() throws IOException { return factory.createSocket(); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { if (Build.VERSION.SDK_INT < 11) { // 3.0 injectHostname(socket, host); } return factory.createSocket(socket, host, port, autoClose); } private void injectHostname(Socket socket, String host) { try { Field field = InetAddress.class.getDeclaredField("hostName"); field.setAccessible(true); field.set(socket.getInetAddress(), host); } catch (Exception ignored) { } } public class TrustAllManager implements X509TrustManager { @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // TODO Auto-generated method stub } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { // TODO Auto-generated method stub } @Override public X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } } }
Java代码 package com.example.httpstest; import java.io.IOException; import java.io.InputStream; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import org.apache.http.conn.ssl.SSLSocketFactory; import android.content.Context; public class TrustCertainHostNameFactory extends SSLSocketFactory { private static TrustCertainHostNameFactory mInstance; public TrustCertainHostNameFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { super(truststore); } public static TrustCertainHostNameFactory getDefault(Context context) { KeyStore keystore = null; try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream in; in = context.getAssets().open("load-der.crt"); Certificate ca = cf.generateCertificate(in); keystore = KeyStore.getInstance(KeyStore.getDefaultType()); keystore.load(null, null); keystore.setCertificateEntry("ca", ca); if (null == mInstance) { mInstance = new TrustCertainHostNameFactory(keystore); } } catch (Exception e) { } return mInstance; } @Override public Socket createSocket() throws IOException { return super.createSocket(); } @Override public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException { return super.createSocket(socket, host, port, autoClose); } }
