个人中心
gpt4 book ai didi

android - HttpsUrlconnection 连接时接受任何证书

转载 作者:太空宇宙 更新时间:2023-11-03 14:38:56 25 4
gpt4 key购买 nike

我正在尝试制作一个固定 ssl 证书的应用程序。我有一个使用 HttpsURLConnection 创建服务器连接的类。当我使用普通互联网连接进行连接时,它连接正常。当我使用代理 (mitmproxy) 时,如果我没有安装证书,它就会失败。有没有办法让 HttpsURLConnection 接受任何 SSL 证书。

这是我在未安装证书时遇到的错误 Caused by: java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found

protected Boolean doInBackground(Void... params) {
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }
        public void checkClientTrusted(X509Certificate[] certs, String authType) {
        }
        public void checkServerTrusted(X509Certificate[] certs, String authType) {
        }
    } };
    final SSLContext sc;
    try {
        sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
    } catch (NoSuchAlgorithmException | KeyManagementException e) {
        e.printStackTrace();
    }

    String https_url = "https://www.prisonvoicemail.com/";

    URL url;
    try {
        url = new URL(https_url);
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
        HttpsURLConnection con = (HttpsURLConnection)url.openConnection();

        JSONObject array = print_https_cert(con);
        try {
            Log.d(LOG_TAG, array.toString(4));
        } catch (JSONException e) {
            e.printStackTrace();
        }
        this.success = true;
    } catch (IOException e) {
        e.printStackTrace();
    }
    return this.success;
}

private JSONObject print_https_cert(HttpsURLConnection con){
    BASE64Encoder base64Encoder;
    JSONObject certificateInfo = new JSONObject();

    if(con!=null){
        try {
            System.out.println("Response Code : " + con.getResponseCode());
            System.out.println("Cipher Suite : " + con.getCipherSuite());
            System.out.println("\n");

            try {
                Certificate[] certs = con.getServerCertificates();
                MessageDigest mg = MessageDigest.getInstance("SHa-256");

                Certificate originalCert = certs[0];
                byte[] originalPublicKey = mg.digest(originalCert.getPublicKey().getEncoded());
                base64Encoder = new BASE64Encoder();
                String originalKey = base64Encoder.encode(originalPublicKey);

                //Get ip address
                Document doc = Jsoup.connect("http://checkip.org/").get();
                String ip = doc.getElementById("yourip").select("h1").first().select("span").text();

                try {
                    certificateInfo.put("ip", ip);
                } catch (JSONException e) {
                    e.printStackTrace();
                }

                JSONObject certificates = new JSONObject();
                int index = 1;
                if(!originalKey.equals("Z12bL041tx\/0Hb8fNmTsL7ztXex\/02WlawBoMWMFRmc=")){
                    for(Certificate cert : certs){
                        //Data to write to json
                        //Get serial number
                        X509Certificate x509Certificate = (X509Certificate) cert;
                        BigInteger serial = x509Certificate.getSerialNumber();
                        //Get public key in sha-256 base64
                        byte[] publicKey = mg.digest(cert.getPublicKey().getEncoded());
                        base64Encoder = new BASE64Encoder();
                        String key = base64Encoder.encode(publicKey);
                        //getIssuer
                        Principal issuer = x509Certificate.getIssuerDN();

                        JSONObject values = new JSONObject();
                        try {
                            values.put("serial", serial.toString(16));
                            values.put("public-key", key);
                            values.put("issuer", issuer);
                            certificates.put(String.valueOf(index), values);

                        } catch (JSONException e) {
                            e.printStackTrace();
                        }
                        index++;
                    }
                }

                try {
                    certificateInfo.put("certificates", certificates);
                } catch (JSONException e) {
                    e.printStackTrace();
                }

                for(Certificate cert : certs){
                    byte[] publicKey = mg.digest(cert.getPublicKey().getEncoded());
                    base64Encoder = new BASE64Encoder();
                    String key = base64Encoder.encode(publicKey);
                    X509Certificate x509Certificate = (X509Certificate) cert;
                    BigInteger serial = x509Certificate.getSerialNumber();
                    System.out.println("Cert Public Key: " + key);
                    System.out.println("Cert Serial number: " + serial.toString(16));
                    System.out.println("\n");
                }

            } catch (NoSuchAlgorithmException e){
                e.printStackTrace();
            }
        } catch (IOException e){
            e.printStackTrace();
        }

    }

    return certificateInfo;
}

我们希望能够在用户使用无效证书建立连接时进行记录。我希望它能够连接到任何证书而无需安装它。当人们使用该应用程序时,我不希望在连接之前安装黑客证书。我已尝试创建 TrustManager,但它不起作用。

最佳答案

我想通了。我遇到了构建问题,我使用的版本不是带有 TrustManager 的版本。

关于android - HttpsUrlconnection 连接时接受任何证书,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44944414/

25 4 0
文章推荐: ssl - 如何使用 OpenSSL 生成自签名 SSL 证书?
文章推荐: c# - HttpClient 通过 BSON 到 RESTful API
文章推荐: python - kafka-python ssl 支持 python < v2.7.9(无属性 'SSLContext')
文章推荐: c# - 导致异常 "ReadOnly controls collection"- 编辑 UI 时
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com