Read in PKCS12/P12 Client Cert file for Android App
I am trying to use a Client Certificate inside of my Android app so that I can insure HTTPS communication only with people who use the app or have the cert.
I have t
-
UPDATE FOR YOUR
NullPointerExceptionFrom your logcat information,
getResources()inGetCert.getThisCert()caused NullPointerException. It looks like that you have not passedContextfrom your Activity toGetCertclass. So, please update your code and check the result.END OF UPDATE
You can refer to my following code:
private TrustManager[] getWrappedTrustManagers(TrustManager[] trustManagers) { final X509TrustManager originalTrustManager = (X509TrustManager) trustManagers[0]; return new TrustManager[]{ new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return originalTrustManager.getAcceptedIssuers(); } public void checkClientTrusted(X509Certificate[] certs, String authType) { try { originalTrustManager.checkClientTrusted(certs, authType); } catch (CertificateException e) { e.printStackTrace(); } } public void checkServerTrusted(X509Certificate[] certs, String authType) { try { originalTrustManager.checkServerTrusted(certs, authType); } catch (CertificateException e) { e.printStackTrace(); } } } }; } private SSLSocketFactory getSSLSocketFactory_Certificate(String keyStoreType, int keystoreResId) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException { CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream caInput = getResources().openRawResource(keystoreResId); Certificate ca = cf.generateCertificate(caInput); caInput.close(); if (keyStoreType == null || keyStoreType.length() == 0) { keyStoreType = KeyStore.getDefaultType(); } KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(null, null); keyStore.setCertificateEntry("ca", ca); String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, wrappedTrustManagers, null); return sslContext.getSocketFactory(); } private SSLSocketFactory getSSLSocketFactory_KeyStore(String keyStoreType, int keystoreResId, String keyPassword) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException { InputStream caInput = getResources().openRawResource(keystoreResId); // creating a KeyStore containing trusted CAs if (keyStoreType == null || keyStoreType.length() == 0) { keyStoreType = KeyStore.getDefaultType(); } KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(caInput, keyPassword.toCharArray()); // creating a TrustManager that trusts the CAs in the KeyStore String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); tmf.init(keyStore); TrustManager[] wrappedTrustManagers = getWrappedTrustManagers(tmf.getTrustManagers()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, wrappedTrustManagers, null); return sslContext.getSocketFactory(); }Then call one of the two following (one for keystore file, the other one for certificate file):
SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("BKS", R.raw.androidbksv1, "123456789"); SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("BKS", R.raw.androidbksv1_cert);Because you have PKCS12 file, you can use one of the two following:
SSLSocketFactory sslSocketFactory = getSSLSocketFactory_KeyStore("PKCS12", R.raw.androidpkcs12, "123456789"); SSLSocketFactory sslSocketFactory = getSSLSocketFactory_Certificate("PKCS12", R.raw.androidpkcs12_cert);The above code has been tested successfully in my HTTPS projects. Hope this helps!
Moreover, please clarify
The last one actually crashes the app..., post more codes and logcat information if available.讨论(0)
加载中...
- 热议问题