单项认证:当客户端传输数据的时候,使用公钥加密,当数据传输到服务器端时,使用私钥进行解析,这样就算拿到客户端传输的数据,没有私钥也没有办法解析数据。
-
把公钥存放在本地
-
添加网络权限
<uses-permission android:name="android.permission.INTERNET"/>
客户端进行单项认证
private void connect() {
try {
//获取公钥信息
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
String algorithm = TrustManagerFactory.getDefaultAlgorithm();
TrustManagerFactory tmf = TrustManagerFactory
.getInstance(algorithm);
//删除默认的公钥
keyStore.load(null);
String alias = "xiaoshuai";
//设置公钥的类型
CertificateFactory factory = CertificateFactory.getInstance("X.509");
//获取公钥资源
InputStream tsIn = getResources().getAssets().open("xiaoshuai.crt");
//获取公钥对象
Certificate cert = factory.generateCertificate(tsIn);
//设置自己的公钥
keyStore.setCertificateEntry(alias, cert);
//初始化公钥
tmf.init(keyStore);
//初始化SSLContext
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, tmf.getTrustManagers(), null);
//通过HttpsURLConnection设置链接
URL url = new URL("https://10.0.2.2:8443");
HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url
.openConnection();
httpsURLConnection.setSSLSocketFactory(context.getSocketFactory());
//设置信任主机ip
httpsURLConnection.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
// TODO Auto-generated method stub
return true;
}
});
//获取服务器反馈的数据
InputStream in = httpsURLConnection.getInputStream();
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
byte[] b = new byte[1024];
int len = -1;
while((len = in.read(b)) != -1){
outputStream.write(b, 0, len);
}
String string = outputStream.toString();
Log.i("MainActivity", string);
} catch (Exception e) {
e.printStackTrace();
}
}