android https通信

原创

Bensantan 2023-04-30 09:48:44 ©著作权

©著作权归作者所有：来自51CTO博客作者Bensantan的原创作品，请联系作者获取转载授权，否则将追究法律责任

1。数据通信时加密，不同平台加密后的结果不同，用的库不同吧（进行相应的修改比较麻烦）

2。采用https，系统自动做好了，简单一些

•   classMytmArray implementsX509TrustManager {   
•    publicX509Certificate[] getAcceptedIssuers() {   
•        // return null;  
•        returnnewX509Certificate[] {};   
•    }   
•  
•    @Override 
•    publicvoidcheckClientTrusted(X509Certificate[] chain, String authType)   
•            throwsCertificateException {   
•        // TODO Auto-generated method stub  
•  
•    }   
•  
•    @Override 
•    publicvoidcheckServerTrusted(X509Certificate[] chain, String authType)   
•            throwsCertificateException {   
•        // TODO Auto-generated method stub  
•        // System.out.println("cert: " + chain[0].toString() + ", authType: "  
•        // + authType);  
•    }   
•  
 
 
[

好了，我们写好了信任规则，接下载就要创建一个主机的信任列表

1.   staticTrustManager[] xtmArray = newMytmArray[] { newMytmArray() };   
2.  
3.     
4.    privatestaticvoidtrustAllHosts() {   
5.        // Create a trust manager that does not validate certificate chains  
6.        // Android 采用X509的证书信息机制  
7.        // Install the all-trusting trust manager  
8.        try{   
9.            SSLContext sc = SSLContext.getInstance("TLS");   
10.            sc.init(null, xtmArray, newjava.security.SecureRandom());   
11.            HttpsURLConnection   
12.                    .setDefaultSSLSocketFactory(sc.getSocketFactory());   
13.            // HttpsURLConnection.setDefaultHostnameVerifier(DO_NOT_VERIFY);//  
14.            // 不进行主机名确认  
15.        } catch(Exception e) {   
16.            e.printStackTrace();   
17.        }   
18.    }   
19.  
20.    staticHostnameVerifier DO_NOT_VERIFY = newHostnameVerifier() {   
21.        @Override 
22.        publicbooleanverify(String hostname, SSLSession session) {   
23.            // TODO Auto-generated method stub  
24.            // System.out.println("Warning: URL Host: " + hostname + " vs. "  
25.            // + session.getPeerHost());  
26.            returntrue;   
27.        }   
28.    };

上面的都是https通信需要做的几个基本要求，接下载我们要做的就是https的使用啦下面就以get和post为例进行说明，中间还涉及到cookie的使用

1. httpUrl＝"XXXXX" 
2. result = "";   
3.        HttpURLConnection http = null;   
4.        URL url;   
5.        try{   
6.            url = newURL(httpUrl);   
7.            // 判断是http请求还是https请求  
8.            if(url.getProtocol().toLowerCase().equals("https")) {   
9.                trustAllHosts();   
10.                http = (HttpsURLConnection) url.openConnection();   
11.                ((HttpsURLConnection) http).setHostnameVerifier(DO_NOT_VERIFY);// 不进行主机名确认  
12.  
13.            } else{   
14.                http = (HttpURLConnection) url.openConnection();   
15.            }   
16.            http.setConnectTimeout(10000);// 设置超时时间  
17.            http.setReadTimeout(50000);   
18.            http.setRequestMethod("GET");// 设置请求类型为  
19.            http.setDoInput(true);   
20.            http.setRequestProperty("Content-Type", "text/xml");   
21.  
22. in = null;   
23.            if(obj.getHttpStatus() == 200) {   
24.                getCookie(http);   
25.                in = newBufferedReader(newInputStreamReader(   
26.                        http.getInputStream()));   
27.            } else 
28.                in = newBufferedReader(newInputStreamReader(   
29.                        http.getErrorStream()));   
30.            result = in.readLine();   
31.            Log.i("result", result);   
32.            in.close();   
33.            http.disconnect();

https或http的get请求写好了，哦中间涉及到了一个getCookie的方法，如下：

1.  
2.    privatestaticvoidgetCookie(HttpURLConnection http) {   
3.        String cookieVal = null;   
4.        String key = null;   
5.        DataDefine.mCookieStore = "";   
6.        for(inti = 1; (key = http.getHeaderFieldKey(i)) != null; i++) {   
7.            if(key.equalsIgnoreCase("set-cookie")) {   
8.                cookieVal = http.getHeaderField(i);   
9.                cookieVal = cookieVal.substring(0, cookieVal.indexOf(";"));   
10.                DataDefine.mCookieStore = DataDefine.mCookieStore + cookieVal   
11.                        + ";";   
12.            }   
13.        }   
14.    }

public static Query HttpQueryReturnClass(String httpUrl, String base64) {

1.        String result = "";   
2.        Log.i("控制", httpUrl);   
3.        Query obj = newQuery();   
4.        HttpURLConnection http = null;   
5.        URL url;   
6.        try{   
7.            url = newURL(httpUrl);   
8.            // 判断是http请求还是https请求  
9.            if(url.getProtocol().toLowerCase().equals("https")) {   
10.                trustAllHosts();   
11.                http = (HttpsURLConnection) url.openConnection();   
12.                ((HttpsURLConnection) http).setHostnameVerifier(DO_NOT_VERIFY);// 不进行主机名确认  
13.            } else{   
14.                http = (HttpURLConnection) url.openConnection();   
15.            }   
16.            http.setConnectTimeout(10000);// 设置超时时间  
17.            http.setReadTimeout(50000);   
18.            http.setRequestMethod("POST");// 设置请求类型为post  
19.            http.setDoInput(true);   
20.            http.setDoOutput(true);   
21.            http.setRequestProperty("Content-Type", "text/xml");   
22.            http.setRequestProperty("Cookie", DataDefine.mCookieStore);   
23.            DataOutputStream out = newDataOutputStream(http.getOutputStream());   
24.            out.writeBytes(base64);   
25.            out.flush();   
26.            out.close();   
27.            obj.setHttpStatus(http.getResponseCode());// 设置http返回状态200还是403  
28.            BufferedReader in = null;   
29.            if(obj.getHttpStatus() == 200) {   
30.                getCookie(http);   
31.                in = newBufferedReader(newInputStreamReader(   
32.                        http.getInputStream()));   
33.            } else 
34.                in = newBufferedReader(newInputStreamReader(   
35.                        http.getErrorStream()));   
36.            result = in.readLine();// 得到返回结果  
37.            in.close();   
38.            http.disconnect();   
39.        } catch(Exception e) {   
40.            // TODO Auto-generated catch block  
41.            e.printStackTrace();   
42.        }

这里面的base64是我经过base64加密过以后的数据