1。数据通信时加密,不同平台加密后的结果不同,用的库不同吧(进行相应的修改比较麻烦)
2。采用https,系统自动做好了,简单一些
• classMytmArray implementsX509TrustManager {
• publicX509Certificate[] getAcceptedIssuers() {
• // return null;
• returnnewX509Certificate[] {};
• }
•
• @Override
• publicvoidcheckClientTrusted(X509Certificate[] chain, String authType)
• throwsCertificateException {
• // TODO Auto-generated method stub
•
• }
•
• @Override
• publicvoidcheckServerTrusted(X509Certificate[] chain, String authType)
• throwsCertificateException {
• // TODO Auto-generated method stub
• // System.out.println("cert: " + chain[0].toString() + ", authType: "
• // + authType);
• }
•
[
好了,我们写好了信任规则,接下载就要创建一个主机的信任列表
1. staticTrustManager[] xtmArray = newMytmArray[] { newMytmArray() };
2.
3.
4. privatestaticvoidtrustAllHosts() {
5. // Create a trust manager that does not validate certificate chains
6. // Android 采用X509的证书信息机制
7. // Install the all-trusting trust manager
8. try{
9. SSLContext sc = SSLContext.getInstance("TLS");
10. sc.init(null, xtmArray, newjava.security.SecureRandom());
11. HttpsURLConnection
12. .setDefaultSSLSocketFactory(sc.getSocketFactory());
13. // HttpsURLConnection.setDefaultHostnameVerifier(DO_NOT_VERIFY);//
14. // 不进行主机名确认
15. } catch(Exception e) {
16. e.printStackTrace();
17. }
18. }
19.
20. staticHostnameVerifier DO_NOT_VERIFY = newHostnameVerifier() {
21. @Override
22. publicbooleanverify(String hostname, SSLSession session) {
23. // TODO Auto-generated method stub
24. // System.out.println("Warning: URL Host: " + hostname + " vs. "
25. // + session.getPeerHost());
26. returntrue;
27. }
28. };
上面的都是https通信需要做的几个基本要求,接下载我们要做的就是https的使用啦下面就以get和post为例进行说明,中间还涉及到cookie的使用
1. httpUrl="XXXXX"
2. result = "";
3. HttpURLConnection http = null;
4. URL url;
5. try{
6. url = newURL(httpUrl);
7. // 判断是http请求还是https请求
8. if(url.getProtocol().toLowerCase().equals("https")) {
9. trustAllHosts();
10. http = (HttpsURLConnection) url.openConnection();
11. ((HttpsURLConnection) http).setHostnameVerifier(DO_NOT_VERIFY);// 不进行主机名确认
12.
13. } else{
14. http = (HttpURLConnection) url.openConnection();
15. }
16. http.setConnectTimeout(10000);// 设置超时时间
17. http.setReadTimeout(50000);
18. http.setRequestMethod("GET");// 设置请求类型为
19. http.setDoInput(true);
20. http.setRequestProperty("Content-Type", "text/xml");
21.
22. in = null;
23. if(obj.getHttpStatus() == 200) {
24. getCookie(http);
25. in = newBufferedReader(newInputStreamReader(
26. http.getInputStream()));
27. } else
28. in = newBufferedReader(newInputStreamReader(
29. http.getErrorStream()));
30. result = in.readLine();
31. Log.i("result", result);
32. in.close();
33. http.disconnect();
https或http的get请求写好了,哦中间涉及到了一个getCookie的方法,如下:
1.
2. privatestaticvoidgetCookie(HttpURLConnection http) {
3. String cookieVal = null;
4. String key = null;
5. DataDefine.mCookieStore = "";
6. for(inti = 1; (key = http.getHeaderFieldKey(i)) != null; i++) {
7. if(key.equalsIgnoreCase("set-cookie")) {
8. cookieVal = http.getHeaderField(i);
9. cookieVal = cookieVal.substring(0, cookieVal.indexOf(";"));
10. DataDefine.mCookieStore = DataDefine.mCookieStore + cookieVal
11. + ";";
12. }
13. }
14. }
public static Query HttpQueryReturnClass(String httpUrl, String base64) {
1. String result = "";
2. Log.i("控制", httpUrl);
3. Query obj = newQuery();
4. HttpURLConnection http = null;
5. URL url;
6. try{
7. url = newURL(httpUrl);
8. // 判断是http请求还是https请求
9. if(url.getProtocol().toLowerCase().equals("https")) {
10. trustAllHosts();
11. http = (HttpsURLConnection) url.openConnection();
12. ((HttpsURLConnection) http).setHostnameVerifier(DO_NOT_VERIFY);// 不进行主机名确认
13. } else{
14. http = (HttpURLConnection) url.openConnection();
15. }
16. http.setConnectTimeout(10000);// 设置超时时间
17. http.setReadTimeout(50000);
18. http.setRequestMethod("POST");// 设置请求类型为post
19. http.setDoInput(true);
20. http.setDoOutput(true);
21. http.setRequestProperty("Content-Type", "text/xml");
22. http.setRequestProperty("Cookie", DataDefine.mCookieStore);
23. DataOutputStream out = newDataOutputStream(http.getOutputStream());
24. out.writeBytes(base64);
25. out.flush();
26. out.close();
27. obj.setHttpStatus(http.getResponseCode());// 设置http返回状态200还是403
28. BufferedReader in = null;
29. if(obj.getHttpStatus() == 200) {
30. getCookie(http);
31. in = newBufferedReader(newInputStreamReader(
32. http.getInputStream()));
33. } else
34. in = newBufferedReader(newInputStreamReader(
35. http.getErrorStream()));
36. result = in.readLine();// 得到返回结果
37. in.close();
38. http.disconnect();
39. } catch(Exception e) {
40. // TODO Auto-generated catch block
41. e.printStackTrace();
42. }
这里面的base64是我经过base64加密过以后的数据