Created
February 19, 2013 08:36
-
-
Save jorgevila/4984072 to your computer and use it in GitHub Desktop.
Android ssl 2 way
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.io.BufferedReader; | |
| import java.io.InputStream; | |
| import java.io.InputStreamReader; | |
| import java.security.KeyStore; | |
| import javax.net.ssl.KeyManagerFactory; | |
| import javax.net.ssl.TrustManagerFactory; | |
| import org.apache.http.HttpEntity; | |
| import org.apache.http.HttpResponse; | |
| import org.apache.http.HttpVersion; | |
| import org.apache.http.client.methods.HttpGet; | |
| import org.apache.http.client.params.HttpClientParams; | |
| import org.apache.http.conn.ClientConnectionManager; | |
| import org.apache.http.conn.params.ConnManagerParams; | |
| import org.apache.http.conn.params.ConnPerRoute; | |
| import org.apache.http.conn.params.ConnPerRouteBean; | |
| import org.apache.http.conn.scheme.PlainSocketFactory; | |
| import org.apache.http.conn.scheme.Scheme; | |
| import org.apache.http.conn.scheme.SchemeRegistry; | |
| import org.apache.http.conn.ssl.SSLSocketFactory; | |
| import org.apache.http.impl.client.DefaultHttpClient; | |
| import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager; | |
| import org.apache.http.params.BasicHttpParams; | |
| import org.apache.http.params.HttpConnectionParams; | |
| import org.apache.http.params.HttpParams; | |
| import org.apache.http.params.HttpProtocolParams; | |
| import android.app.Activity; | |
| import android.os.Bundle; | |
| //Android supports certificates in the BKS format. Use portecle to convert your certificates to .bks. | |
| // | |
| //You need 2 files in your /res/raw folder: | |
| // | |
| //truststore.bks - trust certificate for the server (converted from .cer file) | |
| // | |
| //client.bks - the client certificate (converted from a .p12 file that contains the client certificate and the client key) | |
| //http://stackoverflow.com/questions/8311295/how-to-use-p12-certificates-in-android-client-certificates | |
| //http://stackoverflow.com/questions/4064810/using-client-server-certificates-for-two-way-authentication-ssl-socket-on-androi | |
| public class SslTestActivity extends Activity { | |
| /** Called when the activity is first created. */ | |
| @Override | |
| public void onCreate(Bundle savedInstanceState) { | |
| super.onCreate(savedInstanceState); | |
| setContentView(R.layout.main); | |
| try { | |
| // setup truststore to provide trust for the server certificate | |
| // load truststore certificate | |
| InputStream clientTruststoreIs = getResources().openRawResource(R.raw.truststore); | |
| KeyStore trustStore = null; | |
| trustStore = KeyStore.getInstance("BKS"); | |
| trustStore.load(clientTruststoreIs, "MyPassword".toCharArray()); | |
| System.out.println("Loaded server certificates: " + trustStore.size()); | |
| // initialize trust manager factory with the read truststore | |
| TrustManagerFactory trustManagerFactory = null; | |
| trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); | |
| trustManagerFactory.init(trustStore); | |
| // setup client certificate | |
| // load client certificate | |
| InputStream keyStoreStream = getResources().openRawResource(R.raw.client); | |
| KeyStore keyStore = null; | |
| keyStore = KeyStore.getInstance("BKS"); | |
| keyStore.load(keyStoreStream, "MyPassword".toCharArray()); | |
| System.out.println("Loaded client certificates: " + keyStore.size()); | |
| // initialize key manager factory with the read client certificate | |
| KeyManagerFactory keyManagerFactory = null; | |
| keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); | |
| keyManagerFactory.init(keyStore, "MyPassword".toCharArray()); | |
| // initialize SSLSocketFactory to use the certificates | |
| SSLSocketFactory socketFactory = null; | |
| socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "MyTestPassword2010", | |
| trustStore, null, null); | |
| // Set basic data | |
| HttpParams params = new BasicHttpParams(); | |
| HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); | |
| HttpProtocolParams.setContentCharset(params, "UTF-8"); | |
| HttpProtocolParams.setUseExpectContinue(params, true); | |
| HttpProtocolParams.setUserAgent(params, "Android app/1.0.0"); | |
| // Make pool | |
| ConnPerRoute connPerRoute = new ConnPerRouteBean(12); | |
| ConnManagerParams.setMaxConnectionsPerRoute(params, connPerRoute); | |
| ConnManagerParams.setMaxTotalConnections(params, 20); | |
| // Set timeout | |
| HttpConnectionParams.setStaleCheckingEnabled(params, false); | |
| HttpConnectionParams.setConnectionTimeout(params, 20 * 1000); | |
| HttpConnectionParams.setSoTimeout(params, 20 * 1000); | |
| HttpConnectionParams.setSocketBufferSize(params, 8192); | |
| // Some client params | |
| HttpClientParams.setRedirecting(params, false); | |
| // Register http/s shemas! | |
| SchemeRegistry schReg = new SchemeRegistry(); | |
| schReg.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); | |
| schReg.register(new Scheme("https", socketFactory, 443)); | |
| ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schReg); | |
| DefaultHttpClient sClient = new DefaultHttpClient(conMgr, params); | |
| HttpGet httpGet = new HttpGet("https://server/path/service.wsdl"); | |
| HttpResponse response = sClient.execute(httpGet); | |
| HttpEntity httpEntity = response.getEntity(); | |
| InputStream is = httpEntity.getContent(); | |
| BufferedReader read = new BufferedReader(new InputStreamReader(is)); | |
| String query = null; | |
| while ((query = read.readLine()) != null) | |
| System.out.println(query); | |
| } catch (Exception e) { | |
| e.printStackTrace(); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment