SSL client authentication

by telematics » Thu, 12 Mar 2009 05:40:52 GMT


Sponsored Links
  am new on SSL programming. The Android app I am developing needs to
open an SSL socket to a secure server which requires the client
authentication. When running on the Emulator and trying to talk to a
Server running on the host PC, the following Android code snippet
always gives me a SocketException at the line, SSLSocket c =
(SSLSocket) f.createSocket(hostName, 8888) :

private void openSslClient(String hostName)
{
try
{
KeyStore keyStore = KeyStore.getInstance
(KeyStore.getDefaultType());
InputStream fis = this.getAssets().open("client.bks");
keyStore.load(fis, "clientjks".toCharArray());

KeyManagerFactory kmf = KeyManagerFactory.getInstance
("X509");

kmf.init(keyStore, "clientkey".toCharArray());

TrustManagerFactory tmf = TrustManagerFactory.getInstance
("X509");

tmf.init(keyStore);

SSLContext sc = SSLContext.getInstance("TLS");
sc.init(kmf.getKeyManagers(), tmf.getTrustManagers(),
new SecureRandom());

SSLSocketFactory f = sc.getSocketFactory();
SSLSocket c = (SSLSocket) f.createSocket(hostName, 8888);
c.startHandshake();
w = new BufferedWriter(new OutputStreamWriter
(c.getOutputStream()));
r = new BufferedReader(new InputStreamReader
(c.getInputStream()));
} catch (Exception e)
{
Log.e(LOG_TAG, "openSslClient failed", e);
}
}

The stack trace looks like below:
03-11 21:24:00.585: ERROR/OSNetworkSystem(1093): unknown socket error
-1
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): openSslClient
failed
03-11 21:24:07.156: ERROR/PatientDataUploader(1093):
java.net.SocketException: unknown error
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
org.apache.harmony.luni.platform.OSNetworkSystem.createSocketImpl
(Native Method)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
org.apache.harmony.luni.platform.OSNetworkSystem.createSocket
(OSNetworkSystem.java:79)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
org.apache.harmony.luni.net.PlainSocketImpl2.create
(PlainSocketImpl2.java:59)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
java.net.Socket.startupSocket(Socket.java:668)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
java.net.Socket.<init>(Socket.java:142)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
javax.net.ssl.SSLSocket.<init>(SSLSocket.java:42)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.<init>
(OpenSSLSocketImpl.java:179)
03-11 21:24:07.156: ERROR/PatientDataUploader(1093): at
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketFactoryImpl.createSocket
(OpenSSLSocketFactoryImpl.java:65)


The server test program I am using is a modified version of
SslReverseEchoer available on Dr. Herong Yang's website. It looks like
below:

public static void main(String[] args) {
if (args.length < 3) {
System.out.println("Usage:");
System.out
.println(" java
SslReverseEchoerRevised ksName ksPass ctPass
ipAddr");



SSL client authentication

by telematics » Thu, 12 Mar 2009 13:59:14 GMT


 ever mind. I figured it out by my own - add the following to the
manifest.

<uses-permission android:name="android.permission.INTERNET" />

On Mar 11, 4:40pm, telematics <hai.huan...@gmail.com> wrote:
--~--~---------~--~----~------------~-------~--~----~


Sponsored Links


Other Threads

1. pendingIntent vs. Intent for Saurabh Sinha

You been asking this for MONTHS!  With MANY emails!!!  And multiple people 
helped you and answered you already.  If you STILL don't know or haven't figure 
it out yet, why don't you just GOOGLE IT?

The examples, difference, manuals and docs are there.  You're just not getting 
it!



----- Original Message ----
From: saurabh sinha <saurso...@gmail.com>
To: android-beginners@googlegroups.com
Sent: Wednesday, September 23, 2009 1:27:05 PM
Subject: [android-beginners] 


can anyone help me what is pendingIntent and its purpose and how it
differ from intent


      

--~--~---------~--~----~------------~-------~--~----~

2. Suggestion for Google team to improve Android Market

Hi,

I think Google wants to promote Software As A Service.

In Android Market, customers can buy an application once, and use it
for an unlimited time.
Good.

I would like you to add a new feature in the buying/selling option :
the possibility to 'rent' the application.

For instance : you can use application 'qwerty' for $0.05 / months.

This would create new kind of Android app. !


An example ?
In my application, I use external demo site to convert TTS into mp3.
Of course I am not allowed to do it.  I should purchase the
service :-)
The quality, and reliability of the sercice is bad.
I think if I could rent the service to online TTS providers (some
solutions works on renting an account & URL) the quality/bandwidth/
reliability could be a lot better.  And I would have a lot more
customers.
I would need to be sure to have a certain amount of money each month
from my customers , to invest in renting myself for the service...

Probably my example could be use for other purpose : Android
developpers could provide cheeaper app. ( $0.05/month would seems
cheaper than $5 one time), and incease their income.
--~--~---------~--~----~------------~-------~--~----~

3. Booting the target with boot.img generated by Android

4. Mobile offline gmail web app on Android does not work for me!

5. Tanya Bluetooth

6. How to call built-in camera application from my app??

7. Using android:configChanges to handle orientation