`
810364804
  • 浏览: 773577 次
文章分类
社区版块
存档分类
最新评论

webview的自定义SSL认证配置(p12证书)

 
阅读更多

因为网页中要用到自定义SSL证书,而且密钥是 xxx.p12,

我们是将密钥转化为byte[]的形式传进来的,传入密码,这样来处理SSL

关键在onReceivedClientCertRequest这个方法,要用到隐藏类,因此得用编译android出来的class.jar,不然识别不了该隐藏类

所以自定义WebViewClient如下:

import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;

import android.content.Context;
import android.net.http.SslError;
import android.webkit.ClientCertRequestHandler;
import android.webkit.SslErrorHandler;
import android.webkit.WebView;
import android.webkit.WebViewClient;

public class SSLWebViewClient extends WebViewClient{
	private X509Certificate[] certificatesChain;  
    private PrivateKey clientCertPrivateKey;
    
    byte[] certfile_p12;
    private String certfile_password = "";
    
	public SSLWebViewClient(Context context, byte[] cert, String pass) throws Exception {
		super();
		
		certfile_password = pass;
		certfile_p12 = cert;
		
		initPrivateKeyAndX509Certificate();
	}  
    
	private void initPrivateKeyAndX509Certificate() throws Exception {  
        KeyStore keyStore;  
		keyStore = KeyStore.getInstance("PKCS12");  
		keyStore.load(DataTools.byteTOInputStream(certfile_p12), certfile_password.toCharArray());  
	    Enumeration<?> localEnumeration;  
	    localEnumeration = keyStore.aliases();  
	    while (localEnumeration.hasMoreElements()) {  
            String str3 = (String) localEnumeration.nextElement();  
            clientCertPrivateKey = (PrivateKey) keyStore.getKey(str3, certfile_password.toCharArray());  
            if (clientCertPrivateKey == null) {  
                continue;  
            } else {  
                Certificate[] arrayOfCertificate = keyStore.getCertificateChain(str3);  
                certificatesChain = new X509Certificate[arrayOfCertificate.length];  
                for (int j = 0; j < certificatesChain.length; j++) {  
                	certificatesChain[j] = ((X509Certificate) arrayOfCertificate[j]);  
                }  
            }  
        }  
	    
    }
	
	public void onReceivedClientCertRequest(WebView view,  
            ClientCertRequestHandler handler, String host_and_port) {  
        if((null != clientCertPrivateKey) && ((null!=certificatesChain) && (certificatesChain.length !=0))){  
            handler.proceed(this.clientCertPrivateKey, this.certificatesChain);   
        }else{  
            handler.cancel();  
        }         
    }  
          
	@Override
	public boolean shouldOverrideUrlLoading(WebView view, String url) {
		view.loadUrl(url);
		return true;
	}
	
    @Override  
    public void onReceivedSslError(final WebView view, SslErrorHandler handler,  
            SslError error) {         
        handler.proceed();    
    } 
}

其中用到转换工具类,如下:

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;

public class DataTools {
	  final static int BUFFER_SIZE = 4096;  
      
	    /**  
	     * 将InputStream转换成String  
	     * @param in InputStream  
	     * @return String  
	     * @throws Exception  
	     *   
	     */  
	    public static String InputStreamTOString(InputStream in) throws Exception{  
	          
	        ByteArrayOutputStream outStream = new ByteArrayOutputStream();  
	        byte[] data = new byte[BUFFER_SIZE];  
	        int count = -1;  
	        while((count = in.read(data,0,BUFFER_SIZE)) != -1)  
	            outStream.write(data, 0, count);  
	          
	        data = null;  
	        return new String(outStream.toByteArray(),"ISO-8859-1");  
	    }  
	      
	    /**  
	     * 将InputStream转换成某种字符编码的String  
	     * @param in  
	     * @param encoding  
	     * @return  
	     * @throws Exception  
	     */  
	         public static String InputStreamTOString(InputStream in,String encoding) throws Exception{  
	          
	        ByteArrayOutputStream outStream = new ByteArrayOutputStream();  
	        byte[] data = new byte[BUFFER_SIZE];  
	        int count = -1;  
	        while((count = in.read(data,0,BUFFER_SIZE)) != -1)  
	            outStream.write(data, 0, count);  
	          
	        data = null;  
	        return new String(outStream.toByteArray(),"ISO-8859-1");  
	    }  
	      
	    /**  
	     * 将String转换成InputStream  
	     * @param in  
	     * @return  
	     * @throws Exception  
	     */  
	    public static InputStream StringTOInputStream(String in) throws Exception{  
	          
	        ByteArrayInputStream is = new ByteArrayInputStream(in.getBytes("ISO-8859-1"));  
	        return is;  
	    }  
	      
	    /**  
	     * 将InputStream转换成byte数组  
	     * @param in InputStream  
	     * @return byte[]  
	     * @throws IOException  
	     */  
	    public static byte[] InputStreamTOByte(InputStream in) throws IOException{  
	          
	        ByteArrayOutputStream outStream = new ByteArrayOutputStream();  
	        byte[] data = new byte[BUFFER_SIZE];  
	        int count = -1;  
	        while((count = in.read(data,0,BUFFER_SIZE)) != -1)  
	            outStream.write(data, 0, count);  
	          
	        data = null;  
	        return outStream.toByteArray();  
	    }  
	      
	    /**  
	     * 将byte数组转换成InputStream  
	     * @param in  
	     * @return  
	     * @throws Exception  
	     */  
	    public static InputStream byteTOInputStream(byte[] in) throws Exception{  
	          
	        ByteArrayInputStream is = new ByteArrayInputStream(in);  
	        return is;  
	    }  
	      
	    /**  
	     * 将byte数组转换成String  
	     * @param in  
	     * @return  
	     * @throws Exception  
	     */  
	    public static String byteTOString(byte[] in) throws Exception{  
	          
	        InputStream is = byteTOInputStream(in);  
	        return InputStreamTOString(is);  
	    }  

}

需要用到android便宜出来的class的jar包,已经编译好的放在raw文件夹里,目录结构如下:



编译出来的 sslwebviewclient.jar 就可以在你的项目中使用了。


使用方法如下:

WebView browser = (WebView)findViewById(R.id.id_browser);
try {
	browser.setWebViewClient(new SSLWebViewClient(this, AndroidNaviAPP.getInstance().getPfx(), AndroidNaviAPP.getInstance().getPass()));
} catch (Exception e) {
	//异常处理
}

这样就可以正常打开,自定义密钥的SSL网页了

可能用到的资源文件(包含编译的class.jar 和 我本地生成好的sslwebviewclient.jar,可以直接用,最好自己编):

http://download.csdn.net/detail/zoeice/6485653



分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics