2013年5月13日 星期一

android 驗證憑證

此摘錄文出自http://www.eoeandroid.com/thread-197276-1-1.html,由於找的太辛苦,所以複製一份。
android中進行https連接方法
如果是忽略憑證的做法
public class Demo extends Activity {
    /** Called when the activity is first created. */
    private TextView text;
    
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
        text = (TextView)findViewById(R.id.text);
        GetHttps();
    }
        
    private void GetHttps(){
        String https = " https://800wen.com/";
        try{
            SSLContext sc = SSLContext.getInstance("TLS");
            sc.init(null, new TrustManager[]{new MyTrustManager()}, new SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
            HttpsURLConnection.setDefaultHostnameVerifier(new MyHostnameVerifier());
            HttpsURLConnection conn = (HttpsURLConnection)new URL(https).openConnection();
            conn.setDoOutput(true);
            conn.setDoInput(true);
            conn.connect();
                        
            BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); 
            StringBuffer sb = new StringBuffer(); 
            String line; 
            while ((line = br.readLine()) != null) 
                sb.append(line); 
                        
            text.setText(sb.toString());
                        
        }catch(Exception e){
            Log.e(this.getClass().getName(), e.getMessage());
        }
    }
        
    private class MyHostnameVerifier implements HostnameVerifier{

        @Override
        public boolean verify(String hostname, SSLSession session) {
            // TODO Auto-generated method stub
            return true;
        }
    }
        
    private class MyTrustManager implements X509TrustManager{

        @Override
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            // TODO Auto-generated method stub
        }

        @Override
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            // TODO Auto-generated method stub
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            // TODO Auto-generated method stub
            return null;
        }        
    }  
}



需要驗證憑證
AssetManager am = context.getAssets();
InputStream ins = am.open("robusoft.cer");
try {
 //讀取證書
 CertificateFactory cerFactory = CertificateFactory.getInstance("X.509");  //問題1
 Certificate cer = cerFactory.generateCertificate(ins);
 //創建一個證書庫,並將證書導入證書庫
 KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");   //問題2
 keyStore.load(null, null);
 keyStore.setCertificateEntry("trust", cer);
 return keyStore;
} finally {
 ins.close();
}
//把證書庫作為信任的證書庫
SSLSocketFactory socketFactory = new SSLSocketFactory(keystore);
Scheme sch = new Scheme("https", socketFactory, 443);
//完工
HttpClient mHttpClient = new DefaultHttpClient();
mHttpClient.getConnectionManager().getSchemeRegistry().register(sch);

问1:这里用"PKCS12"不行
答1:PKCS12和JKS是keystore的type,不是Certificate的type,所以X.509不能用PKCS12代替

问2:这里用"JKS"不行。

答2:android平台上支持的keystore type好像只有PKCS12,不支持JKS,所以不能用JKS代替在PKCS12,不过在windows平台上是可以代替的


=================================
對我來說有用的方法
http://www.eoeandroid.com/thread-161747-1-1.html

2013年4月8日 星期一

一條網址連到不同資料夾目錄

在XAMPP中
今天我有一個domain(www.test.com)
下面有兩個資料夾Login和Upload
其中www.test.com連進來的時候會進入Login/index.php
但是我想進入www.test.com/Upload的時候該怎麼做呢?

到C:\xampp\apache\conf\extra\httpd-vhost.conf 加入以下這段(但需要修改成自己的)


<VirtualHost www.test.com:80>
    ServerAdmin postmaster@dummy-host.localhost
    DocumentRoot "C:/xampp/htdocs/Login"
    ServerName www.test.com
    ServerAlias www.test.com
    ErrorLog "logs/dummy-host.localhost-error.log"
    CustomLog "logs/dummy-host.localhost-access.log" combined
   
    ##重點靠這個來存取不同的資料夾
    <IfModule alias_module>
        Alias /Upload "C:/xampp/htdocs/Upload"
        <Directory "C:/xampp/htdocs/Upload">
            AllowOverride AuthConfig
            Require all granted
        </Directory>
    </IfModule>
</VirtualHost>

注意:我沒測試過,這是別人的想法,以後有時間再測,有經驗的人可以給建議,謝謝