Android 使用SSLEngine时出现异常
我正在为android手机编写一个自定义服务器来处理https请求。它从监听特定端口开始,一旦建立了连接,它就会与客户端进行握手。以下是代码的摘要:Android 使用SSLEngine时出现异常,android,ssl,jsse,Android,Ssl,Jsse,我正在为android手机编写一个自定义服务器来处理https请求。它从监听特定端口开始,一旦建立了连接,它就会与客户端进行握手。以下是代码的摘要: ServerSocket sock = new ServerSocket(8080); Socketclient client = sock.accept(); doHandshake(client); ... void doHandshake(Socket socket) throws Exception { try {
ServerSocket sock = new ServerSocket(8080);
Socketclient client = sock.accept();
doHandshake(client);
...
void doHandshake(Socket socket) throws Exception {
try {
SSLContext context = SSLContext.getDefault();
SSLEngine engine = context.createSSLEngine();
engine.setUseClientMode(false);
SSLSession session = engine.getSession();
// Create byte buffers to use for holding application data
ByteBuffer myAppData = ByteBuffer.allocate(session.getApplicationBufferSize());
ByteBuffer peerAppData = ByteBuffer.allocate(session.getApplicationBufferSize());
ByteBuffer myNetData = ByteBuffer.allocate(session.getPacketBufferSize());
byte[] peerNetData = new byte[session.getPacketBufferSize()];
// Begin handshake
engine.beginHandshake();
SSLEngineResult.HandshakeStatus hs = engine.getHandshakeStatus();
InputStream inputStream = socket.getInputStream();
OutputStream outputStream = socket.getOutputStream();
int bytesRead;
// Process handshaking message
while (hs != SSLEngineResult.HandshakeStatus.FINISHED &&
hs != SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
switch (hs) {
case NEED_UNWRAP:
// Receive handshaking data from peer
bytesRead = inputStream.read(peerNetData);
if (bytesRead < 0) {
// The channel has reached end-of-stream
}
ByteBuffer peerData = ByteBuffer.wrap(peerNetData, 0, bytesRead);
SSLEngineResult res = engine.unwrap(peerData, peerAppData);
当我将浏览器指向此服务器url=https://localhost:8080 我在引擎上遇到异常。打开包装数据,查看包装数据
javax.net.ssl.SSLProtocolException:ssl握手终止:ssl=0xb8347db8:ssl库中出现故障,通常是协议错误
错误:1408A0C1:SSL例程:SSL3_GET_CLIENT_HELLO:无外部共享密码/openssl/SSL/s3_srvr.c:1394 0xace00e61:0x00000000
我遗漏了什么?你应该扔掉这段代码。如果要使用流,请去掉SSLEngine并使用SSLSocket。SSLEngine用于Socketchannes的非阻塞模式,如果不在混合中添加流,就很难做到这一点 没有共享密码 正确设置SSL引擎时出现问题。一个原因可能是您没有设置任何证书,因此只能使用匿名密码套件。但浏览器不支持这些不安全的密码套件,因此浏览器和服务器之间没有共享密码套件