1

thanks for helping me! First thing first. I tried to use my tablet (Android 7.1.1) connecting to my laptop (java server JDK1.8) via wi-fi by using SSLSocket.

Part 1: I created a new Keystore with keytool comes with the Java SDK.

keytool -genkey -alias projectname -keystore /PATH/project.keystore -validity 365

then generated cert base on the keystore.

keytool -export -alias projectname -keystore /PATH/project.keystore -file /PATH/projectcert.cer

created .BKS file for Android client.

keytool -import -alias projectname -file /PATH/projectcert.cer -keystore /PATH/project.bks -storetype BKS -providerClass org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath /path/bcprov-jdk16-146.jar

now I have 3 files. project.keystore (I simply put this one into Android Raw folder) project.bks (I used portecle tool to switch type "bks" to "JKS" then copy to java server) cprojectcert.cer

Part 2: Android client

public class HTTPSClient{
    ..............
    ..............
    private SSLContext createSSLContext(){
try{
        KeyStore keyStore = KeyStore.getInstance("BKS");
        InputStream in = context.getResources().openRawResource(R.raw.project);
        keyStore.load(in,"password".toCharArray());

        // Create key manager
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunX509");

        keyManagerFactory.init(keyStore, "password".toCharArray());

        KeyManager[] km = keyManagerFactory.getKeyManagers();

        // Create trust manager
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunX509");

        trustManagerFactory.init(keyStore);
        TrustManager[] tm = trustManagerFactory.getTrustManagers();

        // Initialize SSLContext
        SSLContext sslContext = SSLContext.getInstance("TLSv1");
        sslContext.init(km,  tm, null);

        return sslContext;
    } catch (Exception ex){
        ex.printStackTrace();
    }

    return null;
    }
}

Part 3: java server

private SSLContext createSSLContext(){
        try{
            KeyStore keyStore = KeyStore.getInstance("JKS");

            keyStore.load(new FileInputStream("temp"+'/'+"project.jks"),"password".toCharArray());

            // Create key manager
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunX509");

            keyManagerFactory.init(keyStore, "password".toCharArray());
            KeyManager[] km = keyManagerFactory.getKeyManagers();

            // Create trust manager
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunX509");
            trustManagerFactory.init(keyStore);
            TrustManager[] tm = trustManagerFactory.getTrustManagers();

            // Initialize SSLContext
            SSLContext sslContext = SSLContext.getInstance("TLSv1");
            sslContext.init(km,  tm, null);

            return sslContext;
        } catch (Exception ex){
            ex.printStackTrace();
        }

        return null;
    }

error:
W/System.err: java.security.NoSuchAlgorithmException: sunX509 KeyManagerFactory not available

I also changed sunX509 to PKIX on both side. However, I got handshake fail.

Xin Zhang
  • 13
  • 4

1 Answers1

0

I don't know where you got "sunx509" from as a KeyManagerFactory or TrustManagerFactory algorithm. The only one listed for both since at least JDK 1.6 is "PKIX". In any case you should just use

KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm())

and

TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())

I also changed sunX509 to PKIX on both side. However, I got handshake fail.

'Handshake fail' is progress. You got past all this code.

user207421
  • 305,947
  • 44
  • 307
  • 483