HarmonyOS鸿蒙Next中构建服务端证书校验示例代码
HarmonyOS鸿蒙Next中构建服务端证书校验示例代码
介绍
该示例是一个连接网络的Demo,通过socket获取远端证书,在网络通信中,利用套接字(socket)技术来获取与之建立连接的远端服务器的数字证书。
效果预览
使用说明
打开应用后,点击“点击连接”按钮,获取与之建立连接的远端服务器的数字证书,在后台打印数据。
实现思路
- 获取本地ip
function getLocalIp() {
const ipInfo = wifiManager.getIpInfo();
const localIp = int2ip(ipInfo.ipAddress);
hilog.info(0x0000, tag, 'ipInfo : ' + JSON.stringify(ipInfo));
hilog.info(0x0000, tag, 'localHost : ' + localIp);
return localIp;
}- 首先通过bind方法获取TLSSocket连接的对端地址,然后使用connect方法通过TLSSocket连接发送数据,最后使用getRemoteCertificate方法返回表示对等证书的对象。
tlsSocket.bind({ address: localIp, family: 1, port: 0 })
.then(() => {
hilog.info(0x0000, tag, 'tlsSocket bind success');
tlsSocket.connect(tlsConnectOptions)
.then(() => {
hilog.info(0x0000, tag, 'tlsSocket connect success');
tlsSocket.getRemoteCertificate((err: BusinessError, data: socket.X509CertRawData) => {
...
});
})
...
})更多关于HarmonyOS鸿蒙Next中构建服务端证书校验示例代码的实战系列教程也可以访问 https://www.itying.com/category-93-b0.html
2 回复
在HarmonyOS鸿蒙Next中,构建服务端证书校验的示例代码主要涉及使用http模块进行HTTPS请求,并对服务端返回的证书进行校验。以下是一个简单的示例代码:
import http from '@ohos.net.http';
import { BusinessError } from '@ohos.base';
let httpRequest = http.createHttp();
let options: http.HttpRequestOptions = {
method: http.RequestMethod.GET,
url: 'https://example.com',
extraData: 'extra data',
expectDataType: http.HttpDataType.STRING,
usingCache: true,
priority: 1,
header: {
'Content-Type': 'application/json'
},
readTimeout: 60000,
connectTimeout: 60000,
usingProtocol: http.HttpProtocol.HTTPS,
usingProxy: false,
caPath: '/path/to/ca.crt' // 配置CA证书路径
};
httpRequest.request(options, (err: BusinessError, data: http.HttpResponse) => {
if (err) {
console.error(`Request failed, code is ${err.code}, message is ${err.message}`);
return;
}
if (data.responseCode === http.ResponseCode.OK) {
console.info('Request successful, data is ' + data.result);
} else {
console.error(`Request failed, response code is ${data.responseCode}`);
}
});在这个示例中,caPath参数指定了用于校验服务端证书的CA证书路径。通过配置caPath,可以确保客户端只接受由该CA签发的证书,从而增强通信的安全性。
更多关于HarmonyOS鸿蒙Next中构建服务端证书校验示例代码的实战系列教程也可以访问 https://www.itying.com/category-93-b0.html
在HarmonyOS鸿蒙Next中,构建服务端证书校验的示例代码如下:
import ohos.net.NetHandle;
import ohos.net.http.HttpClient;
import ohos.net.http.Request;
import ohos.net.http.Response;
import ohos.security.cert.Certificate;
import ohos.security.cert.CertificateFactory;
import java.io.InputStream;
import java.security.cert.X509Certificate;
public class ServerCertificateValidation {
public static void main(String[] args) {
try {
// 加载证书
InputStream certStream = getContext().getResourceManager().getRawFileEntry("res/raw/server_cert.cer").open();
CertificateFactory factory = CertificateFactory.getInstance("X.509");
X509Certificate serverCert = (X509Certificate) factory.generateCertificate(certStream);
// 创建HTTP客户端
HttpClient client = new HttpClient(new NetHandle());
// 设置证书校验
client.setHostnameVerifier((hostname, session) -> {
X509Certificate cert = (X509Certificate) session.getPeerCertificates()[0];
return cert.getSubjectX500Principal().equals(serverCert.getSubjectX500Principal());
});
// 发送请求
Request request = new Request.Builder().url("https://example.com").build();
Response response = client.newCall(request).execute();
System.out.println("Response Code: " + response.getCode());
} catch (Exception e) {
e.printStackTrace();
}
}
}此代码展示了如何在HarmonyOS中加载服务端证书并进行校验。
