Handshake failed (Android 5 and 6) #187
Comments
myroniak commented Jul 3, 2019 •
I have a code with connection to wss server and I caught the error with Handshake:
SSLContext context = NaiveSSLContext.getInstance(«TLS»);
new WebSocketFactory()
.setSSLContext(context)
.setVerifyHostname(false)
.setConnectionTimeout(5000)
.createSocket(BuildConfig.SOCKETURL)
.addListener(webSocketListener)
.addExtension(WebSocketExtension.PERMESSAGE_DEFLATE)
.connect();
07-03 21:53:00.486 5258-5258/com.blockchain.edcwallet W/System.err: com.neovisionaries.ws.client.WebSocketException: Failed to get the input stream of the raw socket: Handshake failed
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.neovisionaries.ws.client.WebSocket.openInputStream(WebSocket.java:3321)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.neovisionaries.ws.client.WebSocket.shakeHands(WebSocket.java:3279)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.neovisionaries.ws.client.WebSocket.connect(WebSocket.java:2326)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.blockchain.edcwallet.data.network.service.socket.EventServiceImpl.connectWS(EventServiceImpl.java:91)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.blockchain.edcwallet.data.network.service.socket.EventServiceImpl.connect(EventServiceImpl.java:37)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.blockchain.edcwallet.util.AppLifeCycleObserver.onEnterForeground(AppLifeCycleObserver.java:33)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at java.lang.reflect.Method.invoke(Native Method)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at java.lang.reflect.Method.invoke(Method.java:372)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ClassesInfoCache$MethodReference.invokeCallback(ClassesInfoCache.java:215)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ClassesInfoCache$CallbackInfo.invokeMethodsForEvent(ClassesInfoCache.java:193)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ClassesInfoCache$CallbackInfo.invokeCallbacks(ClassesInfoCache.java:184)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ReflectiveGenericLifecycleObserver.onStateChanged(ReflectiveGenericLifecycleObserver.java:36)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.LifecycleRegistry$ObserverWithState.dispatchEvent(LifecycleRegistry.java:355)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.LifecycleRegistry.forwardPass(LifecycleRegistry.java:293)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.LifecycleRegistry.sync(LifecycleRegistry.java:333)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.LifecycleRegistry.moveToState(LifecycleRegistry.java:138)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.LifecycleRegistry.handleLifecycleEvent(LifecycleRegistry.java:124)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ProcessLifecycleOwner.activityStarted(ProcessLifecycleOwner.java:108)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ProcessLifecycleOwner$2.onStart(ProcessLifecycleOwner.java:80)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ReportFragment.dispatchStart(ReportFragment.java:61)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at androidx.lifecycle.ReportFragment.onStart(ReportFragment.java:81)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.Fragment.performStart(Fragment.java:2077)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:922)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1067)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1049)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.FragmentManagerImpl.dispatchStart(FragmentManager.java:1874)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.Activity.performStart(Activity.java:5959)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2261)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2360)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.ActivityThread.access$800(ActivityThread.java:144)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1278)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.os.Handler.dispatchMessage(Handler.java:102)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.os.Looper.loop(Looper.java:135)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at android.app.ActivityThread.main(ActivityThread.java:5221)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at java.lang.reflect.Method.invoke(Native Method)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at java.lang.reflect.Method.invoke(Method.java:372)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: Caused by: javax.net.ssl.SSLHandshakeException: Handshake failed
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.waitForHandshake(OpenSSLSocketImpl.java:598)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.getInputStream(OpenSSLSocketImpl.java:560)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.neovisionaries.ws.client.WebSocket.openInputStream(WebSocket.java:3314)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: . 37 more
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7f62ea28ab80: Failure in SSL library, usually a protocol error
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:765 0x7f62e1998e90:0x00000000)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:302)
07-03 21:53:00.487 5258-5258/com.blockchain.edcwallet W/System.err: . 40 more
The text was updated successfully, but these errors were encountered:
Источник
Ошибка SSL с Android
У меня очень специфическая проблема с SSL на моем Android. Если я попытаюсь посетить определенный веб-сайт с помощью кода, я получаю следующую ошибку:
Я получаю это независимо от сборки … Я пробовал это на уровнях API 1.5, 1.6, 2.2 и 4.0 и получал одинаковый результат каждый раз.
После некоторого устранения неполадок я попытался посетить веб-сайт через браузер, и я получил следующую ошибку:
Вот что, хотя … веб-сайт отлично открывается в браузерах Windows (проверен на Firefox, IE и Chrome). Он также отлично работает на устройствах iOS, которые используют тот же веб-кит, что и Android, что странно. Веб-сайт также работает без проблем в браузере Opera Mini.
Я пробовал обходные пути, добавляя сертификат клиента в хранилище ключей и игнорируя недействительные клиентские сертификаты без каких-либо результатов. Однако, похоже, что сам сертификат не является проблемой.
Я в тупике. Может ли кто-нибудь дать какие-либо указания относительно того, как я могу заставить это работать?
Как вы получаете доступ к этому сайту? Через браузер Android? WebView? Или HttpClient / HTTPSURLConnection? Кажется, он реагирует только на SSL3, вам нужно заставить его использовать его.
Я нашел решение (спасибо Николаю за то, что указал мне в правильном направлении).
Проблема была в два раза … одна, она возвращала сертификат сайта, который Android не понравился, и два, он имел только SSLv3 (а не TLS).
Вот мое решение. Сначала мне пришлось создать пользовательский класс фабрики сокетов:
Во-вторых, у меня был этот пользовательский HttpClient, определенный в моем коде:
В-третьих, я назвал пользовательский HttpClient и проанализировал результаты:
Используйте это и вызывайте этот метод HttpsTrustManager.allowAllSSL ()
Это решает проблему и ее работу для меня.
Открытый класс HttpsTrustManager реализует X509TrustManager <
Источник
SSL Handshake failure in Android 10 #718
Comments
nildeka commented Sep 13, 2019
Android 10 throws exception in SSL Handshaking both in emulators and Pixel devices. The same code works for Android 9 and before.
Steps to reproduce:
Create a Private Public Key Pair.
KeyPairGenerator kpg = KeyPairGenerator.getInstance(
KeyProperties.KEY_ALGORITHM_RSA);
Send public key to server and receives client certiricates, and store it in Android Keystore. As well as store Root Server certificate.
Using Trustmananger to create SSLContext
Start handshake with server:
String server = «185.58.87.115»;
SSLSocketFactory ssf = sslContext.getSocketFactory();
The handshake failed with below exception:
`W/CryptoUpcalls: Preferred provider doesn’t support key:
java.security.InvalidKeyException: Keystore operation failed
at android.security.KeyStore.getInvalidKeyException(KeyStore.java:1362)
at android.security.KeyStore.getInvalidKeyException(KeyStore.java:1402)
at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:265)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:109)
at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2984)
at javax.crypto.Cipher.tryCombinations(Cipher.java:2891)
at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2796)
at javax.crypto.Cipher.chooseProvider(Cipher.java:773)
at javax.crypto.Cipher.init(Cipher.java:1143)
at javax.crypto.Cipher.init(Cipher.java:1084)
at com.android.org.conscrypt.CryptoUpcalls.rsaOpWithPrivateKey(CryptoUpcalls.java:173)
at com.android.org.conscrypt.CryptoUpcalls.rsaSignDigestWithPrivateKey(CryptoUpcalls.java:132)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:387)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:226)
at asynctls.mimecast.com.asynctlsapp.MainActivity$1.run(MainActivity.java:352)
at java.lang.Thread.run(Thread.java:919)
Caused by: android.security.KeyStoreException: Incompatible padding mode
at android.security.KeyStore.getKeyStoreException(KeyStore.java:1292)
at android.security.KeyStore.getInvalidKeyException(KeyStore.java:1402)
at android.security.keystore.KeyStoreCryptoOperationUtils.getInvalidKeyExceptionForInit(KeyStoreCryptoOperationUtils.java:54)
at android.security.keystore.KeyStoreCryptoOperationUtils.getExceptionForCipherInit(KeyStoreCryptoOperationUtils.java:89)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.ensureKeystoreOperationInitialized(AndroidKeyStoreCipherSpiBase.java:265)
at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineInit(AndroidKeyStoreCipherSpiBase.java:109)
at javax.crypto.Cipher.tryTransformWithProvider(Cipher.java:2984)
at javax.crypto.Cipher.tryCombinations(Cipher.java:2891)
at javax.crypto.Cipher$SpiAndProviderUpdater.updateAndGetSpiAndProvider(Cipher.java:2796)
at javax.crypto.Cipher.chooseProvider(Cipher.java:773)
at javax.crypto.Cipher.init(Cipher.java:1143)
at javax.crypto.Cipher.init(Cipher.java:1084)
at com.android.org.conscrypt.CryptoUpcalls.rsaOpWithPrivateKey(CryptoUpcalls.java:173)
at com.android.org.conscrypt.CryptoUpcalls.rsaSignDigestWithPrivateKey(CryptoUpcalls.java:132)
at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:387)
at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:226)
at asynctls.mimecast.com.asynctlsapp.MainActivity$1.run(MainActivity.java:352)
at java.lang.Thread.run(Thread.java:919)
W/CryptoUpcalls: Could not find provider for algorithm: RSA/ECB/NoPadding
W/System.err: javax.net.ssl.SSLHandshakeException: Handshake failed
W/System.err: at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:288)
W/System.err: at asynctls.mimecast.com.asynctlsapp.MainActivity$1.run(MainActivity.java:351)
W/System.err: at java.lang.Thread.run(Thread.java:919)
W/System.err: Caused by: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x7dbcec0850c8: Failure in SSL library, usually a protocol error
W/System.err: error:04000044:RSA routines:OPENSSL_internal:internal error (external/conscrypt/common/src/jni/main/cpp/conscrypt/native_crypto.cc:740 0x7dbce6155e73:0x00000000)
W/System.err: at com.android.org.conscrypt.NativeCrypto.SSL_do_handshake(Native Method)
W/System.err: at com.android.org.conscrypt.NativeSsl.doHandshake(NativeSsl.java:387)
W/System.err: at com.android.org.conscrypt.ConscryptFileDescriptorSocket.startHandshake(ConscryptFileDescriptorSocket.java:226)
W/System.err: . 2 more`
The app works fine with Pre Android 10 phone.
Could you please look, this will block our app’s functionality completely.
The text was updated successfully, but these errors were encountered:
Источник