Google TV配对协议 – 使用Go(golang)时的SSL握手错误

huangapple go评论85阅读模式
英文:

Google TV Pairing Protocol -- SSL Handshake Error with Go (golang)

问题

我正在为Google TV配对协议编写一个Go包。但是我似乎在TLS握手过程中遇到了问题。

sock, err := tls.Dial("tcp", "10.8.0.1:9552", &tls.Config{InsecureSkipVerify: true})

这一行给我返回了一个握手错误。确切的错误信息是:remote error: handshake failure。如果我尝试使用curl访问相同的主机/端口,它也会返回curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure。

有什么想法吗?Google TV是否期望客户端证书?我在任何地方都没有看到需要客户端证书的参考。

如果有人想帮助解决问题,这是代码:
https://github.com/dustywilson/go-polo

README文件中有简单的代码供您查看。您需要知道您的Google TV盒子的IP地址,因为这不使用mDNS。如果您(某人,任何人)运行此代码并得到不同的结果,请告诉我。

我已经查看了google-tv-remote上的Google TV遥控器代码。更有用的是google-tv-pairing-protocol,它是我正在做的Java/Android项目的等效项目。当然,我已经仔细研究了那些代码。我认为问题要么是Go本身的问题(不太可能),要么是Go TLS包不知道如何读取Google TV的证书(我知道这是一年前的问题),要么是我的代码有问题(通常最有可能,但我就是看不出来)。

顺便说一下,我正在Logitech Revue上进行测试,它有一个自签名的SSL证书。它没有被root或以任何方式修改。

我的最终代码将是开源的。感谢您的帮助。

英文:

I'm writing a Go package for the Google TV Pairing Protocol. But I seem to be hitting a problem with the TLS handshake.

sock, err := tls.Dial("tcp", "10.8.0.1:9552", &tls.Config{InsecureSkipVerify: true})

That line gives me a handshake error. The exact error message is: remote error: handshake failure. If I try the same host/port via curl, it gives curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure as well.

Any ideas? Is the Google TV expecting a client cert maybe? I haven't seen any references to the need for a client cert anywhere.

If anyone wants to help figure it out, here's the code:
https://github.com/dustywilson/go-polo

The README file has the easy code to check it out. You will have to know the IP address for your Google TV box since this doesn't use mDNS. If you (someone, anyone) run this and you get different results, let me know.

I've already gone through the Google TV Remote code at google-tv-remote. A more useful one is google-tv-pairing-protocol which is the equivalent Java/Android project to what I'm doing. Of course I've already poured over that code. I think it's a problem either with Go itself (unlikely), a problem with the Go TLS package not knowing how to read the Google TV's certificate (I know it was a problem a year ago), or a problem with my code (typically would be most likely, but I'm just not seeing it).

By the way, I'm testing this on a Logitech Revue and it has a self-signed SSL certificate. It's not rooted or modified in any way.

My resulting code will be open source, of course. Thanks for the assistance.

答案1

得分: 2

客户端证书是由Java远程客户端在运行时生成并存储以供将来使用。请查看以下代码:

http://code.google.com/p/google-tv-remote/source/browse/src/com/google/android/apps/tvremote/KeyStoreManager.java

您可能遇到了无效的证书。根据代码,您需要一个特定的CN。

/* 返回应在新证书中使用的名称。

  • 格式为:“CN=anymote/PRODUCT/DEVICE/MODEL/unique identifier” */
英文:

Client certs are generated by the Java remote client at runtime, and stored for future use. Check out the code at:

http://code.google.com/p/google-tv-remote/source/browse/src/com/google/android/apps/tvremote/KeyStoreManager.java

You might be running into an invalid cert. According to the code, you need a specific CN.

/* Returns the name that should be used in a new certificate.

  • The format is: "CN=anymote/PRODUCT/DEVICE/MODEL/unique identifier"
    */

huangapple
  • 本文由 发表于 2011年12月5日 13:56:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/8381522.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定