成人国产在线小视频_日韩寡妇人妻调教在线播放_色成人www永久在线观看_2018国产精品久久_亚洲欧美高清在线30p_亚洲少妇综合一区_黄色在线播放国产_亚洲另类技巧小说校园_国产主播xx日韩_a级毛片在线免费

資訊專欄INFORMATION COLUMN

SSLSocket

ConardLi / 2170人閱讀

摘要:定義擴(kuò)展并提供使用或協(xié)議的安全套接字。它也是基于正常的流套接字,但是在網(wǎng)絡(luò)傳輸協(xié)議如上添加了安全保護(hù)層。

SSLSocket定義

SSLSocket擴(kuò)展Socket并提供使用SSL或TLS協(xié)議的安全套接字。它也是基于正常的流套接字,但是在網(wǎng)絡(luò)傳輸協(xié)議(如TCP)上添加了安全保護(hù)層。

SSLSocket相關(guān)類
功能描述
SSLContext 該類的實(shí)例表示安全套接字協(xié)議的實(shí)現(xiàn),是SSLSocketFactory、SSLServerSocketFactory和SSLEngine的工廠
SSLSocket 擴(kuò)展自Socket
SSLServerSocket 擴(kuò)展自ServerSocket
SSLSocketFactory 抽象類,擴(kuò)展自SocketFactory,是SSLSocket的工廠
SSLServerSocketFactory 抽象類,擴(kuò)展自ServerSocketFactory,是SSLServerSocket的工廠
KeysStore 密鑰和證書的存儲(chǔ)設(shè)施
KeyManager 接口,Java Secure Socket Extension密鑰管理器
TrustManger 接口,信任管理器
X509TrustedManager TrustManger的子接口,管理X509證書,驗(yàn)證遠(yuǎn)程安全套接字
SSLServerSocket實(shí)現(xiàn)

SSLServerSocket需要證書進(jìn)行安全全驗(yàn)證

使用keytool工具生成一個(gè)名稱為seckey證書
$ keytool -genkey -keystore seckey -keyalg rsa -alias SSL
服務(wù)端編碼
package cn.sh.sslsocket.server;

import javax.net.ssl.*;
import java.io.*;
import java.net.Socket;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
 * @author sh
 */
public class SSLSocketServer {

    public static void main(String[] args) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        //準(zhǔn)備KeyStore相關(guān)信息
        String keyName = "SSL";
        String keyStoreName = "/Users/sh/workspace/netty-demo/src/cn/sh/sslsocket/seckey";
        char[] keyStorePwd = "123456".toCharArray();
        char[] keyPwd = "1234567890".toCharArray();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

        //裝載生成的seckey
        try(InputStream in = new FileInputStream(new File(keyStoreName))) {
            keyStore.load(in, keyStorePwd);
        }

        //初始化KeyManagerFactory
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(keyStore, keyPwd);

        //初始化SSLContext
        SSLContext context = SSLContext.getInstance(keyName);
        context.init(kmf.getKeyManagers(), new TrustManager[]{getX509TrustManger()}, new SecureRandom());

        //監(jiān)聽和接受客戶端連接
        SSLServerSocketFactory factory = context.getServerSocketFactory();
        SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(10002);
        System.out.println("服務(wù)器端已啟動(dòng)!!!");
        //等待客戶端連接
        Socket client = serverSocket.accept();
        System.out.println("客戶端地址:" + client.getRemoteSocketAddress());
        //準(zhǔn)備輸出流,用于向客戶端發(fā)送信息
        OutputStream output = client.getOutputStream();
        //獲取輸入流,用于讀取客戶端發(fā)送的信息
        InputStream in = client.getInputStream();
        byte[] buf = new byte[1024];
        int len;
        if ((len = in.read(buf)) != -1) {
            output.write(buf, 0, len);
        }
        //沖刷數(shù)據(jù)
        output.flush();
        //關(guān)閉輸入輸出流
        output.close();
        in.close();
        serverSocket.close();
    }


    public static X509TrustManager getX509TrustManger() {
        return new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

            }

            @Override
            public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }

}
客戶端實(shí)現(xiàn) 普通Socket連接服務(wù)器 實(shí)現(xiàn)
package cn.sh.sslsocket.client;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;

/**
 * @author sh
 */
public class SocketClient {

    public static void main(String[] args) throws IOException {
        Socket socket = new Socket("localhost", 10002);
        OutputStream output = socket.getOutputStream();
        InputStream input = socket.getInputStream();
        output.write("I am SocketClient".getBytes());
        output.flush();
        byte[] buf = new byte[1024];
        int len;
        StringBuilder builder = new StringBuilder();
        while ((len = input.read(buf)) != -1) {
            builder.append(new String(buf, 0, len));
        }
        System.out.println("client received:" + builder.toString());
    }
}
運(yùn)行結(jié)果

服務(wù)器結(jié)果如下圖

服務(wù)端會(huì)拋出異常javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

客戶端結(jié)果如下圖

客戶端接收到亂碼

使用SSLSocket,不使用證書 編碼實(shí)現(xiàn)
package cn.sh.sslsocket.client;

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;

/**
 * @author sh
 */
public class NoUseKeySSLSocketClient {

    public static void main(String[] args) throws IOException {
        SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLSocket sslSocket = (SSLSocket) factory.createSocket("localhost", 10002);
        OutputStream output = sslSocket.getOutputStream();
        InputStream input = sslSocket.getInputStream();
        output.write("I am NoUseKeySSLSocketClient".getBytes());
        output.flush();
        byte[] buf = new byte[1024];
        int len;
        StringBuilder builder = new StringBuilder();
        while ((len = input.read(buf)) != -1) {
            builder.append(new String(buf, 0, len));
        }
        System.out.println("client received:" + builder.toString());
    }
}
運(yùn)行結(jié)果

服務(wù)器結(jié)果如下圖

服務(wù)端會(huì)拋出異常javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown

客戶端結(jié)果如下圖

客戶端會(huì)拋出異常sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

使用SSLSocket,并且使用證書 編碼實(shí)現(xiàn)
package cn.sh.sslsocket.client;

import cn.sh.sslsocket.server.SSLSocketServer;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

/**
 * @author sh
 */
public class SSLSocketClient {

    public static void main(String[] args) throws NoSuchAlgorithmException, KeyManagementException, IOException {
        SSLContext context = SSLContext.getInstance("SSL");
        context.init(null, new TrustManager[]{SSLSocketServer.getX509TrustManger()}, new SecureRandom());
        SSLSocketFactory factory = context.getSocketFactory();

        SSLSocket sslSocket = (SSLSocket) factory.createSocket("localhost", 10002);
        OutputStream output = sslSocket.getOutputStream();
        InputStream input = sslSocket.getInputStream();
        output.write("I am SSLSocketClient".getBytes());
        output.flush();
        byte[] buf = new byte[1024];
        int len;
        StringBuilder builder = new StringBuilder();
        while ((len = input.read(buf)) != -1) {
            builder.append(new String(buf, 0, len));
        }
        output.close();
        System.out.println("client received:" + builder.toString());
    }
}
運(yùn)行結(jié)果

服務(wù)器結(jié)果如下圖

客戶端結(jié)果如下圖

代碼地址

代碼地址

本文章的代碼在cn.sh.sslsocket包中!

文章版權(quán)歸作者所有,未經(jīng)允許請勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除。

轉(zhuǎn)載請注明本文地址:http://systransis.cn/yun/71435.html

相關(guān)文章

  • Apple APNS http2 Provider 開發(fā) 使用 okHttp

    摘要:前言升級(jí)了后臺(tái)推送接口,使用協(xié)議,提高了的最大大小,本文介紹新版實(shí)現(xiàn)方法基于框架框架不要使用的類直接發(fā)送請求,因?yàn)榈讓与m然使用了,可以設(shè)置和,但是超過,鏈接還是會(huì)斷開,而官方建議保持長鏈接所以最好自建長鏈接,使用底層的類來直接發(fā)送請求,并通 前言 Apple 升級(jí)了后臺(tái)推送接口,使用 http2 協(xié)議,提高了 payload 的最大大?。?k),本文介紹新版 APNS 實(shí)現(xiàn)方法 基于 ...

    widuu 評論0 收藏0
  • Netty使用JSSE實(shí)現(xiàn)SSLSocket通信

    摘要:上文講了如何使用生成的簽名證書進(jìn)行加密通信,結(jié)果客戶端告訴我他們用的版本沒有類,并且由于一些交易的原因還不能更新沒有你總有吧,來吧。 上文講了netty如何使用openssl生成的簽名證書進(jìn)行加密通信,結(jié)果客戶端告訴我他們用的netty版本沒有SslContextBuilder類,并且由于一些PY交易的原因還不能更新netty....showImg(https://segmentfau...

    DTeam 評論0 收藏0
  • java必知必會(huì)之SecureSocket

    SSL,Secure Sockets Layer,安全Socket層TLS,Transport Layer Security,傳輸層安全協(xié)議 package network.secure; import java.io.*; import javax.net.ssl.*; public class HTTPSClient { public static void main(Strin...

    kidsamong 評論0 收藏0
  • 解決https安全證書缺少的問題

    摘要:解決的問題問題描述這兩天上測試服務(wù)器的時(shí)候突然報(bào)這樣的異常問題的根本訪問的時(shí)候缺少安全證書,導(dǎo)致的錯(cuò)誤解決措施將安全證書下載到本地。輸入等待程序執(zhí)行完成,當(dāng)前目錄下會(huì)生成一個(gè)的安全文件將證書拷貝到目錄下重新啟動(dòng)完成 解決PKIX:unable to find valid certification path to target 的問題 問題描述 這兩天上測試服務(wù)器的時(shí)候突然報(bào)這樣的異常...

    TerryCai 評論0 收藏0

發(fā)表評論

0條評論

最新活動(dòng)
閱讀需要支付1元查看
<