TLS java简单实现
石可破,丹可磨
TLS java简单实现
Java / 管理员 发布于 2020-03-08 13:33:15 43
1. SSLServer.java
package ssl;import java.io.FileInputStream;import java.io.InputStream;import java.net.ServerSocket;import java.net.Socket;import java.security.KeyStore;import java.util.logging.Logger;import javax.net.ServerSocketFactory;import javax.net.ssl.KeyManagerFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLServerSocket;public class SSLServer {private String SERVER_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/server_ks"; private String SERVER_KEY_STORE_PASSWORD = "123123"; private Logger logger = Logger.getLogger(this.getClass().getName());private SSLServerSocket createSSLServerSocket() throws Exception{// whether enable the debug mode System.setProperty("javax.net.debug", "ssl,handshake"); System.setProperty("javax.net.ssl.trustStore", SERVER_KEY_STORE); SSLContext context = SSLContext.getInstance("TLS"); KeyStore ks = KeyStore.getInstance("jceks"); ks.load(new FileInputStream(SERVER_KEY_STORE), null); KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509"); kf.init(ks, SERVER_KEY_STORE_PASSWORD.toCharArray()); context.init(kf.getKeyManagers(), null, null); ServerSocketFactory factory = context.getServerSocketFactory(); ServerSocket serverSocket = factory.createServerSocket(8443); SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket; // set whether need the client authentication// sslServerSocket.setNeedClientAuth(true); return sslServerSocket;}private void start() throws Exception{SSLServerSocket sslServerSocket= createSSLServerSocket();while(true){try{Socket socket = sslServerSocket.accept();InputStream is = socket.getInputStream();byte[] bytes = new byte[Short.MAX_VALUE];int len = -1;while((len = is.read(bytes))>0){logger.info(new String(bytes,0,len));if(len<bytes.length){break;}}socket.getOutputStream().write("server balabala ... ".getBytes());socket.close();}catch(Exception e){e.printStackTrace();}}} public static void main(String[] args)throws Exception {new SSLServer().start();}}
2. SSLClient.java
package ssl;import java.io.BufferedReader;import java.io.FileInputStream;import java.io.InputStreamReader;import java.io.PrintWriter;import java.net.Socket;import java.security.KeyStore;import java.util.logging.Logger;import javax.net.SocketFactory;import javax.net.ssl.KeyManagerFactory;import javax.net.ssl.SSLContext;import javax.net.ssl.SSLSocketFactory;public class SSLClient {private static String CLIENT_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/client_ks"; private static String CLIENT_KEY_STORE_PASSWORD = "456456"; private Logger logger = Logger.getLogger(this.getClass().getName());private Socket createNonAuthenticationSocket()throws Exception{System.setProperty("javax.net.ssl.trustStore", CLIENT_KEY_STORE); SocketFactory sf = SSLSocketFactory.getDefault(); Socket s = sf.createSocket("localhost", 8443); return s; }private Socket createAuthenticationSocket() throws Exception{System.setProperty("javax.net.ssl.trustStore", CLIENT_KEY_STORE); SSLContext context = SSLContext.getInstance("TLS"); KeyStore ks = KeyStore.getInstance("jceks"); ks.load(new FileInputStream(CLIENT_KEY_STORE), null); KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509"); kf.init(ks, CLIENT_KEY_STORE_PASSWORD.toCharArray()); context.init(kf.getKeyManagers(), null, null); SocketFactory factory = context.getSocketFactory(); Socket s = factory.createSocket("localhost", 8443); return s; }private void connect()throws Exception{ Socket s = createNonAuthenticationSocket(); // Socket s = createAuthenticationSocket(); PrintWriter writer = new PrintWriter(s.getOutputStream()); BufferedReader reader = new BufferedReader(new InputStreamReader(s.getInputStream())); writer.println("hello"); writer.flush(); logger.info(reader.readLine()); s.close(); } public static void main(String[] args) throws Exception { new SSLClient().connect(); } }
PS : 解压 client_server_keystore.rar, 然后分别拷贝到指定的如下位置.
SERVER_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/server_ks",
CLIENT_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/client_ks".
然后分别运行SSLServer,SSLClient。
更过可参考如下:
- 相关文章
- 在windows中cmd上用java练习把一个整数逆序输出(0个评论)
- 在windows中cmd上用java从键盘上输入一个十进制数,输出它的二进制数(0个评论)
- 在windows中cmd上用java练习限制用户登陆的次数(0个评论)
- 在windows中cmd上用java多分支练习石头剪刀布(0个评论)
- 在windows中cmd上用java练习简易计算器(0个评论)
- 近期文章
- Hyperf2.1框架中使用hyperf-ext/mail组件包发送邮件流程步骤(0个评论)
- 推荐一波站长辅助测试工具,帮助站长测试拨测及诊断分析网站(0个评论)
- GitHub正确的搜索技巧姿势你掌握了吗?(0个评论)
- 常用JavaScript正则表达式合集(0个评论)
- 为什么网站建设者,必须学会使用数字证书,也必须为网站部署SSL证书(0个评论)
- 对SSL证书2021年12月1日后,通配符证书不支持文件验证的解决方案(0个评论)
- Angularjs中$http异步删除数据及实例详解(0个评论)
- Vue框架MVVM架构的原理实现详解(0个评论)
- Nginx中自己定义的非官方的状态码你了解吗(0个评论)
- http中400,401,402,403,404等等及400+状态码详解及出现的原因及区别(0个评论)
- 近期评论
嗯嗯嗯 在
HTML5如何调用摄像头?中评论 嗯嗯嗯..博主 在
建议,想法,思路,来水!中评论 看到的老铁 可以留个言本站急需换友链!!!..xsjyBldb 在
freenom域名解析步骤中评论 555..博主 在
nginx中500,501,502,503,504,505状态码的详解及出现的原因/区别中评论 有错误可以指正吧 没必要搞人心态 老铁 信不信我删库跑路..博主 在
国内用什么翻墙使用谷歌?上外网神器Ghelper插件详解中评论 @白马 最近是很不稳定,后面我会找找其它更稳定的方式,发表一篇博文..
- 文章归档
- 2020-03 (164)
Auther ·HouTiZong© 2009-2020 zongscan.com 版权所有ICP证:
粤ICP备20027696号
也可以扫右边的二维码
