資訊專欄INFORMATION COLUMN
摘要:上文講了如何使用生成的簽名證書進(jìn)行加密通信,結(jié)果客戶端告訴我他們用的版本沒有類,并且由于一些交易的原因還不能更新沒有你總有吧,來吧。
上文講了netty如何使用openssl生成的簽名證書進(jìn)行加密通信,結(jié)果客戶端告訴我他們用的netty版本沒有SslContextBuilder類,并且由于一些PY交易的原因還不能更新netty....
SslContextBuilder沒有java你總有吧,來吧。
一、老規(guī)矩,創(chuàng)建key 1.創(chuàng)建客戶端和服務(wù)端的keystore文件隨便找個(gè)文件夾就行,打開命令行輸入
keytool -genkey -alias sslserver -keystore sslserverkeys keytool -genkey -alias sslclient -keystore sslclientkeys2.將keystore導(dǎo)出證書格式
keytool -export -alias sslserver -keystore sslserverkeys -file sslserver.cer keytool -export -alias sslclient -keystore sslclientkeys -file sslclient.cer3.將客戶端證書導(dǎo)入到服務(wù)器端信任的 keystore 里,將服務(wù)器端證書導(dǎo)入到客戶端信任的 keystore 里。
keytool -import -alias sslclient -keystore sslservertrust -file sslclient.cer keytool -import -alias sslserver -keystore sslclienttrust -file sslserver.cer
最后得到有用的文件分別為
服務(wù)端:sslserverkeys、sslservertrust
客戶端:sslclientkeys、sslclienttrust
public class SecureChatSslContextFactory {
private static final String PROTOCOL = "SSL";
private static final SSLContext SERVER_CONTEXT;
private static String SERVER_KEY_STORE = ".sslsslserverkeys";
private static String SERVER_TRUST_KEY_STORE = ".sslsslservertrust";
private static String SERVER_KEY_STORE_PASSWORD = "123123123";
private static String SERVER_TRUST_KEY_STORE_PASSWORD = "123123123";
static {
String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
SSLContext serverContext;
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(SERVER_KEY_STORE), SERVER_KEY_STORE_PASSWORD.toCharArray());
KeyStore tks = KeyStore.getInstance("JKS");
tks.load(new FileInputStream(SERVER_TRUST_KEY_STORE), SERVER_TRUST_KEY_STORE_PASSWORD.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
kmf.init(ks, SERVER_KEY_STORE_PASSWORD.toCharArray());
tmf.init(tks);
serverContext = SSLContext.getInstance(PROTOCOL);
serverContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
} catch (Exception e) {
throw new Error(e);
}
SERVER_CONTEXT = serverContext;
}
public static SSLContext getServerContext() {
return SERVER_CONTEXT;
}
}
Main.java
public class Main {
private static final int m_port = 23333;
public void run() throws InterruptedException {
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
ServerBootstrap b = new ServerBootstrap();
b.group(bossGroup, workerGroup)
.channel(NioServerSocketChannel.class)
.childHandler(new Initializer());
System.out.println("啟動(dòng)了,端口:" + m_port);
ChannelFuture f = b.bind(m_port).sync();
f.channel().closeFuture().sync();
} finally {
bossGroup.shutdownGracefully();
workerGroup.shutdownGracefully();
System.out.println("關(guān)閉了");
}
}
public static void main(String[] args) throws Exception {
new Main().run();
}
}
Initializer.java
public class Initializer extends ChannelInitializerHandler.java{ @Override public void initChannel(SocketChannel ch) throws Exception { ChannelPipeline pipeline = ch.pipeline(); SSLEngine engine = SecureChatSslContextFactory.getServerContext().createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(true); pipeline.addLast("ssl", new SslHandler(engine)); pipeline.addLast(new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter())); pipeline.addLast(new StringDecoder()); pipeline.addLast(new StringEncoder()); pipeline.addLast(new Handler()); } }
public class Handler extends SimpleChannelInboundHandler三、客戶端代碼(git) SecureChatSslContextFactory.java{ @Override public void handlerAdded(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); ctx.writeAndFlush("[SERVER] - " + incoming.remoteAddress() + " 加入 "); } @Override protected void channelRead0(ChannelHandlerContext ctx, String s) throws Exception { Channel incoming = ctx.channel(); System.out.println("收到" + incoming.id() + "消息:" + s); } @Override public void channelActive(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); System.out.println("SimpleChatClient:" + incoming.remoteAddress() + "在線"); } @Override public void handlerRemoved(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); ctx.writeAndFlush("[SERVER] - " + incoming.remoteAddress() + " 離開 "); } @Override public void channelInactive(ChannelHandlerContext ctx) throws Exception { Channel incoming = ctx.channel(); System.out.println(incoming.remoteAddress() + "掉線"); } @Override public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception { Channel incoming = ctx.channel(); System.out.println(incoming.remoteAddress() + "異常"); // 當(dāng)出現(xiàn)異常就關(guān)閉連接 cause.printStackTrace(); ctx.close(); } }
public class SecureChatSslContextFactory {
private static final String PROTOCOL = "SSL";
private static final SSLContext CLIENT_CONTEXT;
private static String CLIENT_KEY_STORE = ".sslsslclientkeys";
private static String CLIENT_TRUST_KEY_STORE = ".sslsslclienttrust";
private static String CLIENT_KEY_STORE_PASSWORD = "321321321";
private static String CLIENT_TRUST_KEY_STORE_PASSWORD = "321321321";
static {
String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm");
if (algorithm == null) {
algorithm = "SunX509";
}
SSLContext clientContext;
try {
KeyStore ks2 = KeyStore.getInstance("JKS");
ks2.load(new FileInputStream(CLIENT_KEY_STORE), CLIENT_KEY_STORE_PASSWORD.toCharArray());
KeyStore tks2 = KeyStore.getInstance("JKS");
tks2.load(new FileInputStream(CLIENT_TRUST_KEY_STORE), CLIENT_TRUST_KEY_STORE_PASSWORD.toCharArray());
KeyManagerFactory kmf2 = KeyManagerFactory.getInstance(algorithm);
TrustManagerFactory tmf2 = TrustManagerFactory.getInstance("SunX509");
kmf2.init(ks2, CLIENT_KEY_STORE_PASSWORD.toCharArray());
tmf2.init(tks2);
clientContext = SSLContext.getInstance(PROTOCOL);
clientContext.init(kmf2.getKeyManagers(), tmf2.getTrustManagers(), null);
} catch (Exception e) {
throw new Error(e);
}
CLIENT_CONTEXT = clientContext;
}
public static SSLContext getClientContext() {
return CLIENT_CONTEXT;
}
Main.java
public class Main {
private static String m_host = "127.0.0.1";
private static int m_prot = 23333;
public static void main(String[] args) throws Exception {
new Main().run();
}
public void run() throws Exception {
EventLoopGroup group = new NioEventLoopGroup();
try {
Bootstrap bt = new Bootstrap().group(group).channel(NioSocketChannel.class).handler(new Initializer());
Channel channel = bt.connect(m_host, m_prot).sync().channel();
BufferedReader in = new BufferedReader(new InputStreamReader(System.in));
while (true) {
channel.writeAndFlush(in.readLine() + "
");
}
} catch (IOException e) {
e.printStackTrace();
} finally {
group.shutdownGracefully();
}
}
}
Initializer.java
public class Initializer extends ChannelInitializerHandler.java{ @Override public void initChannel(SocketChannel ch) throws Exception { ChannelPipeline pipeline = ch.pipeline(); SSLEngine engine = SecureChatSslContextFactory.getClientContext().createSSLEngine(); engine.setUseClientMode(true); pipeline.addLast("ssl", new SslHandler(engine)); pipeline.addLast(new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter())); pipeline.addLast(new StringDecoder()); pipeline.addLast(new StringEncoder()); pipeline.addLast(new Handler()); } }
public class Handler extends SimpleChannelInboundHandler{ protected void channelRead0(ChannelHandlerContext channelHandlerContext, String s) throws Exception { System.out.println("收到:" + s); } }
文章版權(quán)歸作者所有,未經(jīng)允許請(qǐng)勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除。
轉(zhuǎn)載請(qǐng)注明本文地址:http://m.specialneedsforspecialkids.com/yun/67276.html
摘要:定義擴(kuò)展并提供使用或協(xié)議的安全套接字。它也是基于正常的流套接字,但是在網(wǎng)絡(luò)傳輸協(xié)議如上添加了安全保護(hù)層。 SSLSocket定義 SSLSocket擴(kuò)展Socket并提供使用SSL或TLS協(xié)議的安全套接字。它也是基于正常的流套接字,但是在網(wǎng)絡(luò)傳輸協(xié)議(如TCP)上添加了安全保護(hù)層。 SSLSocket相關(guān)類 類 功能描述 SSLContext 該類的實(shí)例表示安全套接字協(xié)議的實(shí)...
摘要:前言升級(jí)了后臺(tái)推送接口,使用協(xié)議,提高了的最大大小,本文介紹新版實(shí)現(xiàn)方法基于框架框架不要使用的類直接發(fā)送請(qǐng)求,因?yàn)榈讓与m然使用了,可以設(shè)置和,但是超過,鏈接還是會(huì)斷開,而官方建議保持長鏈接所以最好自建長鏈接,使用底層的類來直接發(fā)送請(qǐng)求,并通 前言 Apple 升級(jí)了后臺(tái)推送接口,使用 http2 協(xié)議,提高了 payload 的最大大小(4k),本文介紹新版 APNS 實(shí)現(xiàn)方法 基于 ...
時(shí)間:2018年04月11日星期三 說明:本文部分內(nèi)容均來自慕課網(wǎng)。@慕課網(wǎng):https://www.imooc.com 教學(xué)源碼:https://github.com/zccodere/s... 學(xué)習(xí)源碼:https://github.com/zccodere/s... 第一章:課程介紹 1-1 課程介紹 什么是Netty 高性能、事件驅(qū)動(dòng)、異步非阻塞的IO Java開源框架 基于NIO的客戶...
摘要:而我們項(xiàng)目在實(shí)測時(shí)也是將項(xiàng)目發(fā)布到測試服務(wù)器,通過模擬工具進(jìn)行測試連接,當(dāng)數(shù)據(jù)格式正常,且業(yè)務(wù)數(shù)據(jù)正常,服務(wù)器就會(huì)對(duì)指令執(zhí)行對(duì)應(yīng)的操作。 閱讀本文約5.5分鐘 最近又有粉絲加Q群討論netty整合SSM項(xiàng)目的方式等,我在這里抽了休息日的時(shí)候整理一下,一步一步的記錄,注意的是,本案例僅實(shí)現(xiàn)了用netty整合SSM后與單片機(jī)等類TCP應(yīng)用通信。 SSM + Netty項(xiàng)目結(jié)合思路 對(duì)于N...
閱讀 1646·2023-04-25 20:36
閱讀 2064·2021-09-02 15:11
閱讀 1206·2021-08-27 13:13
閱讀 2659·2019-08-30 15:52
閱讀 4688·2019-08-29 17:13
閱讀 1008·2019-08-29 11:09
閱讀 1498·2019-08-26 11:51
閱讀 843·2019-08-26 10:56
