论坛首页 编程语言技术论坛

Java SSL

浏览 2216 次
锁定老帖子 主题:Java SSL
精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
作者 正文
  • tojaoomy
  • 等级: 二星会员
  • 性别:
  • 文章: 46
  • 积分: 280
  • 来自: 上海
   发表时间:2012-05-14  

 一直调查SSL的问题,毫无进展,头疼,先把手头搞定的资料整理下:

 

网上的资料很多,偷懒一下把。

 

服务器端代码:

package com.ricoh.rits.bct.ssl;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;

public class SSLServer {
	public static final int PORT = 8888;
	public static SSLServerSocket server;
	
	public SSLServer() {}
	
	@SuppressWarnings("deprecation")
	public static SSLServerSocket getServerSocket(int port){
		SSLServerSocket s = null;
		try {
			String key = "E:\\others\\ssl\\SSLKey";
			char keyStorePass[] = "rst200233".toCharArray();
			char keyPassword[] = "rst200233".toCharArray();
			
			KeyStore ks = KeyStore.getInstance("JKS");
			ks.load(new FileInputStream(key),keyStorePass);
			
			//create Manager Secret Key Library of JKS
			KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
			kmf.init(ks, keyPassword);
			
			SSLContext sslContext = SSLContext.getInstance("SSLv3");
			
			//init SSL context,second agrument tell JSSE the CA where from
			//set null means get CA from the javax.net.ssl.trustStore
			//third argument is the JSSE ramdonly generated,while this agrument will affect the security of the system
			//it is good chioce to set its value null,can ensure the JSSE security.
			sslContext.init(kmf.getKeyManagers(), null, null);
			
			//according to the privious configuration on SSLContext to create SSLServerSocketFactory,different with common method
			SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
			s = (SSLServerSocket) factory.createServerSocket(port);
			
			
		} catch (KeyStoreException e) {
			e.printStackTrace();
		} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
		} catch (CertificateException e) {
			e.printStackTrace();
		} catch (FileNotFoundException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		} catch (UnrecoverableKeyException e) {
			e.printStackTrace();
		} catch (KeyManagementException e) {
			e.printStackTrace();
		}
		
		return (s);
	}
	
	public static void main(String[] args) {
		try {
			server = getServerSocket(PORT);
			System.out.println("Waiting for connection... on port " + PORT);
			while(true){
				SSLSocket socket = (SSLSocket) server.accept();
				new CreateThread(socket);
			}
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}
}

class CreateThread extends Thread{
	static BufferedReader in;
	static PrintWriter out;
	static Socket s;
	
	public CreateThread(Socket socket) {
		try {
			s = socket;
			in = new BufferedReader(new InputStreamReader(s.getInputStream(),"UTF-8"));
			
			out = new PrintWriter(s.getOutputStream(),true);
			
			start();
		} catch (UnsupportedEncodingException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		}
	}
	
	@Override
	public void run() {
		String msg;
		StringBuilder builder = new StringBuilder();
		try {
			msg = in.readLine();
			builder.append(msg);
			
			System.out.println(builder.toString());
			out.println(builder.toString());
			s.close();
		} catch (IOException e) {
			e.printStackTrace();
		}
	}
	
}

 

其实只要在浏览器Type :https://localhost:8888也可以访问,输出的内容如下:

 

GET / HTTP/1.1

但是,把服务器的线程内容稍作修改的话,

 

   msg = in.readLine();
   builder.append(msg);
   
   while(msg != null){
    msg = in.readLine();
    builder.append(msg);
   }

 

  

会出现一个问题:

 

不知为何,一致阻塞在哪里,百思不得其解。

 

或者在IDE如下

客户端代码:

package com.ricoh.rits.bct.ssl;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.Socket;
import java.net.UnknownHostException;

import javax.net.ssl.SSLSocketFactory;

public class SSLClient {
	
	static int port = 8888;
	public static void main(String[] args) {
		System.out.println(System.getProperty("java.home"));
		SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
		try {
			Socket s = factory.createSocket("localhost", port);
			PrintWriter out = new PrintWriter(s.getOutputStream(),true);
			out.println("你好,我叫何剑!!!");
			out.close();
			s.close();
		} catch (UnknownHostException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}
}

 

参考资料:

 http://fishhappy365.iteye.com/blog/963876

 http://java.chinaitlab.com/JavaSecurity/792540.html

 http://www.51testing.com/?uid-202848-action-viewspace-itemid-134594

 

      下面的命令来检测是否已经正确完成了授权。
  keytool -list -v -keystore SSLKey(生成的证书名称)
返回顶楼
         
论坛首页 编程语言技术版

跳转论坛:
Global site tag (gtag.js) - Google Analytics