`

TLS java简单实现

    博客分类:
  • jdk
阅读更多

 

1. SSLServer.java

package ssl;

import java.io.FileInputStream;
import java.io.InputStream;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyStore;
import java.util.logging.Logger;

import javax.net.ServerSocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;

public class SSLServer {
	private String SERVER_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/server_ks";  
    private String SERVER_KEY_STORE_PASSWORD = "123123";  
    
    private Logger logger = Logger.getLogger(this.getClass().getName());
	
	private SSLServerSocket createSSLServerSocket() throws Exception{
		// whether enable the debug mode
	    System.setProperty("javax.net.debug", "ssl,handshake");  
		System.setProperty("javax.net.ssl.trustStore", SERVER_KEY_STORE);  
        SSLContext context = SSLContext.getInstance("TLS");  
          
        KeyStore ks = KeyStore.getInstance("jceks");  
        ks.load(new FileInputStream(SERVER_KEY_STORE), null);  
        KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509");  
        kf.init(ks, SERVER_KEY_STORE_PASSWORD.toCharArray());
        context.init(kf.getKeyManagers(), null, null);  
        
        ServerSocketFactory factory = context.getServerSocketFactory();  
        ServerSocket serverSocket = factory.createServerSocket(8443);  
        SSLServerSocket sslServerSocket =  (SSLServerSocket) serverSocket;
        // set whether need the client authentication
//        sslServerSocket.setNeedClientAuth(true); 
        return sslServerSocket;
	}
	
	private void start() throws Exception{
		SSLServerSocket sslServerSocket= createSSLServerSocket();
		
		while(true){
			try{
				Socket socket = sslServerSocket.accept();
				InputStream is = socket.getInputStream();
				byte[] bytes = new byte[Short.MAX_VALUE];
				int len = -1;
				
				while((len = is.read(bytes))>0){
					logger.info(new String(bytes,0,len));
					if(len<bytes.length){
						break;
					}
				}
				socket.getOutputStream().write("server balabala ... ".getBytes());
				socket.close();
			}catch(Exception e){
				e.printStackTrace();
			}
		}
	}
    
	public static void main(String[] args)throws Exception {
		new SSLServer().start();
	}
}

 

2. SSLClient.java

package ssl;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.Socket;
import java.security.KeyStore;
import java.util.logging.Logger;

import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;

public class SSLClient {
	private static String CLIENT_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/client_ks";  
	private static String CLIENT_KEY_STORE_PASSWORD = "456456";  
	
	private Logger logger = Logger.getLogger(this.getClass().getName());
	
	private Socket createNonAuthenticationSocket()throws Exception{
		System.setProperty("javax.net.ssl.trustStore", CLIENT_KEY_STORE);  
        SocketFactory sf = SSLSocketFactory.getDefault();  
        Socket s = sf.createSocket("localhost", 8443);  
        return s;  
	}
	
	private Socket createAuthenticationSocket() throws Exception{
		System.setProperty("javax.net.ssl.trustStore", CLIENT_KEY_STORE);  
        SSLContext context = SSLContext.getInstance("TLS");  
        KeyStore ks = KeyStore.getInstance("jceks");  
        ks.load(new FileInputStream(CLIENT_KEY_STORE), null);  
        KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509");  
        kf.init(ks, CLIENT_KEY_STORE_PASSWORD.toCharArray());  
        context.init(kf.getKeyManagers(), null, null);  
          
        SocketFactory factory = context.getSocketFactory();  
        Socket s = factory.createSocket("localhost", 8443);  
        return s;  
	}
	
	private void connect()throws Exception{
	   Socket s = createNonAuthenticationSocket();  
//     Socket s = createAuthenticationSocket();  
 
       PrintWriter writer = new PrintWriter(s.getOutputStream());  
       BufferedReader reader = new BufferedReader(new InputStreamReader(s.getInputStream()));  
       writer.println("hello");  
       writer.flush();  
       logger.info(reader.readLine());  
       s.close();  
	}
	
	
    public static void main(String[] args) throws Exception {  
    	new SSLClient().connect();
    }  
}

 

PS : 解压 client_server_keystore.rar, 然后分别拷贝到指定的如下位置.

SERVER_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/server_ks",

CLIENT_KEY_STORE = "/D:/Projects/J2EE/JDK/src/ssl/keystore/client_ks".

然后分别运行SSLServer,SSLClient。

 

更过可参考如下:

Https(SSL/TLS)原理详解

SSL介绍与Java实例


 

分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics