package com.anyec.webmq;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemReader;
public class SSLFellow {
public static SSLSocketFactory createSSLSocketFactory(String caCertFile, String clientCertFile, String privateKeyFile, String password, String tlsVersion, boolean pemFormat) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
Security.addProvider((Provider)new BouncyCastleProvider());
X509Certificate caCert = pemFormat ? loadX509CertificatePem(caCertFile) : loadX509Certificate(caCertFile);
X509Certificate clientCert = pemFormat ? loadX509CertificatePem(clientCertFile) : loadX509Certificate(clientCertFile);
PrivateKey privateKey = pemFormat ? loadPrivateKeyPem(privateKeyFile, "RSA") : loadPrivateKeyHex(privateKeyFile, "RSA");
KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType());
caKs.load(null, null);
caKs.setCertificateEntry("ca-certificate", caCert);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
ks.setCertificateEntry("certificate", clientCert);
ks.setKeyEntry("private-key", privateKey, password.toCharArray(), new Certificate[] { clientCert });
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, password.toCharArray());
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String trustedKeystoreFile, String trustedCertificateAlias, String trustedKeystorePassword, String clientKeystoreFile, String clientKeystorePassword, String clientKeyPairAlias, String clientKeyPairPassword, String tlsVersion, boolean pemFormat) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
Security.addProvider((Provider)new BouncyCastleProvider());
KeyStore caKs = loadKeystore(trustedKeystoreFile, trustedKeystorePassword);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
KeyStore ks = loadKeystore(clientKeystoreFile, clientKeystorePassword);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, clientKeyPairPassword.toCharArray());
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String tlsVersion) throws NoSuchAlgorithmException, KeyManagementException {
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(null, null, null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String trustedKeystoreFile, String trustedKeystorePassword, String tlsVersion) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
KeyStore caKs = loadKeystore(trustedKeystoreFile, trustedKeystorePassword);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String caCrtFile, String clientCrtFile, String privateKeyFile, String password, String tlsVersion) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
return createSSLSocketFactory(caCrtFile, clientCrtFile, privateKeyFile, password, tlsVersion, false);
}
public static SSLSocketFactory createSSLSocketFactory(String caCrtFile, String tlsVersion) throws KeyManagementException, NoSuchAlgorithmException, IOException, KeyStoreException, CertificateException {
SSLContext context = SSLContext.getInstance(tlsVersion);
X509Certificate caCertificate = loadX509Certificate(caCrtFile);
KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType());
caKs.load(null, null);
caKs.setCertificateEntry("ca-certificate", caCertificate);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static Certificate loadCertificateFromKeystore(String keyStoreFile, String password, String alias) throws KeyStoreException, IOException, FileNotFoundException, NoSuchAlgorithmException, CertificateException {
KeyStore keyStore = loadKeystore(keyStoreFile, password);
Certificate certificate = keyStore.getCertificate(alias);
return certificate;
}
public static KeyPair loadKeyPairFromKeystore(String keyStoreFile, String keyStorePassword, String alias, String aliasPassword) throws KeyStoreException, IOException, FileNotFoundException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
KeyPair keyPair = null;
KeyStore keyStore = loadKeystore(keyStoreFile, keyStorePassword);
Key key = keyStore.getKey(alias, aliasPassword.toCharArray());
if (key instanceof PrivateKey) {
Certificate cert = keyStore.getCertificate(alias);
PublicKey publicKey = cert.getPublicKey();
keyPair = new KeyPair(publicKey, (PrivateKey)key);
}
return keyPair;
}
public static KeyStore loadKeystore(String keyStoreFile, String password) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
KeyStore keyStore;
try (InputStream inStream = new FileInputStream(keyStoreFile)) {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(inStream, password.toCharArray());
}
return keyStore;
}
public static X509Certificate loadX509CertificatePem(String crtFile) throws CertificateException, FileNotFoundException, IOException {
X509Certificate certificate;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
try (InputStream inStream = new FileInputStream(crtFile)) {
certificate = (X509Certificate)cf.generateCertificate(inStream);
}
return certificate;
}
public static KeyPair loadKeyPairPem(String publicKeyPemFile, String privateKeyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
return new KeyPair(loadPublicKeyPem(publicKeyPemFile, algorithm), loadPrivateKeyPem(privateKeyPemFile, algorithm));
}
public static PrivateKey loadPrivateKeyPem(String keyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(loadPem(keyPemFile));
PrivateKey privateKey = KeyFactory.getInstance(algorithm).generatePrivate(privateKeySpec);
return privateKey;
}
public static PublicKey loadPublicKeyPem(String keyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(loadPem(keyPemFile));
PublicKey publicKey = KeyFactory.getInstance(algorithm).generatePublic(publicKeySpec);
return publicKey;
}
public static KeyPair loadKeyPair(String publicKeyFile, String privateKeyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
return new KeyPair(loadPublicKeyHex(publicKeyFile, algorithm), loadPrivateKeyHex(privateKeyFile, algorithm));
}
public static X509Certificate loadX509Certificate(String crtFile) throws CertificateException, FileNotFoundException, IOException {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream inStream = new FileInputStream(crtFile);
X509Certificate certificate = (X509Certificate)cf.generateCertificate(inStream);
inStream.close();
return certificate;
}
public static PrivateKey loadPrivateKeyHex(String keyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(loadHex(keyFile));
PrivateKey privateKey = KeyFactory.getInstance(algorithm).generatePrivate(privateKeySpec);
return privateKey;
}
public static PublicKey loadPublicKeyHex(String keyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(loadHex(keyFile));
PublicKey publicKey = KeyFactory.getInstance(algorithm).generatePublic(publicKeySpec);
return publicKey;
}
public static byte[] loadPem(String file) throws FileNotFoundException, IOException {
PemReader pemReader = new PemReader(new FileReader(file));
return pemReader.readPemObject().getContent();
}
public static byte[] loadHex(String file) throws FileNotFoundException, IOException {
FileInputStream inStream = new FileInputStream(file);
byte[] encodedData = new byte[inStream.available()];
inStream.read(encodedData);
inStream.close();
return encodedData;
}
public static void dumpX509Certificate(X509Certificate certificate) {
if (certificate != null) {
System.out.println("-----[X509Certificate]-----");
System.out.println("Subject DN: " + certificate.getSubjectDN());
System.out.println("Type: " + certificate.getType());
System.out.println("Version: " + certificate.getVersion());
System.out.println("Serial Number:" + certificate.getSerialNumber());
System.out.println("Valid From: " + certificate.getNotBefore());
System.out.println("Valid To: " + certificate.getNotAfter());
System.out.println("-----[END]");
}
}
public static void dumpKeyPair(KeyPair keyPair) {
if (keyPair != null) {
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
dumpHexKey("Public Key", publicKey);
dumpHexKey("Private Key", privateKey);
}
}
public static void dumpHexKey(String label, Key key) {
System.out.println("-----[" + label + "]-----");
System.out.println(encodeAsString(key.getEncoded()));
System.out.println("-----[END]");
}
public static String encodeAsString(byte[] b) {
String result = "";
for (int i = 0; i < b.length; i++)
result = result + Integer.toString((b[i] & 0xFF) + 256, 16).substring(1);
return result;
}
}
相关推荐
"socket ss"通常指的是基于Socket实现的服务器端(ServerSocket)服务。本文将深入探讨ServerSocket对象在Java中的应用及其相关知识点。 ServerSocket是Java的java.net包下的一个类,它为服务器端提供了一个监听...
本教程主要围绕"ss.rar"中的"ss.cpp"源代码文件,介绍Linux系统下的Socket编程基础知识和一个服务端示例,旨在帮助初学者快速入门。 首先,我们需要理解Socket的基本概念。Socket在操作系统中是一个数据结构,它...
ss = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # 绑定地址和端口 ss.bind(('localhost', 12345)) # 开始监听 ss.listen(5) while True: # 接受客户端连接 cs, addr = ss.accept() print('Connected...
2. **接受客户端连接**:在第19行,`ss.accept()`方法阻塞,直到有客户端连接到服务器。当客户端连接时,它返回一个新的Socket对象,代表与客户端的连接。 3. **获取客户端套接字的输出流**:在第22行,通过`...
Socket socket = ss.accept(); BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream())); PrintWriter out = new PrintWriter(socket.getOutputStream(), true); // 业务逻辑....
Socket socket = ss.accept(); // 阻塞式等待,直到有客户端连接,返回Socket对象 OutputStream sops = socket.getOutputStream(); // 获取Socket的输出流,用于向客户端发送数据 InputStream sips = socket....
根据提供的文件信息,本文将详细解析与socket编程相关的知识点,特别是如何使用Java语言进行服务器端socket的创建及数据流管理。 ### Socket编程简介 Socket编程是网络编程的基础,它允许不同计算机之间的进程相互...
ss生成器SocketStream的应用程序生成器概括ss-generator是SocketStream Web框架的CLI组件。 它已从框架中提取出来,以便可以在Yeoman生成器中使用,以及帮助SocketStream的代码库变得更加模块化。安装它主要用于...
本工具可能包含开源的Socket框架,如`ss`,帮助开发者进行功能测试和性能评估。 首先,让我们深入理解一下Socket。Socket是应用层与传输层的一个接口(API),它允许应用程序通过TCP或UDP等传输协议发送和接收数据...
Socket client = ss.accept(); // 准备输出流 OutputStream netOut = client.getOutputStream(); OutputStream doc = new DataOutputStream(new BufferedOutputStream(netOut)); // 创建缓冲区 byte[] buf =...
socket = ss.accept(); in = new BufferedReader(new InputStreamReader(socket.getInputStream())); out = new PrintWriter(socket.getOutputStream(), true); String line = in.readLine(); out.println(...
* 监听客户端的连接:`Socket s = ss.accept();` * 接受客户端的连接:`dos = new DataOutputStream(s.getOutputStream()); dis = new DataInputStream(s.getInputStream());` * 与客户端进行通信:通过...
`ss`命令是Linux操作系统中用于检查网络连接状态的工具,它能够显示包括PACKET sockets、TCP sockets、UDP sockets、DCCP sockets、RAW sockets以及Unix domain sockets在内的多种类型socket的状态。相较于其他工具...
ss 命令是一个实用且常用的 Linux 命令,用于显示 socket 状态。它可以显示 PACKET sockets, TCP sockets, UDP sockets, DCCP sockets, RAW sockets, Unix domain sockets 等等统计信息。ss 命令比其他工具展示更多...
「C#实现SSLSocket加密通讯方法详解」 在网络通讯中,安全性是一个非常重要的方面,而SSL/TLS协议则是最常用的加密通讯协议之一。C#作为一个强大的编程语言,可以轻松地实现SSL/TLS协议的加密通讯。下面将详细介绍...
Socket s = ss.accept(); // 每个客户端一个处理线程 new Handler(s, i).start(); i++; } catch (IOException e) { e.printStackTrace(); } } } public static void main(String[] args) { try { new ...
java.net.Socket sk = ss.accept(); //DataOutputStream 处理数据 数据的输出流 java.io.OutputStream os = new java.io.DataOutputStream( sk.getOutputStream()); // 利用网络输出流将文件传到客户端 边...
SocketStream 0.3应用程序的控制台(REPL) 允许您连接到正在运行的SocketStream服务器,以从终端调用诸如ss.rpc()或ss.publish.all()命令。 这在调试应用程序时非常有用。 SocketStream控制台遵循客户端/服务器模型...
SPI是一种全双工同步串行接口,通过SCK(时钟信号)、MISO(主设备输入/从设备输出)、MOSI(主设备输出/从设备输入)和SS(片选信号)四条线实现数据传输。在连接W5500时,需要配置STM32的相关GPIO引脚为SPI模式,...
socket = ss.accept(); // 阻塞等待客户端连接 in = new BufferedReader(new InputStreamReader(socket.getInputStream())); out = new PrintWriter(socket.getOutputStream(), true); String line = in....