package com.anyec.webmq;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemReader;
public class SSLFellow {
public static SSLSocketFactory createSSLSocketFactory(String caCertFile, String clientCertFile, String privateKeyFile, String password, String tlsVersion, boolean pemFormat) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
Security.addProvider((Provider)new BouncyCastleProvider());
X509Certificate caCert = pemFormat ? loadX509CertificatePem(caCertFile) : loadX509Certificate(caCertFile);
X509Certificate clientCert = pemFormat ? loadX509CertificatePem(clientCertFile) : loadX509Certificate(clientCertFile);
PrivateKey privateKey = pemFormat ? loadPrivateKeyPem(privateKeyFile, "RSA") : loadPrivateKeyHex(privateKeyFile, "RSA");
KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType());
caKs.load(null, null);
caKs.setCertificateEntry("ca-certificate", caCert);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(null, null);
ks.setCertificateEntry("certificate", clientCert);
ks.setKeyEntry("private-key", privateKey, password.toCharArray(), new Certificate[] { clientCert });
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, password.toCharArray());
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String trustedKeystoreFile, String trustedCertificateAlias, String trustedKeystorePassword, String clientKeystoreFile, String clientKeystorePassword, String clientKeyPairAlias, String clientKeyPairPassword, String tlsVersion, boolean pemFormat) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
Security.addProvider((Provider)new BouncyCastleProvider());
KeyStore caKs = loadKeystore(trustedKeystoreFile, trustedKeystorePassword);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
KeyStore ks = loadKeystore(clientKeystoreFile, clientKeystorePassword);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, clientKeyPairPassword.toCharArray());
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String tlsVersion) throws NoSuchAlgorithmException, KeyManagementException {
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(null, null, null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String trustedKeystoreFile, String trustedKeystorePassword, String tlsVersion) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
KeyStore caKs = loadKeystore(trustedKeystoreFile, trustedKeystorePassword);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
SSLContext context = SSLContext.getInstance(tlsVersion);
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static SSLSocketFactory createSSLSocketFactory(String caCrtFile, String clientCrtFile, String privateKeyFile, String password, String tlsVersion) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, FileNotFoundException, InvalidKeySpecException {
return createSSLSocketFactory(caCrtFile, clientCrtFile, privateKeyFile, password, tlsVersion, false);
}
public static SSLSocketFactory createSSLSocketFactory(String caCrtFile, String tlsVersion) throws KeyManagementException, NoSuchAlgorithmException, IOException, KeyStoreException, CertificateException {
SSLContext context = SSLContext.getInstance(tlsVersion);
X509Certificate caCertificate = loadX509Certificate(caCrtFile);
KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType());
caKs.load(null, null);
caKs.setCertificateEntry("ca-certificate", caCertificate);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(caKs);
context.init(null, tmf.getTrustManagers(), null);
return context.getSocketFactory();
}
public static Certificate loadCertificateFromKeystore(String keyStoreFile, String password, String alias) throws KeyStoreException, IOException, FileNotFoundException, NoSuchAlgorithmException, CertificateException {
KeyStore keyStore = loadKeystore(keyStoreFile, password);
Certificate certificate = keyStore.getCertificate(alias);
return certificate;
}
public static KeyPair loadKeyPairFromKeystore(String keyStoreFile, String keyStorePassword, String alias, String aliasPassword) throws KeyStoreException, IOException, FileNotFoundException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
KeyPair keyPair = null;
KeyStore keyStore = loadKeystore(keyStoreFile, keyStorePassword);
Key key = keyStore.getKey(alias, aliasPassword.toCharArray());
if (key instanceof PrivateKey) {
Certificate cert = keyStore.getCertificate(alias);
PublicKey publicKey = cert.getPublicKey();
keyPair = new KeyPair(publicKey, (PrivateKey)key);
}
return keyPair;
}
public static KeyStore loadKeystore(String keyStoreFile, String password) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
KeyStore keyStore;
try (InputStream inStream = new FileInputStream(keyStoreFile)) {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(inStream, password.toCharArray());
}
return keyStore;
}
public static X509Certificate loadX509CertificatePem(String crtFile) throws CertificateException, FileNotFoundException, IOException {
X509Certificate certificate;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
try (InputStream inStream = new FileInputStream(crtFile)) {
certificate = (X509Certificate)cf.generateCertificate(inStream);
}
return certificate;
}
public static KeyPair loadKeyPairPem(String publicKeyPemFile, String privateKeyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
return new KeyPair(loadPublicKeyPem(publicKeyPemFile, algorithm), loadPrivateKeyPem(privateKeyPemFile, algorithm));
}
public static PrivateKey loadPrivateKeyPem(String keyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(loadPem(keyPemFile));
PrivateKey privateKey = KeyFactory.getInstance(algorithm).generatePrivate(privateKeySpec);
return privateKey;
}
public static PublicKey loadPublicKeyPem(String keyPemFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(loadPem(keyPemFile));
PublicKey publicKey = KeyFactory.getInstance(algorithm).generatePublic(publicKeySpec);
return publicKey;
}
public static KeyPair loadKeyPair(String publicKeyFile, String privateKeyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
return new KeyPair(loadPublicKeyHex(publicKeyFile, algorithm), loadPrivateKeyHex(privateKeyFile, algorithm));
}
public static X509Certificate loadX509Certificate(String crtFile) throws CertificateException, FileNotFoundException, IOException {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream inStream = new FileInputStream(crtFile);
X509Certificate certificate = (X509Certificate)cf.generateCertificate(inStream);
inStream.close();
return certificate;
}
public static PrivateKey loadPrivateKeyHex(String keyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(loadHex(keyFile));
PrivateKey privateKey = KeyFactory.getInstance(algorithm).generatePrivate(privateKeySpec);
return privateKey;
}
public static PublicKey loadPublicKeyHex(String keyFile, String algorithm) throws FileNotFoundException, IOException, NoSuchAlgorithmException, InvalidKeySpecException {
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(loadHex(keyFile));
PublicKey publicKey = KeyFactory.getInstance(algorithm).generatePublic(publicKeySpec);
return publicKey;
}
public static byte[] loadPem(String file) throws FileNotFoundException, IOException {
PemReader pemReader = new PemReader(new FileReader(file));
return pemReader.readPemObject().getContent();
}
public static byte[] loadHex(String file) throws FileNotFoundException, IOException {
FileInputStream inStream = new FileInputStream(file);
byte[] encodedData = new byte[inStream.available()];
inStream.read(encodedData);
inStream.close();
return encodedData;
}
public static void dumpX509Certificate(X509Certificate certificate) {
if (certificate != null) {
System.out.println("-----[X509Certificate]-----");
System.out.println("Subject DN: " + certificate.getSubjectDN());
System.out.println("Type: " + certificate.getType());
System.out.println("Version: " + certificate.getVersion());
System.out.println("Serial Number:" + certificate.getSerialNumber());
System.out.println("Valid From: " + certificate.getNotBefore());
System.out.println("Valid To: " + certificate.getNotAfter());
System.out.println("-----[END]");
}
}
public static void dumpKeyPair(KeyPair keyPair) {
if (keyPair != null) {
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
dumpHexKey("Public Key", publicKey);
dumpHexKey("Private Key", privateKey);
}
}
public static void dumpHexKey(String label, Key key) {
System.out.println("-----[" + label + "]-----");
System.out.println(encodeAsString(key.getEncoded()));
System.out.println("-----[END]");
}
public static String encodeAsString(byte[] b) {
String result = "";
for (int i = 0; i < b.length; i++)
result = result + Integer.toString((b[i] & 0xFF) + 256, 16).substring(1);
return result;
}
}
相关推荐
ServerSocket对象
linux socket编程服务端例子,对初学者很有帮助
socket 测试工具,基于TCP IP 等功能的测试,看测试 开源socket框架 ss
ss生成器SocketStream的应用程序生成器概括ss-generator是SocketStream Web框架的CLI组件。 它已从框架中提取出来,以便可以在Yeoman生成器中使用,以及帮助SocketStream的代码库变得更加模块化。安装它主要用于...
java.net.Socket sk = ss.accept(); //DataOutputStream 处理数据 数据的输出流 java.io.OutputStream os = new java.io.DataOutputStream( sk.getOutputStream()); // 利用网络输出流将文件传到客户端 边...
利用tcP/IP协议 套接字socket完成文件点对点传输功能
Dim ss As Sockets.Socket = s.Accept() '若接收到,则创建一个新的Socket与之连接 ss.Receive(OneBytes) '接收数据,若用ss.send(Byte()),则发送数据 ListBox1.Items.Insert(0, Encoding.Unicode.GetString...
ss命令用于显示socket状态。他可以显示PACKET sockets,TCP sockets, UDP sockets,DCCP sockets, RAW sockets,Unix domain sockets等等统计。它比其他工具展示等多tcp和state信息。它是一个非常实用、快速、有效...
5) 本机转换 ss 6) IP 地址和如何处理它们 7) socket()函数 8) bind()函数 9) connect()函数 10) listen()函数 11) accept()函数 12) send()和recv()函数 13) sendto()和recvfrom()函数 14) close()和...
允许您在 SocketStream 项目中使用文件 (.jade)。 指示 将ss-jade添加到应用程序的package.json文件中,然后将此行添加到 app.js: ss . client . formatters . add ( require ( 'ss-jade' ) ) ; 传递局部变量 ...
用于SocketStream的SockJS Websocket传输SockJS传输集成内置在SocketStream 0.5.0中您可以在此处阅读有关SockJS好处的更多信息: (服务器) (客户端)安装要在您的应用程序中使用SockJS,请首先添加安装SockJS: $...
SocketStream 0.3的CoffeeScript(JS)包装器允许您在SocketStream项目中使用文件(.coffee)。指示将ss-coffee添加到应用程序的package.json文件中,然后将此行添加到app.js中: ss . client . formatters . add ( ...
SocketStream 0.3的手写笔(CSS)包装器 允许您在SocketStream项目中使用文件(.styl)。 指示 将ss-stylus添加到应用程序的package.json文件中,然后将此行添加到app.js中: ss.client.formatters.add(require('ss...
SocketStream 0.3应用程序的控制台(REPL) 允许您连接到正在运行的SocketStream服务器,以从终端调用诸如ss.rpc()或ss.publish.all()命令。 这在调试应用程序时非常有用。 SocketStream控制台遵循客户端/服务器模型...
ss-ractive将Socket模板周围的Ractive脚本标签( [removed]...[removed] )包装起来。 例如,位于/client/templates/test/component.jade一个jade模板文件(由ss-jade编译)具有以下内容: h1 {{title}} | {{{...
ss 是 Socket Statistics 的缩写。ss 命令可以用来获取 socket 统计信息,它显示的内容和 netstat 类似。但 ss 的优势在于它能够显示更多更详细的有关 TCP 和连接状态的信息,而且比 netstat 更快。当服务器的 ...
ss-build 在不运行服务器的情况下构建 Socketstream 资产。 它需要对您的应用程序启动脚本进行小幅重构。用法将 package.json 更改为 "scripts": { "start": "node -e \"require('app').start({port:process.env....
上一篇中我们已经知道了客户端通过socket来连接服务端,进行了一次数据传输,那如何实现客户端多次发生数据?而服务端接受多个客户端呢? 二、发送中文信息 在python3中,socket只能发送bytes类型的数据,bytes...
var sio=require(“socket.io”); var app=express(); var server=http.createServer(app); var fs=require(“fs”); app.get(“/”, function (req,res) { res.sendfile(__dirname+”/index.html”...
ss是Socket Statistics的缩写。ss命令用来显示处于活动状态的套接字信息。它可以显示和netstat类似的内容。但ss的优势在于它能够显示更多更详细的有关TCP和连接状态的信息,而且比netstat更快速更高效。 语法格式:...