Java SSL

tojaoomy

浏览: 93949 次
性别:
来自: 上海

最近访客更多访客>>

dkl187788

mosoft

liujingjing5

binxinyuwuhen

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

WebService
SSL
security
Java

一直调查SSL的问题，毫无进展，头疼，先把手头搞定的资料整理下：

网上的资料很多，偷懒一下把。

服务器端代码:

package com.ricoh.rits.bct.ssl;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;

public class SSLServer {
	public static final int PORT = 8888;
	public static SSLServerSocket server;
	
	public SSLServer() {}
	
	@SuppressWarnings("deprecation")
	public static SSLServerSocket getServerSocket(int port){
		SSLServerSocket s = null;
		try {
			String key = "E:\\others\\ssl\\SSLKey";
			char keyStorePass[] = "rst200233".toCharArray();
			char keyPassword[] = "rst200233".toCharArray();
			
			KeyStore ks = KeyStore.getInstance("JKS");
			ks.load(new FileInputStream(key),keyStorePass);
			
			//create Manager Secret Key Library of JKS
			KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
			kmf.init(ks, keyPassword);
			
			SSLContext sslContext = SSLContext.getInstance("SSLv3");
			
			//init SSL context,second agrument tell JSSE the CA where from
			//set null means get CA from the javax.net.ssl.trustStore
			//third argument is the JSSE ramdonly generated,while this agrument will affect the security of the system
			//it is good chioce to set its value null,can ensure the JSSE security.
			sslContext.init(kmf.getKeyManagers(), null, null);
			
			//according to the privious configuration on SSLContext to create SSLServerSocketFactory,different with common method
			SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
			s = (SSLServerSocket) factory.createServerSocket(port);
			
			
		} catch (KeyStoreException e) {
			e.printStackTrace();
		} catch (NoSuchAlgorithmException e) {
			e.printStackTrace();
		} catch (CertificateException e) {
			e.printStackTrace();
		} catch (FileNotFoundException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		} catch (UnrecoverableKeyException e) {
			e.printStackTrace();
		} catch (KeyManagementException e) {
			e.printStackTrace();
		}
		
		return (s);
	}
	
	public static void main(String[] args) {
		try {
			server = getServerSocket(PORT);
			System.out.println("Waiting for connection... on port " + PORT);
			while(true){
				SSLSocket socket = (SSLSocket) server.accept();
				new CreateThread(socket);
			}
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}
}

class CreateThread extends Thread{
	static BufferedReader in;
	static PrintWriter out;
	static Socket s;
	
	public CreateThread(Socket socket) {
		try {
			s = socket;
			in = new BufferedReader(new InputStreamReader(s.getInputStream(),"UTF-8"));
			
			out = new PrintWriter(s.getOutputStream(),true);
			
			start();
		} catch (UnsupportedEncodingException e) {
			e.printStackTrace();
		} catch (IOException e) {
			e.printStackTrace();
		}
	}
	
	@Override
	public void run() {
		String msg;
		StringBuilder builder = new StringBuilder();
		try {
			msg = in.readLine();
			builder.append(msg);
			
			System.out.println(builder.toString());
			out.println(builder.toString());
			s.close();
		} catch (IOException e) {
			e.printStackTrace();
		}
	}
	
}

其实只要在浏览器Type ：https://localhost:8888也可以访问，输出的内容如下：

GET / HTTP/1.1

但是，把服务器的线程内容稍作修改的话，

   msg = in.readLine();
   builder.append(msg);
   
   while(msg != null){
    msg = in.readLine();
    builder.append(msg);
   }

会出现一个问题：

不知为何，一致阻塞在哪里，百思不得其解。

或者在IDE如下

客户端代码：

package com.ricoh.rits.bct.ssl;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.Socket;
import java.net.UnknownHostException;

import javax.net.ssl.SSLSocketFactory;

public class SSLClient {
	
	static int port = 8888;
	public static void main(String[] args) {
		System.out.println(System.getProperty("java.home"));
		SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
		try {
			Socket s = factory.createSocket("localhost", port);
			PrintWriter out = new PrintWriter(s.getOutputStream(),true);
			out.println("你好，我叫何剑！！！");
			out.close();
			s.close();
		} catch (UnknownHostException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}
}

参考资料：

http://fishhappy365.iteye.com/blog/963876

http://java.chinaitlab.com/JavaSecurity/792540.html

http://www.51testing.com/?uid-202848-action-viewspace-itemid-134594

下面的命令来检测是否已经正确完成了授权。
　　keytool -list -v -keystore SSLKey(生成的证书名称)

分享到：

User Authentication | Security Managers and Permissions

2012-05-14 16:40
浏览 1085
评论(0)
论坛回复 / 浏览 (0 / 2188)
分类:编程语言
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

Java SSL

评论

发表评论

相关推荐

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

Java SSL

评论

发表评论

相关推荐

Filter,Servlet,Conponent如何获取ApplicationContext

synchronized (this) 柳暗花明又一村

同一个线程synchronized方法调用synchronized方法

Java开源工具：网站开发工具清单

Maven construct Maven Project

开源中最好的Web开发的资源

SimulateSpringIOC

User Authentication

Security Managers and Permissions

[转]Web Services Over SSL - HOW TO

Java Use the keyword goto

HttpClient Access to HTML Form

Top 10 Java Developer Forums

Python调用WebService出错，求解决

windows下安装suds一些问题

Web Service for Python

发几个收藏的Java游戏

How Java access to shared folder

Axis2 integrate with tomcat occur "unsupport" error

内网WebService访问外网出现UnknownHostException方法

最近访客更多访客>>