Java-JSSE-SSL/TLS编程代码实例-单向认证
2014-11-11 17:12
537 查看
前一篇介绍了SSL/TLS双向认证的代码实例。
也可以选择使用单向认证,这种情况下client侧不需要提供证书。所以,
server侧只需要自己的keystore文件,不需要truststore文件
client侧不需要自己的keystore文件,只需要truststore文件(其中包含server的公钥)。
此外server侧需要在创建SSLServerSocket之后设定不需要客户端证书:setNeedClientAuth(false)
server代码
client代码
也可以选择使用单向认证,这种情况下client侧不需要提供证书。所以,
server侧只需要自己的keystore文件,不需要truststore文件
client侧不需要自己的keystore文件,只需要truststore文件(其中包含server的公钥)。
此外server侧需要在创建SSLServerSocket之后设定不需要客户端证书:setNeedClientAuth(false)
server代码
package learning.net.ssl;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.Socket;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
public class CatServerNoClientAuth implements Runnable, HandshakeCompletedListener {
public static final int SERVER_PORT = 11123;
private final Socket _s;
public CatServerNoClientAuth(Socket s) {
_s = s;
}
public static void main(String[] args) throws Exception {
String serverKeyStoreFile = "c:\\_tmp\\catserver.keystore";
String serverKeyStorePwd = "catserverks";
String catServerKeyPwd = "catserver";
KeyStore serverKeyStore = KeyStore.getInstance("JKS");
serverKeyStore.load(new FileInputStream(serverKeyStoreFile), serverKeyStorePwd.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(serverKeyStore, catServerKeyPwd.toCharArray());
SSLContext sslContext = SSLContext.getInstance("TLSv1");
sslContext.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(SERVER_PORT);
sslServerSocket.setNeedClientAuth(false);
while (true) {
SSLSocket s = (SSLSocket)sslServerSocket.accept();
CatServerNoClientAuth cs = new CatServerNoClientAuth(s);
s.addHandshakeCompletedListener(cs);
new Thread(cs).start();
}
}
@Override
public void run() {
try {
BufferedReader reader = new BufferedReader(new InputStreamReader(_s.getInputStream()));
PrintWriter writer = new PrintWriter(_s.getOutputStream(), true);
writer.println("Welcome~, enter exit to leave.");
String s;
while ((s = reader.readLine()) != null && !s.trim().equalsIgnoreCase("exit")) {
writer.println("Echo: " + s);
}
writer.println("Bye~");
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
_s.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
@Override
public void handshakeCompleted(HandshakeCompletedEvent event) {
try {
X509Certificate cert = (X509Certificate) event.getPeerCertificates()[0];
} catch (SSLPeerUnverifiedException ex) {
System.out.println("handshakeCompleted, SSLPeerUnverified.");
}
}
}client代码
package learning.net.ssl;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.Socket;
import java.security.KeyStore;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
public class FoxClientNoClientAuth {
public static void main(String[] args) throws Exception {
String clientTrustKeyStoreFile = "c:\\_tmp\\foxclienttrust.keystore";
String clientTrustKeyStorePwd = "foxclienttrustks";
KeyStore clientTrustKeyStore = KeyStore.getInstance("JKS");
clientTrustKeyStore.load(new FileInputStream(clientTrustKeyStoreFile), clientTrustKeyStorePwd.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(clientTrustKeyStore);
SSLContext sslContext = SSLContext.getInstance("TLSv1");
sslContext.init(null, tmf.getTrustManagers(), null);
SSLSocketFactory socketFactory = sslContext.getSocketFactory();
Socket socket = socketFactory.createSocket("localhost", CatServer.SERVER_PORT);
PrintWriter out = new PrintWriter(socket.getOutputStream(), true);
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
send("hello", out);
send("exit", out);
receive(in);
socket.close();
}
public static void send(String s, PrintWriter out) throws IOException {
System.out.println("Sending: " + s);
out.println(s);
}
public static void receive(BufferedReader in) throws IOException {
String s;
while ((s = in.readLine()) != null) {
System.out.println("Reveived: " + s);
}
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Java-JSSE-SSL/TLS编程代码实例-双向认证
- Java-JSSE-SSL/TLS编程代码实例-双向认证
- Java-JSSE-SSL/TLS编程代码实例-双向认证
- SSL/TLS单向认证实现(JAVA、TOMCAT)
- 使用Java进行SNMP编程-SNMP4J-SNMPv1/v2-代码实例
- Java网络编程二:Java Secure(SSL/TLS) Socket实现
- 使用wireshark观察SSL/TLS握手过程--双向认证/单向认证
- Java Android SSL 双向认证代码
- Android网络编程系列 一 JavaSecurity之JSSE(SSL/TLS)
- Java网络编程-Nio 实例代码
- Java 网络IO编程总结(BIO、NIO、AIO均含完整实例代码)
- java socket编程实例代码讲解
- SSL/TLS单向双向认证原理
- java socket编程实例代码讲解
- Java 网络IO编程总结(BIO、NIO、AIO均含完整实例代码)
- Java Android SSL 双向认证代码
- SSL/TLS的Java实现--JSSE
- 使用Java进行SNMP编程-SNMP4J-SNMPv1/v2-代码实例
- 使用Java进行SNMP编程-SNMP4J-SNMPv1/v2-代码实例
- Java Android SSL 双向认证代码