java实现SSL双向认证_第1页
java实现SSL双向认证_第2页
java实现SSL双向认证_第3页
java实现SSL双向认证_第4页
java实现SSL双向认证_第5页
已阅读5页,还剩9页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

1、实现技术:JSSE(JavaSecuritySocketExtension)是Sun为了解决在Internet上的实现安全信息传输的解决方案。它实现了SSL和TSL(传输层安全)协议。在JSSE中包含了数据加密,服务器验证,消息完整性和客户端验证等技术。通过使用JSSE,可以在Client和Server之间通过TCP/IP协议安全地传输数据。为了实现消息认证。Server需要:1)KeyStore:其中保存服务端的私钥2)TrustKeyStore:其中保存客户端的授权证书Client需要:1)KeyStore:其中保存客户端的私钥2)TrustKeyStore:其中保存服务端的授权证书使用J

2、ava自带的keytool命令,去生成这样信息文件:1)生成服务端私钥,并且导入到服务端KeyStore文件中C:SPiogranFilesJauajdkl.6-0_03binkeytool-genkey-aliasserueikey-keystoikseiuei.keystoret入kEyutoFE密码:次输入新密码:您的曇字耳姓氏是什公?Unknoun:lee您的组织单笹名称是什公了Unknoun:cib您的组织名称是什么了Unknown:china您所在的城市或区域名称是什公?Unknoun:peiking您所在的州或省份名称是什么?Unknoun:xizhimen核单位的两字母国家代码

3、是什么Unknown-cnCN=lee,OU=crb,O=china,L=peiking,ST=xiziimen,C=cn正确吗?否】:y输入曲匹片1砂两主密码(如果和keystore密俏杠同,按回车):2)根据私钥,导出服务端证书C:XPiogpamFilesXJauaXjdkl.6.0_03binkeytool-export-aliasserueikey-keystorekseruer.kEyutoFE-fileseruep.cit密码:録存在文件申的认证3)将服务端证书,导入到客户端的TrustKeyStore中至gunFeb2215:34:S6CST20639L=peiking,L=p

4、eiking,ST=xizliimen,C=cnST=xizhinenxC=cn:ProgramFilesXJauaXjdkl.6.0_03Xbinkeytoo1-import-aliasseruerkeyer.crt-keystovetclient.keystore入kzyiitcny密码:迟次输入新密码:CN=lee,OU=crb,0=01110&:CN=lee,OU=crb,O=chinaJ至gunFeb2215:34:S6CST20639L=peiking,L=peiking,ST=xizliimen,C=cnST=xizhinenxC=cn:ProgramFilesXJauaXjdk

5、l.6.0_03Xbinkeytoo1-import-aliasseruerkeyer.crt-keystovetclient.keystore入kzyiitcny密码:迟次输入新密码:CN=lee,OU=crb,0=01110&:CN=lee,OU=crb,O=chinaJ,;492a58eeJMonNou241534:06CST书指纹厂-file1M5:E5:31:CCi34:2D:46:5F:71:AF:44:721C:F3:4C:48:4EseSHA1:11:2QiE&:C0:Bfi:D6:E5:Al:85:1263?1D:48:F2:88:D1:64:12iE0:18签名算法名称:S

6、HAluithDSA版本:3言任这个认证?否坯9证已添则至keystore甲采用同样的方法,生成客户端的私钥,客户端的证书,并且导入到服务端的TrustKeyStore中keytool-genkey-aliasclientkey-keystorekclient.keystorekeytool-export-aliasclientkey-keystorekclient.keystore-fileclient.crtkeytool-import-aliasclientkey-fileclient.crt-keystoretserver.keystore=可何口ient.js團雋-=可何口ient.

7、js團雋-笃p:V:=LLidatEsrc叮agent田com.stone,study,vida+eEl.5岀:回:由.CliEnt.javaServer,javakcliEnt.keystotEkserver.keystoirEteliETLt.keystoretserver.除yEtorEinqjortiavax口已匸吕丄.SSLCont.ext;inqjortiava:net吕;s丄SSLServerSocket;lnq)ortjavaxnet吕曰丄T匸口曰匸Manage匸Factory;1617=718*19*authorLeo20*/21pulilicclassServerinqil

8、ementsRunni5iljle滋privatestaticfinalintEEFAULf24ServerJava代码packagessl;importjava.io.BufferedInputStream;importjava.io.BufferedOutputStream;importjava.io.FileInputStream;importjava.io.InputStream;importjava.io.OutputStream;.Socket;importjava.security.KeyStore;.ssl.KeyManagerFactory;.ssl.SSLContext;.

9、ssl.SSLServerSocket;.ssl.TrustManagerFactory;/*authorLeo*/publicclassServerimplementsRunnableprivatestaticfinalintDEFAULT_PORT=7777;privatestaticfinalStringSERVER_KEY_STORE_PASSWORD=123456;privatestaticfinalStringSERVER_TRUST_KEY_STORE_PASSWORD=123456;privateSSLServerSocketserverSocket;/*启动程序*parama

10、rgs*/publicstaticvoidmain(Stringargs)Serverserver=newServer();server.init();Threadthread=newThread(server);thread.start();publicsynchronizedvoidstart()if(serverSocket=null)System.out.println(ERROR);return;while(true)trySockets=serverSocket.accept();InputStreaminput=s.getInputStream();OutputStreamout

11、put=s.getOutputStream();BufferedInputStreambis=newBufferedInputStream(input);BufferedOutputStreambos=newBufferedOutputStream(output);bytebuffer=newbyte20;bis.read(buffer);System.out.println(receive:+newString(buffer).toString();bos.write(yes.getBytes();bos.flush();s.close();catch(Exceptione)System.o

12、ut.println(e);publicvoidinit()trySSLContextctx=SSLContext.getInstance(SSL);KeyManagerFactorykmf=KeyManagerFactory.getInstance(SunX509);TrustManagerFactorytmf=TrustManagerFactory.getInstance(SunX509);KeyStoreks=KeyStore.getInstance(JKS);KeyStoretks=KeyStore.getInstance(JKS);ks.load(newFileInputStream

13、(src/ssl/kserver.keystore),SERVER_KEY_STORE_PASSWORD.toCharArray();tks.load(newFileInputStream(src/ssl/tserver.keystore),SERVER_TRUST_KEY_STORE_PASSWORD.toCharArray();kmf.init(ks,SERVER_KEY_STORE_PASSWORD.toCharArray();tmf.init(tks);ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(),null);serverSo

14、cket=(SSLServerSocket)ctx.getServerSocketFactory().createServerSocket(DEFAULT_PORT);serverSocket.setNeedClientAuth(true);catch(Exceptione)System.out.println(e);publicvoidrun()/TODOAuto-generatedmethodstubstart();packagessl;importjava.io.BufferedInputStream;importjava.io.BufferedOutputStream;importja

15、va.io.FileInputStream;importjava.io.InputStream;importjava.io.OutputStream;.Socket;importjava.security.KeyStore;.ssl.KeyManagerFactory;.ssl.SSLContext;.ssl.SSLServerSocket;.ssl.TrustManagerFactory;/*authorLeo*/publicclassServerimplementsRunnableprivatestaticfinalintDEFAULT_PORT=7777;privatestaticfin

16、alStringSERVER_KEY_STORE_PASSWORD=123456;privatestaticfinalStringSERVER_TRUST_KEY_STORE_PASSWORD=123456;privateSSLServerSocketserverSocket;/*启动程序*paramargs*/publicstaticvoidmain(Stringargs)Serverserver=newServer();server.init();Threadthread=newThread(server);thread.start();publicsynchronizedvoidstar

17、t()if(serverSocket=null)System.out.println(ERROR);return;while(true)trySockets=serverSocket.accept();InputStreaminput=s.getInputStream();OutputStreamoutput=s.getOutputStream();BufferedInputStreambis=newBufferedInputStream(input);BufferedOutputStreambos=newBufferedOutputStream(output);bytebuffer=newb

18、yte20;bis.read(buffer);System.out.println(receive:+newString(buffer).toString();bos.write(yes.getBytes();bos.flush();s.close();catch(Exceptione)System.out.println(e);publicvoidinit()trySSLContextctx=SSLContext.getInstance(SSL);KeyManagerFactorykmf=KeyManagerFactory.getInstance(SunX509);TrustManagerF

19、actorytmf=TrustManagerFactory.getInstance(SunX509);KeyStoreks=KeyStore.getInstance(JKS);KeyStoretks=KeyStore.getInstance(JKS);ks.load(newFileInputStream(src/ssl/kserver.keystore),SERVER_KEY_STORE_PASSWORD.toCharArray();tks.load(newFileInputStream(src/ssl/tserver.keystore),SERVER_TRUST_KEY_STORE_PASS

20、WORD.toCharArray();kmf.init(ks,SERVER_KEY_STORE_PASSWORD.toCharArray();tmf.init(tks);ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(),null);serverSocket(SSLServerSocket)serverSocket(SSLServerSocket)ctx.getServerSocketFactory().createServerSocket(DEFAULT_PORT);serverSocket.setNeedClientAuth(true)

21、;catch(Exceptione)System.out.println(e);publicvoidrun()/TODOAuto-generatedmethodstubstart();Client:Java代码packagessl;importjava.io.BufferedInputStream;importjava.io.BufferedOutputStream;importjava.io.FileInputStream;importjava.io.IOException;importjava.io.InputStream;importjava.io.OutputStream;import

22、java.security.KeyStore;.ssl.KeyManagerFactory;.ssl.SSLContext;.ssl.SSLSocket;.ssl.TrustManagerFactory;/*SSLClient*authorLeo*/publicclassClientprivatestaticfinalStringDEFAULT_HOST=;privatestaticfinalintDEFAULT_PORT=7777;privatestaticfinalStringCLIENT_KEY_STORE_PASSWORD=123456;privatestaticfinalString

23、CLIENT_TRUST_KEY_STORE_PASSWORD=123456;privateSSLSocketsslSocket;/*启动客户端程序*paramargs*/publicstaticvoidmain(Stringargs)Clientclient=newClient();client.init();cess();publicvoidprocess()if(sslSocket=null)System.out.println(ERROR);return;tryInputStreaminput=sslSocket.getInputStream();OutputStreamoutput=

24、sslSocket.getOutputStream();BufferedInputStreambis=newBufferedInputStream(input);BufferedOutputStreambos=newBufferedOutputStream(output);bos.write(1234567890.getBytes();bos.flush();bytebuffer=newbyte20;bis.read(buffer);System.out.println(newString(buffer);sslSocket.close();catch(IOExceptione)System.

25、out.println(e);publicvoidinit()trySSLContextctx=SSLContext.getInstance(SSL);KeyManagerFactorykmf=KeyManagerFactory.getInstance(SunX509);TrustManagerFactorytmf=TrustManagerFactory.getInstance(SunX509);KeyStoreks=KeyStore.getInstance(JKS);KeyStoretks=KeyStore.getInstance(JKS);ks.load(newFileInputStrea

26、m(src/ssl/kclient.keystore),CLIENT_KEY_STORE_PASSWORD.toCharArray();tks.load(newFileInputStream(src/ssl/tclient.keystore),CLIENT_TRUST_KEY_STORE_PASSWORD.toCharArray();kmf.init(ks,CLIENT_KEY_STORE_PASSWORD.toCharArray();tmf.init(tks);ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(),null);sslSock

27、et=(SSLSocket)ctx.getSocketFactory().createSocket(DEFAULT_HOST,DEFAULT_PORT);catch(Exceptione)System.out.println(e);packagessl;importjava.io.BufferedInputStream;importjava.io.BufferedOutputStream;importjava.io.FileInputStream;importjava.io.IOException;importjava.io.InputStream;importjava.io.OutputSt

28、ream;importjava.security.KeyStore;.ssl.KeyManagerFactory;.ssl.SSLContext;.ssl.SSLSocket;.ssl.TrustManagerFactory;/*SSLClient*authorLeo*/publicclassClientprivatestaticfinalStringDEFAULT_HOST=;privatestaticfinalintDEFAULT_PORT=7777;privatestaticfinalStringCLIENT_KEY_STORE_PASSWORD=123456;privatestatic

29、finalStringCLIENT_TRUST_KEY_STORE_PASSWORD=123456;privateSSLSocketsslSocket;/*启动客户端程序*paramargs*/publicstaticvoidmain(Stringargs)Clientclient=newClient();client.init();cess();publicvoidprocess()if(sslSocket=null)System.out.println(ERROR);return;tryInputStreaminput=sslSocket.getInputStream();OutputSt

30、reamoutput=sslSocket.getOutputStream();BufferedInputStreambis=newBufferedInputStream(input);BufferedOutputStreambos=newBufferedOutputStream(output);bos.write(1234567890.getBytes();bos.flush();bytebuffer=newbyte20;bis.read(buffer);System.out.println(newString(buffer);sslSocket.close();catch(IOExceptione)System.out.println(e);publicvoidinit()trySSLContextctx=SSLContext.getInstance(SSL);KeyManagerFactorykmf=KeyManagerFactory.getInstance(SunX509);TrustManagerFactorytmf=TrustManagerFactory.getInstance(SunX509);KeyStoreks=KeyStore.getInstance(JKS);KeyStoretks=KeyStore.getInstance(JKS)

人人文库> 全部分类> 行业资料 > 信息产业

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

最新文档

评论

0/150

提交评论