Java Tutorial/Security/SSL Socket
Содержание
- 1 Get peer certificate from SSL session
- 2 Retrieving the Certification Path of an SSL Server
- 3 Send html(gif) file through SSLSocket
- 4 SSL Client Demo
- 5 SSL Client Session
- 6 SSL Client Verifier
- 7 SSL Client with javax.net.ssl.trustStore setting
- 8 SSLContext and Key manager
- 9 SSL Server Session
- 10 SSL Server with KeyStore and Key Store Password setting
- 11 SSL Simple Client
- 12 SSL Simple Server
- 13 SSL Socket Client
- 14 SSL Socket Server
- 15 Sun SSL Socket Client
- 16 Sun SSL Socket Server
- 17 Use SSLServerSocketFactory to create a SSL Server
Get peer certificate from SSL session
<source lang="java">
import java.io.FileOutputStream; import java.io.ObjectOutputStream; import java.security.cert.CertPath; import java.security.cert.CertificateFactory; import java.util.ArrayList; import java.util.List; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket("127.0.0.1", 8888); socket.startHandshake(); SSLSession session = socket.getSession(); java.security.cert.Certificate[] servercerts = session.getPeerCertificates(); List mylist = new ArrayList(); for (int i = 0; i < servercerts.length; i++) { mylist.add(servercerts[i]); } CertificateFactory cf = CertificateFactory.getInstance("X.509"); CertPath cp = cf.generateCertPath(mylist); FileOutputStream f = new FileOutputStream("CertPath.dat"); ObjectOutputStream b = new ObjectOutputStream(f); b.writeObject(cp); }
}</source>
Retrieving the Certification Path of an SSL Server
<source lang="java">
import java.security.cert.Certificate; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; public class Main {
public static void main(String[] argv) throws Exception { int port = 443; String hostname = "hostname"; SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory(); SSLSocket socket = (SSLSocket) factory.createSocket(hostname, port); socket.startHandshake(); // Retrieve the server"s certificate chain Certificate[] serverCerts = socket.getSession().getPeerCertificates(); socket.close(); }
}</source>
Send html(gif) file through SSLSocket
<source lang="java">
import java.io.BufferedReader; import java.io.FileOutputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.io.PrintStream; import java.net.Socket; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { FileOutputStream fouts = null; System.setProperty("javax.net.ssl.trustStore", "clienttrust"); SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); Socket s = ssf.createSocket("127.0.0.1", 5432); OutputStream outs = s.getOutputStream(); PrintStream out = new PrintStream(outs); InputStream ins = s.getInputStream(); BufferedReader in = new BufferedReader(new InputStreamReader(ins)); out.println(args[0]); fouts = new FileOutputStream("result.html");
// fouts = new FileOutputStream("result.gif");
int kk; while ((kk = ins.read()) != -1) { fouts.write(kk); } in.close(); fouts.close(); }
}</source>
SSL Client Demo
<source lang="java">
import java.io.BufferedReader; import java.io.InputStreamReader; import java.net.Socket; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); Socket s = ssf.createSocket("127.0.0.1", 5432); BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream())); String x = in.readLine(); System.out.println(x); in.close(); }
}</source>
SSL Client Session
<source lang="java">
import java.io.BufferedReader; import java.io.InputStreamReader; import java.math.BigInteger; import java.net.Socket; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { System.setProperty("javax.net.ssl.trustStore", "clienttrust"); SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); Socket s = ssf.createSocket("127.0.0.1", 5432); SSLSession session = ((SSLSocket) s).getSession(); Certificate[] cchain = session.getPeerCertificates(); System.out.println("The Certificates used by peer"); for (int i = 0; i < cchain.length; i++) { System.out.println(((X509Certificate) cchain[i]).getSubjectDN()); } System.out.println("Peer host is " + session.getPeerHost()); System.out.println("Cipher is " + session.getCipherSuite()); System.out.println("Protocol is " + session.getProtocol()); System.out.println("ID is " + new BigInteger(session.getId())); System.out.println("Session created in " + session.getCreationTime()); System.out.println("Session accessed in " + session.getLastAccessedTime()); BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream())); String x = in.readLine(); System.out.println(x); in.close(); }
}</source>
SSL Client Verifier
<source lang="java">
import java.io.BufferedReader; import java.io.InputStreamReader; import java.io.PrintWriter; import javax.net.SocketFactory; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocketFactory; import javax.security.cert.X509Certificate; import sun.security.x509.X500Name; public class MainClass {
public static void main(String[] args) throws Exception { SocketFactory sf = SSLSocketFactory.getDefault(); SSLSocket s = (SSLSocket) sf.createSocket(args[0], Integer.parseInt(args[1])); SSLSession sess = s.getSession(); String host = sess.getPeerHost(); X509Certificate[] certs = sess.getPeerCertificateChain(); String dn = certs[0].getSubjectDN().getName(); X500Name name = new X500Name(dn); if (!host.equals(name.getCommonName())) System.out.println("Warning: Expected " + host + " and got " + name.getCommonName()); BufferedReader br = new BufferedReader(new InputStreamReader(s.getInputStream())); PrintWriter pw = new PrintWriter(s.getOutputStream()); pw.println("hi"); pw.flush(); System.out.println(br.readLine()); s.close(); }
}</source>
SSL Client with javax.net.ssl.trustStore setting
<source lang="java">
import java.io.BufferedReader; import java.io.InputStreamReader; import java.net.Socket; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { System.setProperty("javax.net.ssl.trustStore", "clienttrust"); SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault(); Socket s = ssf.createSocket("127.0.0.1", 5432); BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream())); String x = in.readLine(); System.out.println(x); in.close(); }
}</source>
SSLContext and Key manager
<source lang="java">
import java.io.FileInputStream; import java.io.PrintStream; import java.net.ServerSocket; import java.net.Socket; import java.security.KeyStore; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLServerSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { SSLContext context; KeyManagerFactory kmf; KeyStore ks; char[] storepass = "newpass".toCharArray(); char[] keypass = "wshr.ut".toCharArray(); String storename = "newstore"; context = SSLContext.getInstance("TLS"); kmf = KeyManagerFactory.getInstance("SunX509"); FileInputStream fin = new FileInputStream(storename); ks = KeyStore.getInstance("JKS"); ks.load(fin, storepass); kmf.init(ks, keypass); context.init(kmf.getKeyManagers(), null, null); SSLServerSocketFactory ssf = context.getServerSocketFactory(); ServerSocket ss = ssf.createServerSocket(5432); while (true) { Socket s = ss.accept(); PrintStream out = new PrintStream(s.getOutputStream()); out.println("Hi"); out.close(); s.close(); } }
}</source>
SSL Server Session
<source lang="java">
import java.io.PrintStream; import java.math.BigInteger; import java.net.ServerSocket; import java.net.Socket; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; public class MainClass {
public static void main(String args[]) throws Exception { System.setProperty("javax.net.ssl.keyStore", "lfkeystore2"); System.setProperty("javax.net.ssl.keyStorePassword", "wshr.ut"); SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(5432); while (true) { Socket s = ss.accept(); SSLSession session = ((SSLSocket) s).getSession(); Certificate[] cchain2 = session.getLocalCertificates(); for (int i = 0; i < cchain2.length; i++) { System.out.println(((X509Certificate) cchain2[i]).getSubjectDN()); } System.out.println("Peer host is " + session.getPeerHost()); System.out.println("Cipher is " + session.getCipherSuite()); System.out.println("Protocol is " + session.getProtocol()); System.out.println("ID is " + new BigInteger(session.getId())); System.out.println("Session created in " + session.getCreationTime()); System.out.println("Session accessed in " + session.getLastAccessedTime()); PrintStream out = new PrintStream(s.getOutputStream()); out.println("Hi"); out.close(); s.close(); } }
}</source>
SSL Server with KeyStore and Key Store Password setting
<source lang="java">
import java.io.PrintStream; import java.net.ServerSocket; import java.net.Socket; import javax.net.ssl.SSLServerSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { System.setProperty("javax.net.ssl.keyStore", "mykeystore"); System.setProperty("javax.net.ssl.keyStorePassword", "wshr.ut"); SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(5432); while (true) { Socket s = ss.accept(); PrintStream out = new PrintStream(s.getOutputStream()); out.println("Hi"); out.close(); s.close(); } }
}</source>
SSL Simple Client
<source lang="java">
import java.io.BufferedReader; import java.io.InputStreamReader; import java.io.PrintWriter; import java.net.Socket; import javax.net.SocketFactory; import javax.net.ssl.SSLSocketFactory; public class MainClass {
public static void main(String[] args) throws Exception { SocketFactory sf = SSLSocketFactory.getDefault(); Socket s = sf.createSocket(args[0], Integer.parseInt(args[1])); BufferedReader br = new BufferedReader(new InputStreamReader(s.getInputStream())); PrintWriter pw = new PrintWriter(s.getOutputStream()); System.out.println("Who is Sylvia?"); pw.println("Who is Sylvia?"); pw.flush(); System.out.println(br.readLine()); s.close(); }
}</source>
SSL Simple Server
<source lang="java">
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.io.PrintWriter; import java.net.ServerSocket; import java.net.Socket; import javax.net.ServerSocketFactory; import javax.net.ssl.SSLServerSocketFactory; public class MainClass extends Thread {
public static void main(String[] args) throws Exception { ServerSocketFactory ssf = SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(9096); while (true) { new SSLSimpleServer(ss.accept()).start(); } } private Socket sock; public SSLSimpleServer(Socket s) { sock = s; } public void run() { try { BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream())); PrintWriter pw = new PrintWriter(sock.getOutputStream()); String data = br.readLine(); pw.println("What is she?"); pw.close(); sock.close(); } catch (IOException ioe) { // Client disconnected } }
}</source>
SSL Socket Client
<source lang="java">
import java.io.*; import java.net.*; import javax.net.ssl.*; public class MainClass {
private static final String HOST = "localhost"; private static final int PORT = 8080; public static void main(String[] args) throws Exception { SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault(); Socket s = sf.createSocket(HOST, PORT); OutputStream out = s.getOutputStream(); out.write("\nConnection established.\n\n".getBytes()); out.flush(); int theCharacter = 0; theCharacter = System.in.read(); while (theCharacter != "~") // The "~" is an escape character to exit { out.write(theCharacter); out.flush(); theCharacter = System.in.read(); } out.close(); s.close(); }
}</source>
SSL Socket Server
<source lang="java">
import java.io.*; import java.net.*; import javax.net.ssl.*; public class MainClass {
private static final int PORT = 8080; public static void main(String[] args) throws Exception { SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(PORT); Socket s = ss.accept(); BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream())); String line = null; while (((line = in.readLine()) != null)) { System.out.println(line); } in.close(); s.close(); }
}</source>
Sun SSL Socket Client
<source lang="java">
import java.io.*; import java.net.*; import java.security.*; import javax.net.ssl.SSLSocketFactory; import com.sun.net.ssl.SSLContext; import com.sun.net.ssl.TrustManagerFactory; import com.sun.net.ssl.TrustManager; public class MainClass {
private static final String HOST = "localhost"; private static final int PORT = 8080; public static void main(String[] args) throws Exception { char[] passphrase = "sasquatch".toCharArray(); KeyStore keystore = KeyStore.getInstance("JKS"); keystore.load(new FileInputStream(".keystore"), passphrase); TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509"); tmf.init(keystore); SSLContext context = SSLContext.getInstance("TLS"); TrustManager[] trustManagers = tmf.getTrustManagers(); context.init(null, trustManagers, null); SSLSocketFactory sf = context.getSocketFactory(); Socket s = sf.createSocket(HOST, PORT); OutputStream out = s.getOutputStream(); out.write("\nConnection established.\n\n".getBytes()); int theCharacter = 0; theCharacter = System.in.read(); while (theCharacter != "~") // The "~" is an escape character to exit { out.write(theCharacter); out.flush(); theCharacter = System.in.read(); } out.close(); s.close(); }
}</source>
Sun SSL Socket Server
<source lang="java">
import java.io.*; import java.net.*; import java.security.*; import javax.net.ssl.*; import com.sun.net.ssl.*; public class MainClass {
private static final int PORT = 8080; public static void main(String[] args) throws Exception { char[] passphrase = "password".toCharArray(); KeyStore keystore = KeyStore.getInstance("JKS"); keystore.load(new FileInputStream(".keystore"), passphrase); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(keystore, passphrase); SSLContext context = SSLContext.getInstance("TLS"); KeyManager[] keyManagers = kmf.getKeyManagers(); context.init(keyManagers, null, null); SSLServerSocketFactory ssf = context.getServerSocketFactory(); ServerSocket ss = ssf.createServerSocket(PORT); Socket s = ss.accept(); BufferedReader in = new BufferedReader(new InputStreamReader(s.getInputStream())); String line = null; while (((line = in.readLine()) != null)) { System.out.println(line); } in.close(); s.close(); }
}</source>
Use SSLServerSocketFactory to create a SSL Server
<source lang="java">
import java.io.PrintStream; import java.net.ServerSocket; import java.net.Socket; import javax.net.ssl.SSLServerSocketFactory; public class MainClass {
public static void main(String args[]) throws Exception { SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); ServerSocket ss = ssf.createServerSocket(5432); while (true) { Socket s = ss.accept(); PrintStream out = new PrintStream(s.getOutputStream()); out.println("Hi"); out.close(); s.close(); } }
}</source>