实现简单的https 对话
客户端:
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.io.PrintStream; import java.net.Socket; import java.net.UnknownHostException; import javax.net.ssl.SSLSocketFactory; /** * */ /** * * @author tjx */ public class SSLClient { public static final int port = 16667; public static void startSSLClient(){ try { System.setProperty("javax.net.ssl.trustStore", "c:\\clientkey.jks"); // 设置可信任的密钥仓库 System.setProperty("javax.net.ssl.trustStorePassword","12264459"); // 设置可信任的密钥仓库密码 SSLSocketFactory sslf =(SSLSocketFactory) SSLSocketFactory.getDefault(); Socket sk = sslf.createSocket("localhost",port); System.out.println("Client OK ~"); System.out.println("============"); System.out.println(); BufferedReader socketIn = new BufferedReader(new InputStreamReader(sk.getInputStream()));// 接受到的信息 PrintStream socketOut = new PrintStream(sk.getOutputStream());// 要发送的信息 BufferedReader userIn = new BufferedReader(new InputStreamReader(System.in));// 用户输入信息 String s; while(true){ System.out.print("Client Message: "); s = userIn.readLine(); socketOut.println(s); if (s.trim().equals("BYE")) break; else { System.out.println("Please wait Server Message.."); System.out.println(""); } s = socketIn.readLine(); System.out.println("Server Message: " + s); if (s.trim().equals("BYE")) break; } socketIn.close(); socketOut.close(); userIn.close(); sk.close(); } catch (UnknownHostException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } public static void main(String[] args) { startSSLClient(); } }
服务端:
import java.io.BufferedReader; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStreamReader; import java.io.PrintStream; import java.net.InetSocketAddress; import java.net.Socket; import java.net.SocketAddress; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocketFactory; /** * */ /** * * @author tjx */ public class SSLServer { public static void startSSLServer() throws IOException{ int port = 16667; String keyFile = "c:\\serverkey.jks";//证书仓库文件 String keyFilePass = "sdfa4459";//证书仓库密码 String keyPass = "fa6f459";//证书别名密码 KeyStore ks = null; //密匙库 KeyManagerFactory kmf = null; //密匙工厂 SSLContext sc = null;//安全连接方式 SSLServerSocket ssls = null; try { ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream(keyFile),keyFilePass.toCharArray()); //创建管理JKS 密匙库的 X.509 密匙管理器 kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init(ks,keyPass.toCharArray()); //构造SSL环境,指定SSL版本为3.0,也可以使用TLSv1,但是SSLv3更加常用 sc = SSLContext.getInstance("SSLv3"); //初始化SSL环境。第二个参数是告诉JSSE使用的可信任证书的来源, //设置为null是从javax.net.ssl.trustStore中获得证书。第三个参数是JSSE生成的随机数, //这个参数将影响系统的安全性,设置为null是个好选择,可以保证JSSE的安全性。 sc.init(kmf.getKeyManagers(), null,null); } catch (KeyStoreException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (FileNotFoundException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (UnrecoverableKeyException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); } SSLServerSocketFactory sslsf = sc.getServerSocketFactory(); ssls = (SSLServerSocket) sslsf.createServerSocket(); SocketAddress sa = new InetSocketAddress("localhost",port); ssls.bind(sa); System.out.println("Listenning ..."); Socket sk =(Socket) ssls.accept(); System.out.println("Server Connection OK ~"); System.out.println("======================"); System.out.println(); BufferedReader socketIn = new BufferedReader(new InputStreamReader(sk.getInputStream())); BufferedReader userIn = new BufferedReader(new InputStreamReader(System.in)); PrintStream socketOut = new PrintStream(sk.getOutputStream()); String s; while(true){ System.out.println("Please wait client message ... "); System.out.println(); s = socketIn.readLine(); System.out.println("Client MSG:"+s); if("BYE".equalsIgnoreCase(s.trim())) break; System.out.print("Server MSG: "); s = userIn.readLine(); System.out.println(s); socketOut.println(s); if("BYE".equalsIgnoreCase(s.trim())) break; } socketIn.close(); userIn.close(); socketOut.close(); sk.close(); } public static void main(String[] args) { try { startSSLServer(); } catch (IOException e) { e.printStackTrace(); } } }