导读:
Java开发工具包 (JDK)对加密和安全性有很好的支持。其中一个优势就是其内置的对Socket通信的支持。因此,很容易做到在服务器和客户之间建立安全的数据流。
流
Java streams 是一个强大的编程工具。java.io包提供了很多标准的流类型,并能很容易的建立自己的流类型。流的一个有用的特点是和链表一样的简单处理过程。表 A是一个用链表读取文本的例子。
ufferedReader br =
new BufferedReader(
new FileReader(“c:/foo.txt”));
String line = null;
while((line = br.readLine()) != null) {
System.out.println(line);
}
这段代码将 FileReader和 BufferedReader链接起来。我们在用客户机/服务器应用程序的时候也会用到类似的概念。
关键字
对于验证来说,关键字很重要,表 B (KeyGen.java)提供了一个称为 getSecretKey的标准方法。通过运行KeyGen来产生一个关键字。因为我们采用同步方法,所以客户机和服务器必须用相同的关键字。
isting B?KeyGen.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 19, 2002
* Time: 9:33:22 AM
*/
import com.sun.crypto.provider.SunJCE;
import javax.crypto.KeyGenerator;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
public class KeyGen {
public static final String KEY_FILE = "secret.key";
public static final String ALGORITHM = "DES";
public static void main(String[] args) {
Security.addProvider(new SunJCE());
new KeyGen();
}
public KeyGen() {
KeyGenerator kg = null;
try {
kg = KeyGenerator.getInstance(ALGORITHM);
Key key = kg.generateKey();
writeKey(KEY_FILE, key);
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
private void writeKey(String filename, Object o) {
try {
FileOutputStream fos = new FileOutputStream(filename);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(o);
oos.flush();
fos.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
public static Key getSecretKey() {
Security.addProvider(new SunJCE());
FileInputStream fis = null;
try {
fis = new FileInputStream(KEY_FILE);
}
catch (FileNotFoundException e) {
e.printStackTrace();
}
Key key = null;
try {
ObjectInputStream ois = null;
ois = new ObjectInputStream(fis);
key = null;
key = (Key) ois.readObject();
}
catch (IOException e) {
e.printStackTrace();
}
catch (ClassNotFoundException e) {
e.printStackTrace();
}
System.out.println("key = " + key);
return key;
}
}
安全socket
我们从一个简单的类开始,它提供我们在普通socket对象之上的加密。表 C (SecretSocket.java) 包含了两段代码-Socket和Key对象。我们的构造器创建了变量并初始化了密码:
outCipher = Cipher.getInstance(algorithm);
outCipher.init(Cipher.ENCRYPT_MODE, key);
inCipher = Cipher.getInstance(algorithm);
inCipher.init(Cipher.DECRYPT_MODE, key);
isting C?SecretSocket.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:07:51 AM
*/
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
public class SecretSocket {
private Key key = null;
private Cipher outCipher = null;
private Cipher inCipher = null;
private CipherInputStream cis = null;
private CipherOutputStream cos = null;
private Socket socket = null;
private String algorithm = "DES";
public SecretSocket(Socket socket, Key key) {
this.socket = socket;
this.key = key;
algorithm = key.getAlgorithm();
initializeCipher();
}
private void initializeCipher() {
try {
outCipher = Cipher.getInstance(algorithm);
outCipher.init(Cipher.ENCRYPT_MODE, key);
inCipher = Cipher.getInstance(algorithm);
inCipher.init(Cipher.DECRYPT_MODE, key);
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
catch (NoSuchPaddingException e) {
e.printStackTrace();
}
catch (InvalidKeyException e) {
e.printStackTrace();
}
}
public InputStream getInputStream() throws IOException {
InputStream is = socket.getInputStream();
cis = new CipherInputStream(is, inCipher);
return cis;
}
public OutputStream getOutputStream() throws IOException {
OutputStream os = socket.getOutputStream();
cos = new CipherOutputStream(os, outCipher);
return cos;
}
}
因为socket是双向的通信,所以我们采用两个密码。加密输出的数据并解密输入的数据。我们使用getInputStream()和 getOutputStream(),这两种方法来加密合解密通用的输入和输出的经过包装的数据流。见 表 D 。
isting D
public InputStream getInputStream() throws IOException {
InputStream is = socket.getInputStream();
cis = new CipherInputStream(is, inCipher);
return cis;
}
public OutputStream getOutputStream() throws IOException {
OutputStream os = socket.getOutputStream();
cos = new CipherOutputStream(os, outCipher);
return cos;
}
在JCE的javax.crypto包中包含CipherInputStream和 CipherOutputStream这两种流类型。他们接收输入输出的流对象和密码对象。
Socket 服务器
开始写我们的socket服务器类吧。 表 E (SecretSocketServer.java)是一个完整的列表。SecretSocketServer在一个端口打开ServerSocket,当接收到连接时,使用SocketHandler产生一个线程来操作连接。
isting E?SecretSocketServer.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:32:17 AM
*/
import java.net.ServerSocket;
import java.net.Socket;
import java.io.IOException;
public class SecretSocketServer {
public static void main(String[] args) {
new SecretSocketServer();
}
public SecretSocketServer() {
ServerSocket ss = null;
try {
ss = new ServerSocket(4444);
}
catch (IOException e) {
e.printStackTrace();
}
while(true) {
try {
System.out.println("Waiting...");
Socket s = ss.accept();
SocketHandler h = new SocketHandler(s);
Thread t = new Thread(h);
t.start();
}
catch (IOException e) {
e.printStackTrace();
}
}
}
}
Socket 句柄
表 F (SocketHandler.java) 确定一个socket对象,通过KeyGen来定位关键字,并建立一个 SecretSocket 对象。.
Key key = KeyGen.getSecretKey();
this.ss = new SecretSocket(s, key);
isting F?SocketHandler.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:34:22 AM
*/
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.Key;
public class SocketHandler implements Runnable {
private Socket s = null;
private SecretSocket ss = null;
private InputStream in = null;
public SocketHandler(Socket s) {
this.s = s;
Key key = KeyGen.getSecretKey();
this.ss = new SecretSocket(s, key);
try {
in = ss.getInputStream();
}
catch (IOException e) {
e.printStackTrace();
}
}
public void run() {
boolean bool = true;
while (bool) {
bool = listen();
}
try {
s.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
public boolean listen() {
int aByte;
try {
while ((aByte = in.read()) >= 0) {
System.out.println((char)aByte);
}
}
catch (IOException e) {
System.out.println("returning false...");
}
return false;
}
}
注意表F中的 ss对SocketHandler来说是一个实变量。所有的socket 处理都是通过SecretSocket而不是Socket对象。然后我们使用下面的代码:
in = ss.getInputStream();
记住,在SecretSocket中,getInputStream是和CipherInputStream以及 InputStream相结合的。因为SocketHandler 是一个可执行的界面,我们为它生成一个 run()方法。这个方法只是在等待socket的数据:
boolean bool = true;
while (bool) {
bool = listen();
}
listen方法用来监听socket 。
int aByte;
while ((aByte = in.read()) >= 0) {
system.out.println((char)aByte);
}
Socket 客户
现在我们来看看客户端。见 表 G 。客户端的工作和服务器端很相似,只是反过来了。首先,我们创立一个套接字连接到服务器。使用KeyGen 找到关键字,创立一个安全套接字(SecretSocket)。然后我们利用它的OutputStream给服务器发送数据:
Key key = KeyGen.getSecretKey();
Socket s = new Socket("localhost", 4444);
SecretSocket ss = new SecretSocket(s, key);
OutputStream os = ss.getOutputStream();
os.write("Hello World!".getBytes());
os.flush();
os.close();
s.close();
总结
通过JCE中的java流和链表,我们可以轻松的加密基于socket的网络通信。
Java开发工具包 (JDK)对加密和安全性有很好的支持。其中一个优势就是其内置的对Socket通信的支持。因此,很容易做到在服务器和客户之间建立安全的数据流。流 Java streams 是一个强大的编程工具。java.io包提供了很多标准的流类型,并能很容易的建立自己的流类型。流的一个有用的特点是和链表一样的简单处理过程。表 A是一个用链表读取文本的例子。 ufferedReader br = new BufferedReader( new FileReader(“c:/foo.txt”)); String line = null; while((line = br.readLine()) != null) { System.out.println(line); }这段代码将 FileReader和 BufferedReader链接起来。我们在用客户机/服务器应用程序的时候也会用到类似的概念。关键字对于验证来说,关键字很重要,表 B (KeyGen.java)提供了一个称为 getSecretKey的标准方法。通过运行KeyGen来产生一个关键字。因为我们采用同步方法,所以客户机和服务器必须用相同的关键字。 isting B?KeyGen.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 19, 2002 * Time: 9:33:22 AM */ import com.sun.crypto.provider.SunJCE; import javax.crypto.KeyGenerator; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.Security; public class KeyGen { public static final String KEY_FILE = "secret.key"; public static final String ALGORITHM = "DES"; public static void main(String[] args) { Security.addProvider(new SunJCE()); new KeyGen(); } public KeyGen() { KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(ALGORITHM); Key key = kg.generateKey(); writeKey(KEY_FILE, key); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } } private void writeKey(String filename, Object o) { try { FileOutputStream fos = new FileOutputStream(filename); ObjectOutputStream oos = new ObjectOutputStream(fos); oos.writeObject(o); oos.flush(); fos.close(); } catch (IOException e) { e.printStackTrace(); } } public static Key getSecretKey() { Security.addProvider(new SunJCE()); FileInputStream fis = null; try { fis = new FileInputStream(KEY_FILE); } catch (FileNotFoundException e) { e.printStackTrace(); } Key key = null; try { ObjectInputStream ois = null; ois = new ObjectInputStream(fis); key = null; key = (Key) ois.readObject(); } catch (IOException e) { e.printStackTrace(); } catch (ClassNotFoundException e) { e.printStackTrace(); } System.out.println("key = " + key); return key; }}安全socket我们从一个简单的类开始,它提供我们在普通socket对象之上的加密。表 C (SecretSocket.java) 包含了两段代码-Socket和Key对象。我们的构造器创建了变量并初始化了密码: outCipher = Cipher.getInstance(algorithm); outCipher.init(Cipher.ENCRYPT_MODE, key); inCipher = Cipher.getInstance(algorithm); inCipher.init(Cipher.DECRYPT_MODE, key); isting C?SecretSocket.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:07:51 AM */ import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import javax.crypto.CipherOutputStream; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.Socket; import java.net.UnknownHostException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.Security; public class SecretSocket { private Key key = null; private Cipher outCipher = null; private Cipher inCipher = null; private CipherInputStream cis = null; private CipherOutputStream cos = null; private Socket socket = null; private String algorithm = "DES"; public SecretSocket(Socket socket, Key key) { this.socket = socket; this.key = key; algorithm = key.getAlgorithm(); initializeCipher(); } private void initializeCipher() { try { outCipher = Cipher.getInstance(algorithm); outCipher.init(Cipher.ENCRYPT_MODE, key); inCipher = Cipher.getInstance(algorithm); inCipher.init(Cipher.DECRYPT_MODE, key); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } } public InputStream getInputStream() throws IOException { InputStream is = socket.getInputStream(); cis = new CipherInputStream(is, inCipher); return cis; } public OutputStream getOutputStream() throws IOException { OutputStream os = socket.getOutputStream(); cos = new CipherOutputStream(os, outCipher); return cos; }}因为socket是双向的通信,所以我们采用两个密码。加密输出的数据并解密输入的数据。我们使用getInputStream()和 getOutputStream(),这两种方法来加密合解密通用的输入和输出的经过包装的数据流。见 表 D 。 isting D public InputStream getInputStream() throws IOException { InputStream is = socket.getInputStream(); cis = new CipherInputStream(is, inCipher); return cis;} public OutputStream getOutputStream() throws IOException { OutputStream os = socket.getOutputStream(); cos = new CipherOutputStream(os, outCipher); return cos;}在JCE的javax.crypto包中包含CipherInputStream和 CipherOutputStream这两种流类型。他们接收输入输出的流对象和密码对象。 Socket 服务器开始写我们的socket服务器类吧。 表 E (SecretSocketServer.java)是一个完整的列表。SecretSocketServer在一个端口打开ServerSocket,当接收到连接时,使用SocketHandler产生一个线程来操作连接。 isting E?SecretSocketServer.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:32:17 AM */ import java.net.ServerSocket; import java.net.Socket; import java.io.IOException; public class SecretSocketServer { public static void main(String[] args) { new SecretSocketServer(); } public SecretSocketServer() { ServerSocket ss = null; try { ss = new ServerSocket(4444); } catch (IOException e) { e.printStackTrace(); } while(true) { try { System.out.println("Waiting..."); Socket s = ss.accept(); SocketHandler h = new SocketHandler(s); Thread t = new Thread(h); t.start(); } catch (IOException e) { e.printStackTrace(); } } }} Socket 句柄表 F (SocketHandler.java) 确定一个socket对象,通过KeyGen来定位关键字,并建立一个 SecretSocket 对象。. Key key = KeyGen.getSecretKey(); this.ss = new SecretSocket(s, key); isting F?SocketHandler.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:34:22 AM */ import java.io.IOException; import java.io.InputStream; import java.net.Socket; import java.security.Key; public class SocketHandler implements Runnable { private Socket s = null; private SecretSocket ss = null; private InputStream in = null; public SocketHandler(Socket s) { this.s = s; Key key = KeyGen.getSecretKey(); this.ss = new SecretSocket(s, key); try { in = ss.getInputStream(); } catch (IOException e) { e.printStackTrace(); } } public void run() { boolean bool = true; while (bool) { bool = listen(); } try { s.close(); } catch (IOException e) { e.printStackTrace(); } } public boolean listen() { int aByte; try { while ((aByte = in.read()) >= 0) { System.out.println((char)aByte); } } catch (IOException e) { System.out.println("returning false..."); } return false; }}注意表F中的 ss对SocketHandler来说是一个实变量。所有的socket 处理都是通过SecretSocket而不是Socket对象。然后我们使用下面的代码: in = ss.getInputStream();记住,在SecretSocket中,getInputStream是和CipherInputStream以及 InputStream相结合的。因为SocketHandler 是一个可执行的界面,我们为它生成一个 run()方法。这个方法只是在等待socket的数据: boolean bool = true; while (bool) { bool = listen();} listen方法用来监听socket 。 int aByte; while ((aByte = in.read()) >= 0) { system.out.println((char)aByte);} Socket 客户现在我们来看看客户端。见 表 G 。客户端的工作和服务器端很相似,只是反过来了。首先,我们创立一个套接字连接到服务器。使用KeyGen 找到关键字,创立一个安全套接字(SecretSocket)。然后我们利用它的OutputStream给服务器发送数据: Key key = KeyGen.getSecretKey(); Socket s = new Socket("localhost", 4444); SecretSocket ss = new SecretSocket(s, key); OutputStream os = ss.getOutputStream(); os.write("Hello World!".getBytes()); os.flush(); os.close(); s.close();总结通过JCE中的java流和链表,我们可以轻松的加密基于socket的网络通信。
本文转自
http://www.cn-java.com/www1/?action-viewnews-itemid-3248
Java开发工具包 (JDK)对加密和安全性有很好的支持。其中一个优势就是其内置的对Socket通信的支持。因此,很容易做到在服务器和客户之间建立安全的数据流。
流
Java streams 是一个强大的编程工具。java.io包提供了很多标准的流类型,并能很容易的建立自己的流类型。流的一个有用的特点是和链表一样的简单处理过程。表 A是一个用链表读取文本的例子。
ufferedReader br =
new BufferedReader(
new FileReader(“c:/foo.txt”));
String line = null;
while((line = br.readLine()) != null) {
System.out.println(line);
}
这段代码将 FileReader和 BufferedReader链接起来。我们在用客户机/服务器应用程序的时候也会用到类似的概念。
关键字
对于验证来说,关键字很重要,表 B (KeyGen.java)提供了一个称为 getSecretKey的标准方法。通过运行KeyGen来产生一个关键字。因为我们采用同步方法,所以客户机和服务器必须用相同的关键字。
isting B?KeyGen.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 19, 2002
* Time: 9:33:22 AM
*/
import com.sun.crypto.provider.SunJCE;
import javax.crypto.KeyGenerator;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
public class KeyGen {
public static final String KEY_FILE = "secret.key";
public static final String ALGORITHM = "DES";
public static void main(String[] args) {
Security.addProvider(new SunJCE());
new KeyGen();
}
public KeyGen() {
KeyGenerator kg = null;
try {
kg = KeyGenerator.getInstance(ALGORITHM);
Key key = kg.generateKey();
writeKey(KEY_FILE, key);
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
private void writeKey(String filename, Object o) {
try {
FileOutputStream fos = new FileOutputStream(filename);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(o);
oos.flush();
fos.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
public static Key getSecretKey() {
Security.addProvider(new SunJCE());
FileInputStream fis = null;
try {
fis = new FileInputStream(KEY_FILE);
}
catch (FileNotFoundException e) {
e.printStackTrace();
}
Key key = null;
try {
ObjectInputStream ois = null;
ois = new ObjectInputStream(fis);
key = null;
key = (Key) ois.readObject();
}
catch (IOException e) {
e.printStackTrace();
}
catch (ClassNotFoundException e) {
e.printStackTrace();
}
System.out.println("key = " + key);
return key;
}
}
安全socket
我们从一个简单的类开始,它提供我们在普通socket对象之上的加密。表 C (SecretSocket.java) 包含了两段代码-Socket和Key对象。我们的构造器创建了变量并初始化了密码:
outCipher = Cipher.getInstance(algorithm);
outCipher.init(Cipher.ENCRYPT_MODE, key);
inCipher = Cipher.getInstance(algorithm);
inCipher.init(Cipher.DECRYPT_MODE, key);
isting C?SecretSocket.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:07:51 AM
*/
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
public class SecretSocket {
private Key key = null;
private Cipher outCipher = null;
private Cipher inCipher = null;
private CipherInputStream cis = null;
private CipherOutputStream cos = null;
private Socket socket = null;
private String algorithm = "DES";
public SecretSocket(Socket socket, Key key) {
this.socket = socket;
this.key = key;
algorithm = key.getAlgorithm();
initializeCipher();
}
private void initializeCipher() {
try {
outCipher = Cipher.getInstance(algorithm);
outCipher.init(Cipher.ENCRYPT_MODE, key);
inCipher = Cipher.getInstance(algorithm);
inCipher.init(Cipher.DECRYPT_MODE, key);
}
catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
catch (NoSuchPaddingException e) {
e.printStackTrace();
}
catch (InvalidKeyException e) {
e.printStackTrace();
}
}
public InputStream getInputStream() throws IOException {
InputStream is = socket.getInputStream();
cis = new CipherInputStream(is, inCipher);
return cis;
}
public OutputStream getOutputStream() throws IOException {
OutputStream os = socket.getOutputStream();
cos = new CipherOutputStream(os, outCipher);
return cos;
}
}
因为socket是双向的通信,所以我们采用两个密码。加密输出的数据并解密输入的数据。我们使用getInputStream()和 getOutputStream(),这两种方法来加密合解密通用的输入和输出的经过包装的数据流。见 表 D 。
isting D
public InputStream getInputStream() throws IOException {
InputStream is = socket.getInputStream();
cis = new CipherInputStream(is, inCipher);
return cis;
}
public OutputStream getOutputStream() throws IOException {
OutputStream os = socket.getOutputStream();
cos = new CipherOutputStream(os, outCipher);
return cos;
}
在JCE的javax.crypto包中包含CipherInputStream和 CipherOutputStream这两种流类型。他们接收输入输出的流对象和密码对象。
Socket 服务器
开始写我们的socket服务器类吧。 表 E (SecretSocketServer.java)是一个完整的列表。SecretSocketServer在一个端口打开ServerSocket,当接收到连接时,使用SocketHandler产生一个线程来操作连接。
isting E?SecretSocketServer.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:32:17 AM
*/
import java.net.ServerSocket;
import java.net.Socket;
import java.io.IOException;
public class SecretSocketServer {
public static void main(String[] args) {
new SecretSocketServer();
}
public SecretSocketServer() {
ServerSocket ss = null;
try {
ss = new ServerSocket(4444);
}
catch (IOException e) {
e.printStackTrace();
}
while(true) {
try {
System.out.println("Waiting...");
Socket s = ss.accept();
SocketHandler h = new SocketHandler(s);
Thread t = new Thread(h);
t.start();
}
catch (IOException e) {
e.printStackTrace();
}
}
}
}
Socket 句柄
表 F (SocketHandler.java) 确定一个socket对象,通过KeyGen来定位关键字,并建立一个 SecretSocket 对象。.
Key key = KeyGen.getSecretKey();
this.ss = new SecretSocket(s, key);
isting F?SocketHandler.java
/*
* Created by IntelliJ IDEA.
* User: jbirchfield
* Date: Mar 20, 2002
* Time: 9:34:22 AM
*/
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.Key;
public class SocketHandler implements Runnable {
private Socket s = null;
private SecretSocket ss = null;
private InputStream in = null;
public SocketHandler(Socket s) {
this.s = s;
Key key = KeyGen.getSecretKey();
this.ss = new SecretSocket(s, key);
try {
in = ss.getInputStream();
}
catch (IOException e) {
e.printStackTrace();
}
}
public void run() {
boolean bool = true;
while (bool) {
bool = listen();
}
try {
s.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
public boolean listen() {
int aByte;
try {
while ((aByte = in.read()) >= 0) {
System.out.println((char)aByte);
}
}
catch (IOException e) {
System.out.println("returning false...");
}
return false;
}
}
注意表F中的 ss对SocketHandler来说是一个实变量。所有的socket 处理都是通过SecretSocket而不是Socket对象。然后我们使用下面的代码:
in = ss.getInputStream();
记住,在SecretSocket中,getInputStream是和CipherInputStream以及 InputStream相结合的。因为SocketHandler 是一个可执行的界面,我们为它生成一个 run()方法。这个方法只是在等待socket的数据:
boolean bool = true;
while (bool) {
bool = listen();
}
listen方法用来监听socket 。
int aByte;
while ((aByte = in.read()) >= 0) {
system.out.println((char)aByte);
}
Socket 客户
现在我们来看看客户端。见 表 G 。客户端的工作和服务器端很相似,只是反过来了。首先,我们创立一个套接字连接到服务器。使用KeyGen 找到关键字,创立一个安全套接字(SecretSocket)。然后我们利用它的OutputStream给服务器发送数据:
Key key = KeyGen.getSecretKey();
Socket s = new Socket("localhost", 4444);
SecretSocket ss = new SecretSocket(s, key);
OutputStream os = ss.getOutputStream();
os.write("Hello World!".getBytes());
os.flush();
os.close();
s.close();
总结
通过JCE中的java流和链表,我们可以轻松的加密基于socket的网络通信。
Java开发工具包 (JDK)对加密和安全性有很好的支持。其中一个优势就是其内置的对Socket通信的支持。因此,很容易做到在服务器和客户之间建立安全的数据流。流 Java streams 是一个强大的编程工具。java.io包提供了很多标准的流类型,并能很容易的建立自己的流类型。流的一个有用的特点是和链表一样的简单处理过程。表 A是一个用链表读取文本的例子。 ufferedReader br = new BufferedReader( new FileReader(“c:/foo.txt”)); String line = null; while((line = br.readLine()) != null) { System.out.println(line); }这段代码将 FileReader和 BufferedReader链接起来。我们在用客户机/服务器应用程序的时候也会用到类似的概念。关键字对于验证来说,关键字很重要,表 B (KeyGen.java)提供了一个称为 getSecretKey的标准方法。通过运行KeyGen来产生一个关键字。因为我们采用同步方法,所以客户机和服务器必须用相同的关键字。 isting B?KeyGen.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 19, 2002 * Time: 9:33:22 AM */ import com.sun.crypto.provider.SunJCE; import javax.crypto.KeyGenerator; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.Security; public class KeyGen { public static final String KEY_FILE = "secret.key"; public static final String ALGORITHM = "DES"; public static void main(String[] args) { Security.addProvider(new SunJCE()); new KeyGen(); } public KeyGen() { KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(ALGORITHM); Key key = kg.generateKey(); writeKey(KEY_FILE, key); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } } private void writeKey(String filename, Object o) { try { FileOutputStream fos = new FileOutputStream(filename); ObjectOutputStream oos = new ObjectOutputStream(fos); oos.writeObject(o); oos.flush(); fos.close(); } catch (IOException e) { e.printStackTrace(); } } public static Key getSecretKey() { Security.addProvider(new SunJCE()); FileInputStream fis = null; try { fis = new FileInputStream(KEY_FILE); } catch (FileNotFoundException e) { e.printStackTrace(); } Key key = null; try { ObjectInputStream ois = null; ois = new ObjectInputStream(fis); key = null; key = (Key) ois.readObject(); } catch (IOException e) { e.printStackTrace(); } catch (ClassNotFoundException e) { e.printStackTrace(); } System.out.println("key = " + key); return key; }}安全socket我们从一个简单的类开始,它提供我们在普通socket对象之上的加密。表 C (SecretSocket.java) 包含了两段代码-Socket和Key对象。我们的构造器创建了变量并初始化了密码: outCipher = Cipher.getInstance(algorithm); outCipher.init(Cipher.ENCRYPT_MODE, key); inCipher = Cipher.getInstance(algorithm); inCipher.init(Cipher.DECRYPT_MODE, key); isting C?SecretSocket.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:07:51 AM */ import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import javax.crypto.CipherOutputStream; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.Socket; import java.net.UnknownHostException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.Security; public class SecretSocket { private Key key = null; private Cipher outCipher = null; private Cipher inCipher = null; private CipherInputStream cis = null; private CipherOutputStream cos = null; private Socket socket = null; private String algorithm = "DES"; public SecretSocket(Socket socket, Key key) { this.socket = socket; this.key = key; algorithm = key.getAlgorithm(); initializeCipher(); } private void initializeCipher() { try { outCipher = Cipher.getInstance(algorithm); outCipher.init(Cipher.ENCRYPT_MODE, key); inCipher = Cipher.getInstance(algorithm); inCipher.init(Cipher.DECRYPT_MODE, key); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } } public InputStream getInputStream() throws IOException { InputStream is = socket.getInputStream(); cis = new CipherInputStream(is, inCipher); return cis; } public OutputStream getOutputStream() throws IOException { OutputStream os = socket.getOutputStream(); cos = new CipherOutputStream(os, outCipher); return cos; }}因为socket是双向的通信,所以我们采用两个密码。加密输出的数据并解密输入的数据。我们使用getInputStream()和 getOutputStream(),这两种方法来加密合解密通用的输入和输出的经过包装的数据流。见 表 D 。 isting D public InputStream getInputStream() throws IOException { InputStream is = socket.getInputStream(); cis = new CipherInputStream(is, inCipher); return cis;} public OutputStream getOutputStream() throws IOException { OutputStream os = socket.getOutputStream(); cos = new CipherOutputStream(os, outCipher); return cos;}在JCE的javax.crypto包中包含CipherInputStream和 CipherOutputStream这两种流类型。他们接收输入输出的流对象和密码对象。 Socket 服务器开始写我们的socket服务器类吧。 表 E (SecretSocketServer.java)是一个完整的列表。SecretSocketServer在一个端口打开ServerSocket,当接收到连接时,使用SocketHandler产生一个线程来操作连接。 isting E?SecretSocketServer.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:32:17 AM */ import java.net.ServerSocket; import java.net.Socket; import java.io.IOException; public class SecretSocketServer { public static void main(String[] args) { new SecretSocketServer(); } public SecretSocketServer() { ServerSocket ss = null; try { ss = new ServerSocket(4444); } catch (IOException e) { e.printStackTrace(); } while(true) { try { System.out.println("Waiting..."); Socket s = ss.accept(); SocketHandler h = new SocketHandler(s); Thread t = new Thread(h); t.start(); } catch (IOException e) { e.printStackTrace(); } } }} Socket 句柄表 F (SocketHandler.java) 确定一个socket对象,通过KeyGen来定位关键字,并建立一个 SecretSocket 对象。. Key key = KeyGen.getSecretKey(); this.ss = new SecretSocket(s, key); isting F?SocketHandler.java /* * Created by IntelliJ IDEA. * User: jbirchfield * Date: Mar 20, 2002 * Time: 9:34:22 AM */ import java.io.IOException; import java.io.InputStream; import java.net.Socket; import java.security.Key; public class SocketHandler implements Runnable { private Socket s = null; private SecretSocket ss = null; private InputStream in = null; public SocketHandler(Socket s) { this.s = s; Key key = KeyGen.getSecretKey(); this.ss = new SecretSocket(s, key); try { in = ss.getInputStream(); } catch (IOException e) { e.printStackTrace(); } } public void run() { boolean bool = true; while (bool) { bool = listen(); } try { s.close(); } catch (IOException e) { e.printStackTrace(); } } public boolean listen() { int aByte; try { while ((aByte = in.read()) >= 0) { System.out.println((char)aByte); } } catch (IOException e) { System.out.println("returning false..."); } return false; }}注意表F中的 ss对SocketHandler来说是一个实变量。所有的socket 处理都是通过SecretSocket而不是Socket对象。然后我们使用下面的代码: in = ss.getInputStream();记住,在SecretSocket中,getInputStream是和CipherInputStream以及 InputStream相结合的。因为SocketHandler 是一个可执行的界面,我们为它生成一个 run()方法。这个方法只是在等待socket的数据: boolean bool = true; while (bool) { bool = listen();} listen方法用来监听socket 。 int aByte; while ((aByte = in.read()) >= 0) { system.out.println((char)aByte);} Socket 客户现在我们来看看客户端。见 表 G 。客户端的工作和服务器端很相似,只是反过来了。首先,我们创立一个套接字连接到服务器。使用KeyGen 找到关键字,创立一个安全套接字(SecretSocket)。然后我们利用它的OutputStream给服务器发送数据: Key key = KeyGen.getSecretKey(); Socket s = new Socket("localhost", 4444); SecretSocket ss = new SecretSocket(s, key); OutputStream os = ss.getOutputStream(); os.write("Hello World!".getBytes()); os.flush(); os.close(); s.close();总结通过JCE中的java流和链表,我们可以轻松的加密基于socket的网络通信。
本文转自
http://www.cn-java.com/www1/?action-viewnews-itemid-3248
2459
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
