Java Socket实战之五:使用加密协议传输对象
前面几篇博文提到了Socket中一些常用的用法,但是对于一些有安全要求的应用就需要加密传输的数据,此时就需要用到SSLSocket了。
还是一样需要一个实现了java.io.Serializable接口的简单Java对象:
- packagecom.googlecode.garbagecan.test.socket.ssl;
- publicclassUserimplementsjava.io.Serializable{
- privatestaticfinallongserialVersionUID=1L;
- privateStringname;
- privateStringpassword;
- publicUser(){
- }
- publicUser(Stringname,Stringpassword){
- this.name=name;
- this.password=password;
- }
- publicStringgetName(){
- returnname;
- }
- publicvoidsetName(Stringname){
- this.name=name;
- }
- publicStringgetPassword(){
- returnpassword;
- }
- publicvoidsetPassword(Stringpassword){
- this.password=password;
- }
- }
SSL Server类,这里需要用到ServerSocketFactory类来创建SSLServerSocket类实例,然后在通过SSLServerSocket来获取SSLSocket实例,这里考虑到面向对象中的面向接口编程的理念,所以代码中并没有出现SSLServerSocket和SSLSocket,而是用了他们的父类ServerSocket和Socket。在获取到ServerSocket和Socket实例以后,剩下的代码就和不使用加密方式一样了。
- packagecom.googlecode.garbagecan.test.socket.ssl;
- importjava.io.BufferedInputStream;
- importjava.io.IOException;
- importjava.io.ObjectInputStream;
- importjava.io.ObjectOutputStream;
- importjava.net.ServerSocket;
- importjava.net.Socket;
- importjava.util.logging.Level;
- importjava.util.logging.Logger;
- importjavax.net.ServerSocketFactory;
- importjavax.net.ssl.SSLServerSocketFactory;
- publicclassMyServer{
- privatefinalstaticLoggerlogger=Logger.getLogger(MyServer.class.getName());
- publicstaticvoidmain(String[]args){
- try{
- ServerSocketFactoryfactory=SSLServerSocketFactory.getDefault();
- ServerSocketserver=factory.createServerSocket(10000);
- while(true){
- Socketsocket=server.accept();
- invoke(socket);
- }
- }catch(Exceptionex){
- ex.printStackTrace();
- }
- }
- privatestaticvoidinvoke(finalSocketsocket)throwsIOException{
- newThread(newRunnable(){
- publicvoidrun(){
- ObjectInputStreamis=null;
- ObjectOutputStreamos=null;
- try{
- is=newObjectInputStream(newBufferedInputStream(socket.getInputStream()));
- os=newObjectOutputStream(socket.getOutputStream());
- Objectobj=is.readObject();
- Useruser=(User)obj;
- System.out.println("user:"+user.getName()+"/"+user.getPassword());
- user.setName(user.getName()+"_new");
- user.setPassword(user.getPassword()+"_new");
- os.writeObject(user);
- os.flush();
- }catch(IOExceptionex){
- logger.log(Level.SEVERE,null,ex);
- }catch(ClassNotFoundExceptionex){
- logger.log(Level.SEVERE,null,ex);
- }finally{
- try{
- is.close();
- }catch(Exceptionex){}
- try{
- os.close();
- }catch(Exceptionex){}
- try{
- socket.close();
- }catch(Exceptionex){}
- }
- }
- }).start();
- }
- }
SSL Client类和SSL Server类类似,只是将其中获取Socket的方式有所变化,其余的代码也和不使用加密方式一样。
- packagecom.googlecode.garbagecan.test.socket.ssl;
- importjava.io.BufferedInputStream;
- importjava.io.IOException;
- importjava.io.ObjectInputStream;
- importjava.io.ObjectOutputStream;
- importjava.net.Socket;
- importjava.util.logging.Level;
- importjava.util.logging.Logger;
- importjavax.net.SocketFactory;
- importjavax.net.ssl.SSLSocketFactory;
- publicclassMyClient{
- privatefinalstaticLoggerlogger=Logger.getLogger(MyClient.class.getName());
- publicstaticvoidmain(String[]args)throwsException{
- for(inti=0;i<100;i++){
- Socketsocket=null;
- ObjectOutputStreamos=null;
- ObjectInputStreamis=null;
- try{
- SocketFactoryfactory=SSLSocketFactory.getDefault();
- socket=factory.createSocket("localhost",10000);
- os=newObjectOutputStream(socket.getOutputStream());
- Useruser=newUser("user_"+i,"password_"+i);
- os.writeObject(user);
- os.flush();
- is=newObjectInputStream(newBufferedInputStream(socket.getInputStream()));
- Objectobj=is.readObject();
- if(obj!=null){
- user=(User)obj;
- System.out.println("user:"+user.getName()+"/"+user.getPassword());
- }
- }catch(IOExceptionex){
- logger.log(Level.SEVERE,null,ex);
- }finally{
- try{
- is.close();
- }catch(Exceptionex){}
- try{
- os.close();
- }catch(Exceptionex){}
- try{
- socket.close();
- }catch(Exceptionex){}
- }
- }
- }
- }
代码写完了,下面就需要产生keystore文件了,运行下面的命令
- keytool-genkey-aliasmysocket-keyalgRSA-keystoremysocket.jks
在提示输入项中,密码项自己给定,其它都不改直接回车,这里我使用的密码是“mysocket”。
运行Server
- java-Djavax.net.ssl.keyStore=mysocket.jks-Djavax.net.ssl.keyStorePassword=mysocketcom.googlecode.garbagecan.test.socket.ssl.MyServer
运行Client
- java-Djavax.net.ssl.trustStore=mysocket.jks-Djavax.net.ssl.trustStorePassword=mysocketcom.googlecode.garbagecan.test.socket.ssl.MyClient
原文链接:http://blog.csdn.net/kongxx/article/details/7259837