Java建立SSL双向认证连接源码

最新推荐文章于 2021-02-12 18:24:47 发布

Jinhill

最新推荐文章于 2021-02-12 18:24:47 发布

阅读量8.5k

点赞数

分类专栏： Java Security 文章标签： ssl java string exception socket null

本文链接：https://blog.csdn.net/jinhill/article/details/6960406

版权

Security 同时被 2 个专栏收录

39 篇文章 0 订阅

订阅专栏

Java

22 篇文章 0 订阅

订阅专栏

(作者：陈波，2011-11-11，转载请注明 Form:http://blog.csdn.net/jinhill/article/details/6960406)

package com.jinhill.net;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.security.KeyStore;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

public class SSLClient {
//受信任根证书库
private String mTrustStore = "C:/Documents and Settings/bo.chen/.keystore";
private String mTrustStorePwd = "123456";

//客户端证书库，这里采用PFX格式
private String mClientKeyStore = "C:/cb.pfx";
private String mClientKeyStorePwd = "123456";

public SSLClient(){
  //设置受任根证库
  System.setProperty("javax.net.ssl.trustStore", mTrustStore);
  //System.setProperty("javax.net.ssl. trustStorePassword", mTrustStorePwd);
  //System.setProperty("javax.net.debug", "ssl,handshake");
}

public void setTrustStore(String trustStore, String trustStorePwd){
  mTrustStore = trustStore;
  mTrustStorePwd = trustStorePwd;
}

public void setClientStore(String clientKeyStore, String clientKeyStorePwd){
  mClientKeyStore = clientKeyStore;
  mClientKeyStorePwd = clientKeyStorePwd;
}

//SSL单向认证连接
private Socket ConnectWithoutCert(String host, int port) throws Exception {
  SocketFactory sf = SSLSocketFactory.getDefault();
  Socket s = sf.createSocket(host, port);
  return s;
}
//SSL双向认证连接
private Socket ConnectWithCert(String host, int port) throws Exception {
  SSLContext context = SSLContext.getInstance("TLS");

  KeyStore ks = KeyStore.getInstance("PKCS12");
  ks.load(new FileInputStream(mClientKeyStore), mClientKeyStorePwd.toCharArray());
  KeyManagerFactory kf = KeyManagerFactory.getInstance("SunX509");
  kf.init(ks, mClientKeyStorePwd.toCharArray());
  //如果不System.setProperty("javax.net.ssl.trustStore", mTrustStore);
  //也可以用下列方法动态进行受信任根证书设置
  /*
  TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
  KeyStore tks = KeyStore.getInstance("JKS");
  tks.load(new FileInputStream(mTrustStore), mTrustStorePwd.toCharArray());
  tmf.init(tks);
  context.init(kf.getKeyManagers(), tmf.getTrustManagers(), null);
   */
  context.init(kf.getKeyManagers(), null, null);

  SocketFactory factory = context.getSocketFactory();
  Socket s = factory.createSocket(host, port);
  return s;
}

public static void main(String[] args) throws Exception {
  //HTTP请求
  String request = "GET / HTTP/1.1\r\nHost: www.jinhill.com\r\nConnection: Keep-Alive\r\nUser-Agent: Java Client Tool\r\n\r\n";
  String receive = "RECV:";
  int len = 0;

  SSLClient client = new SSLClient();
  //连接SSL服务器
  Socket s = client.ConnectWithCert("www.jinhill.com", 443);
  //Socket s = client.ConnectWithoutCert("www.jinhill.com", 443);
  //设置输入输出流
  OutputStream os = s.getOutputStream();
  InputStream is = s.getInputStream();
  //发送HTTP请求
  os.write(request.getBytes());
  os.flush();
  //读取HTTP响应数据
  while(true){
   byte[] buf = new byte[1024];
   len = is.read(buf);
   receive += (new String(buf));
   if(len < 1024)
   {
    break;
   }
  }
  System.out.println(receive);
  //关闭连接
  s.close();
}
}

Jinhill

关注

0
点赞
踩
5

收藏

觉得还不错? 一键收藏
1
评论
Java建立SSL双向认证连接源码

(作者：陈波，2011-11-11，转载请注明 Form:http://blog.csdn.net/jinhill/article/details/6960406) package com.jinhill.net;import java.io.FileInputStream;import java.io.InputStream;import java.io.OutputStream
复制链接

扫一扫

专栏目录