我想通过TLS v1.2在两个系统之间创建commnicate。它包含的信息是保密的。我想避免https Web服务调用,并且想要在TCP层执行消息交换。
您能否建议如何通过TLS v1.2安全地传输数据。
编辑:
我在阅读以下答案后写了以下代码
SSLServer
System.setProperty("javax.net.ssl.keyStore", "/home/user/.keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
ServerSocket ss = ssf.createServerSocket(8362);
while (true) {
System.out.println("awaiting to accept..");
Socket s = ss.accept();
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain2 = session.getLocalCertificates();
for (int i = 0; i < cchain2.length; i++) {
System.out.println(((X509Certificate) cchain2[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in " + session.getLastAccessedTime());
PrintStream out = new PrintStream(s.getOutputStream());
/*BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));*/
boolean isChatOver = false;
System.out.println("\n\n*******************Type Below********************");
System.out.println("To End Chat Type 'Bye'!");
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
while(!isChatOver) {
String nextChat = br.readLine();
out.println(nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
isChatOver = true;
}
}
out.close();
s.close();
}
SSLClient
System.setProperty("javax.net.ssl.trustStore", "/home/user/.truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
Socket s = ssf.createSocket("127.0.0.1", 8362);
SSLSession session = ((SSLSocket) s).getSession();
Certificate[] cchain = session.getPeerCertificates();
System.out.println("The Certificates used by peer");
for (int i = 0; i < cchain.length; i++) {
System.out.println(((X509Certificate) cchain[i]).getSubjectDN());
}
System.out.println("Peer host is " + session.getPeerHost());
System.out.println("Cipher is " + session.getCipherSuite());
System.out.println("Protocol is " + session.getProtocol());
System.out.println("ID is " + new BigInteger(session.getId()));
System.out.println("Session created in " + session.getCreationTime());
System.out.println("Session accessed in "
+ session.getLastAccessedTime());
BufferedReader in = new BufferedReader(new InputStreamReader(
s.getInputStream()));
boolean isChatOver = false;
while(!isChatOver) {
if(in.ready()) {
Thread.sleep(5000);
}
String nextChat = in.readLine();
System.out.println("server says : " + nextChat);
if("bye".equalsIgnoreCase(nextChat.trim())) {
System.out.println("**************************************Closing Session.*********************************************");
isChatOver = true;
}
}
in.close();
在上面的代码中,我的代码是否在使用TLS 1.2加密后直接将消息传递给TCP Layer?我希望它不会在内部调用https,因为我想不惜一切代价避免应用程序层。
如果对问题有疑问,请告诉我。
由于 欢呼:))