尝试在客户端和服务器之间进行TLS握手。但是,更改密码规范步骤失败了。同样在客户端收到如下所述的异常:我无法理解为什么我收到如下所示的奇怪异常。
这是什么意思?关于如何解决这个问题的任何想法?
我在Java 7下运行它。
java.security.NoSuchAlgorithmException:PBES2 AlgorithmParameters not 可在 sun.security.jca.GetInstance.getInstance(GetInstance.java:159)at at java.security.Security.getImpl(Security.java:695)at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146) 在com.certicom.security.pkcs.pkcs5.g。(未知来源)at com.certicom.security.pkcs.pkcs5.i.a(未知来源)at com.certicom.security.sslplus.b.a(未知来源)at com.certicom.security.cert.internal.x509.PKCS8.decrypt(未知来源) 在 com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentity(未知 来源)com.certicom.tls.cert.CertLoader.loadLocalIdentity(未知) 来源)在com.certicom.tls.interfaceimpl.i.a(未知来源)at com.certicom.tls.TLSContext.loadLocalIdentity(未知来源)at com.onstar.emxp.util.TLSClient.loadCert(TLSClient.java:66)at com.onstar.adc.pd.connection.TLSContextLoader.getTLSContext(TLSContextLoader.java:27) 在com.onstar.adc.pd.PacketClient.run(PacketClient.java:74)
java.security.InvalidKeyException:PBES2 AlgorithmParameters没有 可在com.certicom.security.pkcs.pkcs5.g获取。(未知 来源)在com.certicom.security.pkcs.pkcs5.i.a(未知来源)at at com.certicom.security.sslplus.b.a(未知来源)at com.certicom.security.cert.internal.x509.PKCS8.decrypt(未知来源) 在 com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentity(未知 来源)com.certicom.tls.cert.CertLoader.loadLocalIdentity(未知) 来源)在com.certicom.tls.interfaceimpl.i.a(未知来源)at com.certicom.tls.TLSContext.loadLocalIdentity(未知来源)at com.onstar.emxp.util.TLSClient.loadCert(TLSClient.java:66)at com.onstar.adc.pd.connection.TLSContextLoader.getTLSContext(TLSContextLoader.java:27) 在com.onstar.adc.pd.PacketClient.run(PacketClient.java:74)
java.security.KeyManagementException at com.certicom.security.cert.internal.x509.SSLPlusSupport.getLocalIdentity(未知 来源)com.certicom.tls.cert.CertLoader.loadLocalIdentity(未知) 来源)在com.certicom.tls.interfaceimpl.i.a(未知来源)at com.certicom.tls.TLSContext.loadLocalIdentity(未知来源)at com.onstar.emxp.util.TLSClient.loadCert(TLSClient.java:66)at com.onstar.adc.pd.connection.TLSContextLoader.getTLSContext(TLSContextLoader.java:27) 在com.onstar.adc.pd.PacketClient.run(PacketClient.java:74)警告: 无法加载证书数据包服务器 java.security.KeyManagementException
执行tls握手的客户端代码:
socket = new Socket(host, port); InputSSLIOStream inputStream = new InputSSLIOStream( socket.getInputStream()); OutputSSLIOStream outputStream = new OutputSSLIOStream( socket.getOutputStream()); TLSConnection tlsConnection = tlsContextLoader.getTLSContext() .getClientConnection(inputStream, outputStream, "server"); tlsConnection.startHandshake(); socket.setSoTimeout(30000); OutputStream tlsOutputStream = tlsConnection.getOutputStream(); InputStream tlsInputStream = tlsConnection.getInputStream();
My TLS Context loader:
public class TLSContextLoader
{
public TLSContext getTLSContext()
throws Exception
{
TLSContext localTLSContext = new TLSContext();
localTLSContext.setIsStrongCipherSuiteLimited(false);
localTLSContext.setHelloProtocol("TLS1-ONLY");
localTLSContext.setEllipticCurves(new String[] { "secp256r1" });
localTLSContext.setClientAuthModes(new String[] { "ECDSA_SIGN" });
localTLSContext.setDebugFlag();
localTLSContext.setEccDraftCompatibility(-1);
localTLSContext.setX509BasicConstraintBug(true);
TLSClient.loadCert(localTLSContext, "packetserver");
localTLSContext.setPSKParam(new byte[] { 49 });
localTLSContext.loadTrustedCertificates(KeyLoader.getTrustedStream("rootca"));
localTLSContext.setRNG(new SecureRandom(generateSeed()));
LocalTrustManager localLocalTrustManager = new LocalTrustManager();
localTLSContext.setTrustManager(localLocalTrustManager);
localTLSContext.setEnabledCipherSuites(EMXPArrays.csvToArray("TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"));
localTLSContext.setNeedClientAuth(false);
return localTLSContext;
}
private byte[] generateSeed() {
String str = new String();
str = str + "IDH" + System.identityHashCode(str);
Runtime localRuntime = Runtime.getRuntime();
str = str + "FM" + localRuntime.freeMemory();
str = str + "CT" + System.currentTimeMillis();
Properties localProperties = System.getProperties();
Enumeration localEnumeration = localProperties.elements();
while (localEnumeration.hasMoreElements()) {
str = str + localEnumeration.nextElement();
}
str = str + "VHC" + str.hashCode();
return str.getBytes();
}
}
答案 0 :(得分:0)
上述问题得以解决。在客户端使用certicom库是为了安全,而在服务器端则使用JDK 7。当客户端和服务器都基于JDK 7安全库时,客户端能够与服务器通信并协商握手。