-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Ejemplo de socket SSL usando las propiedades del sistema.
- Loading branch information
Showing
13 changed files
with
249 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
/target | ||
.classpath | ||
.project | ||
.settings | ||
*~ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<groupId>com.chuidiang.ejemplos</groupId> | ||
<artifactId>ejemplo-socket-ssl</artifactId> | ||
<version>1.0-SNAPSHOT</version> | ||
<packaging>jar</packaging> | ||
|
||
<name>ejemplo-socket-ssl</name> | ||
<url>http://maven.apache.org</url> | ||
|
||
<properties> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>junit</groupId> | ||
<artifactId>junit</artifactId> | ||
<version>3.8.1</version> | ||
<scope>test</scope> | ||
</dependency> | ||
</dependencies> | ||
</project> |
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
Hay dos directorios, servidor y cliente. | ||
servidor contiene un almacen de claves serverKeys.jks y dentro un certificado de servidor. | ||
La clave publica del servidor esta en ServerPublicKey.cer | ||
Esta clave publica debe meterse dentro del almacen de claves de confianza del cliente, por lo que | ||
esta clave esta tambien en el directorio client, dentro de su almacen de claves de confianza | ||
clientTrustedCerts.jks | ||
|
||
A continuacion el proceso para crear todos esto. Habria que repetir los mismos tres pasos para generar | ||
la clave del cliente dentro de su almacen de claves (client/clientKey.jks), su clave pública | ||
(client/ClientPublicKey.cer) y al almacen de claves de confianza del servidor con la del cliente almacenada | ||
dentro (server/serverTrustedCerts.jks) | ||
|
||
Creacion de certificado del servidor metido en un almacen de certificados serverKey.jks | ||
|
||
c:>keytool -genkey -keyalg RSA -alias serverKay -keystore serverKey.jks -storepass servpass | ||
¿Cuáles son su nombre y su apellido? | ||
[Unknown]: Server | ||
¿Cuál es el nombre de su unidad de organización? | ||
[Unknown]: Unidad | ||
¿Cuál es el nombre de su organización? | ||
[Unknown]: Organizacion | ||
¿Cuál es el nombre de su ciudad o localidad? | ||
[Unknown]: Ciudad | ||
¿Cuál es el nombre de su estado o provincia? | ||
[Unknown]: Estado | ||
¿Cuál es el código de país de dos letras de la unidad? | ||
[Unknown]: ES | ||
[no]: si | ||
|
||
Introduzca la contraseña de clave para <serverKay> | ||
(INTRO si es la misma contraseña que la del almacén de claves): | ||
|
||
c:> | ||
|
||
la password del certificado es importante que sea la misma que la del almacen. | ||
|
||
Para exportar la clave pública del servidor a un fichero | ||
|
||
c:>keytool -export -keystore serverkey.jks -alias serverKey -file ServerPublic | ||
Key.cer | ||
|
||
Para meter la clave publica del servidor en los certificados de confianza del cliente. | ||
|
||
c:>keytool -import -v -trustcacerts -alias serverKey -file ServerPublicKey.cer | ||
-keystore clientTrustedCerts.jks -keypass clientpass -storepass clientpass | ||
Propietario: CN=Server, OU=Unidad, O=Organizacion, L=Ciudad, ST=Estado, C=ES | ||
Emisor: CN=Server, OU=Unidad, O=Organizacion, L=Ciudad, ST=Estado, C=ES | ||
Número de serie: 8421719 | ||
Válido desde: Sat Apr 18 13:10:58 CEST 2015 hasta: Fri Jul 17 13:10:58 CEST 2015 | ||
|
||
Huellas digitales del Certificado: | ||
MD5: 1E:D2:BC:79:10:48:8F:FD:FD:D5:7B:7B:6C:50:F0:DB | ||
SHA1: 5C:D3:3E:4B:45:0B:CA:90:F3:9F:3B:96:B3:20:DB:1A:DE:9F:57:EE | ||
SHA256: 08:84:31:7E:27:89:94:93:5A:DE:22:A0:37:E2:02:67:E4:50:34:DE:AE: | ||
DD:29:2B:67:CB:68:05:B1:94:D7:00 | ||
Nombre del Algoritmo de Firma: SHA256withRSA | ||
Versión: 3 | ||
|
||
Extensiones: | ||
|
||
#1: ObjectId: 2.5.29.14 Criticality=false | ||
SubjectKeyIdentifier [ | ||
KeyIdentifier [ | ||
0000: D1 85 CB EB FF 6A 53 08 0E 9E EB FB 65 3A C2 B6 .....jS.....e:.. | ||
0010: E4 A2 27 23 ..'# | ||
] | ||
] | ||
|
||
¿Confiar en este certificado? [no]: si | ||
Se ha agregado el certificado al almacén de claves | ||
[Almacenando clientTrustedCerts.jks] | ||
|
||
Nuevamente es importante misma clave para certificado (-keypass) y alamacen (-storepass) |
Binary file not shown.
Binary file not shown.
Binary file not shown.
25 changes: 25 additions & 0 deletions
25
ejemplo-socket-ssl/src/main/java/com/chuidiang/ejemplos/App.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
package com.chuidiang.ejemplos; | ||
|
||
import java.io.IOException; | ||
|
||
/** | ||
* Example with SSL sockets using system properties. | ||
*/ | ||
public class App { | ||
public static void main(String[] args) throws IOException { | ||
System.setProperty("javax.net.ssl.keyStore", "src/main/certs/server/serverKey.jks"); | ||
System.setProperty("javax.net.ssl.keyStorePassword","servpass"); | ||
// System.setProperty("javax.net.ssl.trustStore", "src/main/certs/server/serverTrustedCerts.jks"); | ||
// System.setProperty("javax.net.ssl.trustStorePassword", "servpass"); | ||
System.setProperty("javax.net.ssl.trustStore", "src/main/certs/client/clientTrustedCerts.jks"); | ||
System.setProperty("javax.net.ssl.trustStorePassword", "clientpass"); | ||
|
||
new SSLDefaultServerSocket(5557).start(); | ||
|
||
// System.setProperty("javax.net.ssl.keyStore", "src/main/certs/client/clientKey.jks"); | ||
// System.setProperty("javax.net.ssl.keyStorePassword","clientpass"); | ||
// System.setProperty("javax.net.ssl.trustStore", "src/main/certs/client/clientTrustedCerts.jks"); | ||
// System.setProperty("javax.net.ssl.trustStorePassword", "clientpass"); | ||
new SSLDefaultClientSocket("localhost",5557).start(); | ||
} | ||
} |
39 changes: 39 additions & 0 deletions
39
ejemplo-socket-ssl/src/main/java/com/chuidiang/ejemplos/SSLDefaultClientSocket.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package com.chuidiang.ejemplos; | ||
|
||
import java.io.BufferedReader; | ||
import java.io.IOException; | ||
import java.io.InputStreamReader; | ||
import java.io.PrintWriter; | ||
import java.net.Socket; | ||
import java.net.UnknownHostException; | ||
|
||
import javax.net.ssl.SSLSocketFactory; | ||
|
||
public class SSLDefaultClientSocket { | ||
Socket client = null; | ||
public SSLDefaultClientSocket(String server,int port) throws UnknownHostException, IOException{ | ||
SSLSocketFactory clientFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); | ||
client = clientFactory.createSocket(server,port); | ||
} | ||
|
||
public void start() { | ||
System.out.println("client start"); | ||
new Thread() { | ||
public void run(){ | ||
try { | ||
PrintWriter output = new PrintWriter(client.getOutputStream()); | ||
output.println("Federico"); | ||
output.flush(); | ||
System.out.println("Federico sent"); | ||
BufferedReader input = new BufferedReader(new InputStreamReader(client.getInputStream())); | ||
String received = input.readLine(); | ||
System.out.println("Received : "+received); | ||
client.close(); | ||
} catch (IOException e) { | ||
// TODO Auto-generated catch block | ||
e.printStackTrace(); | ||
} | ||
} | ||
}.start(); | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
ejemplo-socket-ssl/src/main/java/com/chuidiang/ejemplos/SSLDefaultServerSocket.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package com.chuidiang.ejemplos; | ||
|
||
import java.io.BufferedReader; | ||
import java.io.IOException; | ||
import java.io.InputStreamReader; | ||
import java.io.PrintWriter; | ||
import java.net.ServerSocket; | ||
import java.net.Socket; | ||
|
||
import javax.net.ssl.SSLServerSocketFactory; | ||
|
||
public class SSLDefaultServerSocket { | ||
private ServerSocket serverSocket; | ||
|
||
public SSLDefaultServerSocket(int port) throws IOException { | ||
SSLServerSocketFactory serverFactory = (SSLServerSocketFactory) SSLServerSocketFactory | ||
.getDefault(); | ||
serverSocket = serverFactory.createServerSocket(port); | ||
} | ||
|
||
public void start() { | ||
System.out.println("server start"); | ||
new Thread() { | ||
public void run() { | ||
try { | ||
Socket aClient = serverSocket.accept(); | ||
System.out.println("client accepted"); | ||
aClient.setSoLinger(true, 1000); | ||
BufferedReader input = new BufferedReader(new InputStreamReader( | ||
aClient.getInputStream())); | ||
String recibido = input.readLine(); | ||
System.out.println("Recibido " + recibido); | ||
PrintWriter output = new PrintWriter(aClient.getOutputStream()); | ||
output.println("Hello, " + recibido); | ||
output.flush(); | ||
aClient.close(); | ||
} catch (Exception e) { | ||
e.printStackTrace(); | ||
} | ||
|
||
} | ||
}.start(); | ||
} | ||
} |
38 changes: 38 additions & 0 deletions
38
ejemplo-socket-ssl/src/test/java/com/chuidiang/ejemplos/AppTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package com.chuidiang.ejemplos; | ||
|
||
import junit.framework.Test; | ||
import junit.framework.TestCase; | ||
import junit.framework.TestSuite; | ||
|
||
/** | ||
* Unit test for simple App. | ||
*/ | ||
public class AppTest | ||
extends TestCase | ||
{ | ||
/** | ||
* Create the test case | ||
* | ||
* @param testName name of the test case | ||
*/ | ||
public AppTest( String testName ) | ||
{ | ||
super( testName ); | ||
} | ||
|
||
/** | ||
* @return the suite of tests being tested | ||
*/ | ||
public static Test suite() | ||
{ | ||
return new TestSuite( AppTest.class ); | ||
} | ||
|
||
/** | ||
* Rigourous Test :-) | ||
*/ | ||
public void testApp() | ||
{ | ||
assertTrue( true ); | ||
} | ||
} |