QtJava笔记-Qt与Java进行SSL双向认证(Qt服务端,Java客户端)
2024-04-10 13:54:28
程序运行截图如下:
Qt作为服务端,Java作为客户端。
这里的服务端是用的p12证书,客户端使用的是jks。
具体的生成方式看以前的博文。
QSSLServer.h
#ifndef QSSLSERVER_H
#define QSSLSERVER_H#include <QObject>
#include <QList>
#include <QTcpServer>
#include <QSslError>QT_BEGIN_NAMESPACE
class QSslCertificate;
class QSslKey;
class QSslSocket;
QT_END_NAMESPACEclass QSSLServer : public QTcpServer
{Q_OBJECT
public:QSSLServer(QObject *parent = nullptr);~QSSLServer();protected:void loadCertificate();void incomingConnection(qintptr socketDescriptor) Q_DECL_OVERRIDE;private slots:void sslErrors(const QList<QSslError> &errors);void link();void rx();void disconnected();private:QList<QSslCertificate> m_publicCertificateList;QSslCertificate *m_privateCertificate;QSslKey *m_key;QSslSocket *m_client;
};#endif // QSSLSERVER_HQSSLServer.cpp
#include "QSSLServer.h"
#include <QSslSocket>
#include <QJsonDocument>
#include <QSslCertificate>
#include <QMap>
#include <QFile>
#include <QSslKey>
#include <QDebug>QSSLServer::QSSLServer(QObject *parent) : QTcpServer(parent)
{m_key = new QSslKey;m_privateCertificate = new QSslCertificate;loadCertificate();if(!this->listen(QHostAddress::Any, 19999)){qCritical() << "Unable to start the TCP server";exit(0);}connect(this, &QSSLServer::newConnection, this, &QSSLServer::link);qDebug() << "The SSLServer started succeefully";qDebug() << "port: 19999";
}QSSLServer::~QSSLServer()
{delete m_privateCertificate;delete m_key;
}void QSSLServer::loadCertificate()
{QFile p12File(":/res/p_server.p12");if(!p12File.open(QIODevice::ReadOnly)){qDebug() << "The certificate file open failed!";exit(0);}bool ok = QSslCertificate::importPkcs12(&p12File, m_key, m_privateCertificate, &m_publicCertificateList, "cccccc");if(!ok){qDebug() << "The certificate import error!";exit(0);}p12File.close();
}void QSSLServer::incomingConnection(qintptr socketDescriptor)
{QSslSocket *sslSocket = new QSslSocket(this);connect(sslSocket, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(sslErrors(QList<QSslError>)));sslSocket->setSocketDescriptor(socketDescriptor);sslSocket->setPrivateKey(*m_key);sslSocket->setLocalCertificate(*m_privateCertificate);sslSocket->addCaCertificates(m_publicCertificateList);sslSocket->setPeerVerifyMode(QSslSocket::VerifyPeer);sslSocket->startServerEncryption();addPendingConnection(sslSocket);
}void QSSLServer::sslErrors(const QList<QSslError> &errors)
{foreach(const QSslError &error, errors)qDebug() << error.errorString();
}void QSSLServer::link()
{QTcpSocket *clientSocket;clientSocket = nextPendingConnection();connect(clientSocket, &QTcpSocket::readyRead, this, &QSSLServer::rx);connect(clientSocket, &QTcpSocket::disconnected, this, &QSSLServer::disconnected);
}void QSSLServer::rx()
{QTcpSocket* clientSocket = qobject_cast<QTcpSocket*>(sender());QString clientString = clientSocket->readAll();qDebug() << "client:" << clientString;//再发一条数据clientSocket->write("Hello Client");
}void QSSLServer::disconnected()
{qDebug("Client Disconnected");QTcpSocket* clientSocket = qobject_cast<QTcpSocket*>(sender());clientSocket->deleteLater();
}main.cpp
#include <QCoreApplication>
#include "QSSLServer.h"int main(int argc, char *argv[])
{QCoreApplication a(argc, argv);QSSLServer sslServer;return a.exec();
}Java客户端:
SslClient.java
package cn.it1995;import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import java.io.InputStream;
import java.io.OutputStream;public class SslClient implements SslContextProvider{public static void main(String[] args) throws Exception {new SslClient().run("127.0.0.1", 19999);}public TrustManager[] getTrustManagers() throws Exception {return SslUtil.createTrustManagers("D:\\IDEAProject\\SSLDemo\\src\\main\\resources\\client.jks", "cccccc");}public KeyManager[] getKeyManagers() throws Exception {return SslUtil.createKeyManagers("D:\\IDEAProject\\SSLDemo\\src\\main\\resources\\client.jks", "cccccc");}public String getProtocol() {return "TLSv1.2";}private SSLSocket createSSLSocket(String host, Integer port) throws Exception{return SslUtil.createSSLSocket(host, port, this);}public void run(String host, Integer port) throws Exception {try(SSLSocket sslSocket = createSSLSocket(host, port); OutputStream os = sslSocket.getOutputStream(); InputStream is = sslSocket.getInputStream()){System.out.println("已成功连接到服务端.......");os.write("Hello Server".getBytes());os.flush();System.out.println("已发送 Hello Server 到服务端");byte[] buf = new byte[1024];is.read(buf);System.out.println("接收到服务端消息:" + new String(buf));}catch (Exception e){e.printStackTrace();}}
}SslContextProvider.java
package cn.it1995;import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;public interface SslContextProvider {TrustManager[] getTrustManagers() throws Exception;KeyManager[] getKeyManagers() throws Exception;String getProtocol();
}SslUtil.java
package cn.it1995;import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.net.ssl.*;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.Socket;
import java.security.*;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;public class SslUtil {private static final String JKS = "JKS";public static KeyManager[] createKeyManagers(String keyStorePath, String password) throws Exception {return createKeyManagers(keyStorePath, password, password);}public static KeyManager[] createKeyManagers(String keyStorePath, String storePassword, String keyPassword) throws Exception {String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();KeyManagerFactory kmInstance = KeyManagerFactory.getInstance(defaultAlgorithm);KeyStore ksInstance = KeyStore.getInstance(JKS);FileInputStream fileInputStream = new FileInputStream(keyStorePath);try{ksInstance.load(fileInputStream, storePassword.toCharArray());}catch (IOException e){e.printStackTrace();}catch (CertificateException e){e.printStackTrace();}finally {if(fileInputStream != null){fileInputStream.close();}}try{kmInstance.init(ksInstance, keyPassword.toCharArray());}catch (UnrecoverableKeyException e){e.printStackTrace();}return kmInstance.getKeyManagers();}public static SSLContext createSSLContext(SslContextProvider provider) throws Exception{SSLContext context = SSLContext.getInstance(provider.getProtocol());context.init(provider.getKeyManagers(), provider.getTrustManagers(), new SecureRandom());return context;}public static SSLServerSocket createSSLServerSocket(int port, SslContextProvider provider) throws Exception{SSLContext sslContext = createSSLContext(provider);SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory();SSLServerSocket sslServerSocket = (SSLServerSocket)sslServerSocketFactory.createServerSocket(port);sslServerSocket.setEnabledProtocols(new String[]{provider.getProtocol()});sslServerSocket.setNeedClientAuth(true);return sslServerSocket;}public static SSLSocket createSSLSocket(String host, int port, SslContextProvider provider) throws Exception{SSLContext sslContext = createSSLContext(provider);SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();SSLSocket sslSocket = (SSLSocket)sslSocketFactory.createSocket(host, port);sslSocket.setEnabledProtocols(new String[]{provider.getProtocol()});return sslSocket;}public static TrustManager[] createTrustManagers(String keyStorePath, String password) throws Exception{String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();TrustManagerFactory tmInstance = TrustManagerFactory.getInstance(defaultAlgorithm);KeyStore ksInstance = KeyStore.getInstance(JKS);FileInputStream fileInputStream = new FileInputStream(keyStorePath);try{ksInstance.load(fileInputStream, password.toCharArray());}catch (IOException e){e.printStackTrace();}catch (CertificateException e){e.printStackTrace();}finally {if(fileInputStream != null){fileInputStream.close();}}tmInstance.init(ksInstance);return tmInstance.getTrustManagers();}public static String getPeerIdentity(Socket socket){if(!(socket instanceof SSLSocket)){return null;}SSLSession sslSession = ((SSLSocket)socket).getSession();try{Principal peerPrincipal = sslSession.getPeerPrincipal();return getCommonName(peerPrincipal);}catch (SSLPeerUnverifiedException e){e.printStackTrace();}return "unknown client";}private static String getCommonName(Principal subject){try{LdapName ldapName = new LdapName(subject.getName());for(Rdn rdn : ldapName.getRdns()){if("cn".equalsIgnoreCase(rdn.getType())){return (String)rdn.getValue();}}}catch (Exception e){e.printStackTrace();}return null;}
}这里的双向认证的关键:
Qt:
Java:
源码打包下载地址:
https://github.com/fengfanchen/Java/tree/master/Ssl_QtServer_JavaClient
QtJava笔记-Qt与Java进行SSL双向认证(Qt服务端,Java客户端)相关推荐
- java实现 SSL双向认证
http://avery-leo.iteye.com/blog/276096 实现技术: JSSE(Java Security Socket Extension) 是Sun为了解决在Internet上 ...
- ios https 单项认证 双向认证 以及服务端配置
单项认证:客户端APP包里保存一份证书 用于校验服务端证书是否合法 双向认证:单项认证以外, 客户端(不是app,这里指系统)要拥有一份证书 用于传给服务端用于校验客户端证书是否合法 分两方面讲解 ...
- QtJava笔记-Qt与Java进行SSL双向认证(Qt客户端,Java服务端)
这里使用Java作为服务端,使用Qt作为客户端. 程序运行截图如下: 这里的证书Qt使用的p12,Java使用的jks,看以前的博文生成. 源码打包下载地址: https://github.com/f ...
- java websocket修改为同步_服务端向客户端推送消息技术之websocket的介绍
websocket的介绍 在讲解WebSocket前,我们先来看看下面这种场景,在HTTP协议下,怎么实现. 需求: 在网站中,要实现简单的聊天,这种情况怎么实现呢?如下图: 当发送私信的时候,如 ...
- 服务器双向认证 原理,什么叫SSL双向认证 SSL双向认证过程是怎样的
我们都知道SSL认证能够分成SSL双向认证和SSL单向认证.那么,什么是SSL双向认证?SSL双向认证过程又是怎样的?小编就在接下来的内容为各位详细讲述. 什么叫SSL双向认证 SSL双向认证则是需要 ...
- java使用bks双向认证_客户端与服务器SSL双向认证(客户端:Android
客户端与服务器SSL双向认证(客户端Android-服务端vc)-含源码(一)服务端已经生成了client.p12.server.p12.ca.p12:主要实现客户端过程(二)目录结构(三)客户端注 ...
- java客户端带证书访问服务端_客户端与服务器SSL双向认证(客户端:java-服务端:java)...
客户端与服务器SSL双向认证(java-java):含源码 (一)实现技术: JSSE(Java Security Socket Extension) 是Sun为了解决在Internet上的实现安全信 ...
- 【ssl认证、证书】SSL双向认证java实战、keytool创建证书
文章目录 概述 keytool示例 参考 相关文章: //-----------Java SSL begin---------------------- [ssl认证.证书]SSL双向认证和SSL单向 ...
- JAVA实现发送HTTPS请求(SSL双向认证)
一.项目背景 Java项目需要作为客户端发起HTTPS请求访问服务端,并且需要携带证书进行SSL双向认证,当前提供的证书相关文件有:ca.crt.ca.key.client.crt.client.ke ...
最新文章
- php免费iphp免费idede,闲鹤草邻
- 业务系统设计之一:系统菜单设计
- 整数划分问题(续)(非递归法)
- C#集合类(HashTable, Dictionary, ArrayList,List)与HashTable线程安全
- 饿了吗app都是用html写的,Vue2.0仿饿了么webapp单页面应用详细步骤
- WordPress的nocache header生成原理
- javaweb在线问卷系统_2020 最新流行的Java Web报表工具比对
- vue js 对象下的原型_如何使用Vue.js和Pusher创建实时原型反馈应用程序
- SHELL递归遍历文件夹下所有文件
- PayPal个人账户不能提现了吗?怎么解决?
- pycharm 2018 永久激活
- 自己合成制作支付宝、微信、QQ三合一万能收款码
- Trafodion之DTM介绍
- 电磁场理论笔记03:自由空间中微分形式电磁场定律和边界条件
- uni-app 的 tabBar 图标自制方法
- php doctrine,数据库和Doctrine ORM
- 国产麒麟系统为何饱受争议?
- python操作剪贴板
- Input标签type属性
- 大学专业课真题(百度拷贝过来的)