15 Haziran 2017 Perşembe

SSLSocket Sınıfı - İstemci Tarafında Kullanılır

Giriş
Açıklaması şöyle
SSLSocket is an extension of Socket that adds a layer of security protections over the underlying network transport protocol, such as TCP and UDP, and provides the benefits of SSL and TLS.
Kullanım
Örnek
Şöyle yaparız
String[] protocols = new String[]{"TLSv1.3"};
String[] cipher_suites = new String[]{"TLS_AES_128_GCM_SHA256"};

SSLSocket socket = null;
PrintWriter out = null;
BufferedReader in = null;
try {
  // Step : 1
  SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
  // Step : 2
  socket = (SSLSocket) factory.createSocket("google.com", 443);
  // Step : 3
  socket.setEnabledProtocols(protocols);
  socket.setEnabledCipherSuites(cipher_suites); 
  // Step : 4 {optional}
  socket.startHandshake(); 
  // Step : 5
  out = new PrintWriter(
    new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())));
  out.println("GET / HTTP/1.0");
  out.println();
  out.flush();
  if (out.checkError()) {
    System.out.println("SSLSocketClient:  java.io.PrintWriter error");
  }
            
  // Step : 6
  in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
 
  String inputLine;
  while ((inputLine = in.readLine()) != null) {
    System.out.println(inputLine);
  }
} catch (Exception e) {
  ...
} finally {
  if (socket != null) {socket.close();}
  if (out != null) {out.close();}
  if (in != null) {in.close();}
}
constructor - istemci
SSLSocketFactory sınıfının overload edilmiş createSocket metodlarından bir tanesi çağrılarak yaratılır. Şöyle yaparız.
SocketFactory sf = ...;
SSLSocket socket = (SSLSocket) sf.createSocket("gmail.com", 443);
constructor - sunucu
Şöyle yaparız.
SSLServerSocket sslServerSocket = ...;
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
close metodu
Şöyle yaparız.
socket.close();
getSession metodu
Şöyle yaparız.
SSLSession sslSession = socket.getSession();
setEnabledCipherSuites metodu
Açıklaması şöyle
You are enabling all the anonymous and low-grade cipher suites, so you are allowing the server not to send a certificate, so it doesn't send one, so it doesn't give you one in
Şöyle yaparız.
String cipherSuites[] ={
  "TLS_RSA_WITH_AES_128_CBC_SHA256"
  ,"TLS_RSA_WITH_AES_128_CBC_SHA"
  ,"TLS_RSA_WITH_AES_256_CBC_SHA"
  ,"TLS_RSA_WITH_AES_256_CBC_SHA256"              
  ...
}; 

socket.setEnabledCipherSuites(cipherSuites);
Şöyle yaparız.
sslSocket.setEnabledCipherSuites(sslSocket.getSupportedCipherSuites());
setEnabledProtocols metodu
Şöyle yaparız.
String tlsVersions[] = ...;
socket.setEnabledProtocols(tlsVersions);
startHandshake metodu
Şöyle yaparız.
sslSocket.startHandshake();


Hiç yorum yok:

Yorum Gönder