Java SSLSocket mit TLS1.3 und TLS_AES_128_GCM_SHA256 Verschlüsselungsbeispiel
Veröffentlicht: 2020-07-18
Wie sende ich eine TLS1.3-HTTPs-Anfrage an Ihre Domain und drucke die Antwort?
Die Socket -Klasse erweitert Sockets und bietet sichere Sockets unter Verwendung von Protokollen wie den Protokollen „Secure Sockets Layer“ (SSL) oder „Transport Layer Security“ (TLS) der IETF.
In diesem Tutorial werden wir das Protokoll TLS1.3 und die Verschlüsselung TLS_AES_128_GCM_SHA256 .
Lass uns anfangen:
- Erstellen Sie die Datei CrunchifySSLTLS13Tutorial.java
- Protokoll einstellen: TLS1.3
- Verschlüsselung festlegen: TLS_AES_128_GCM_SHA256
- Tätigen Sie einen HTTP 1.0-Aufruf an crunchify.com
- Tätigen Sie einen HTTP 1.0-Aufruf an google.com
- Antwort drucken
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
package crunchify . com . tutorials ; import javax . net . ssl . SSLSocket ; import javax . net . ssl . SSLSocketFactory ; import java . io . * ; /** * @author Crunchify.com * version: 1.0 * Tutorial: Java SSLSocket with TLS1.3 and TLS_AES_128_GCM_SHA256 Cipher Tutorial */ public class CrunchifySSLTLS13Tutorial { // TLS1.3: There are new ciphersuites that only work in TLSv1.3. The old ciphersuites cannot be used for TLSv1.3 connections and the new ones cannot be used in TLSv1.2 and below. //The new ciphersuites are defined differently and do not specify the certificate type (e.g. RSA, DSA, ECDSA) or the key exchange mechanism (e.g. DHE or ECHDE). This has implications for ciphersuite configuration. private static final String [ ] crunchifyProtocols = new String [ ] { "TLSv1.3" } ; // TLS_AES_128_GCM_SHA256 Encryption: Advanced Encryption Standard with 128bit key in Galois/Counter mode (AES 128 GCM) // Hash: Secure Hash Algorithm 256 (SHA256) // RFC 8446 private static final String [ ] crunchifyCipher = new String [ ] { "TLS_AES_256_GCM_SHA384" } ; public static void main ( String [ ] args ) throws Exception { // This class extends Sockets and provides secure socket using protocols such as the "Secure Sockets Layer" (SSL) or IETF "Transport Layer Security" (TLS) protocols. SSLSocket crunchifySocket = null ; PrintWriter crunchifyPrintWriter = null ; BufferedReader crunchifyBufferReader = null ; try { // initialize SSL Socket Factory SSLSocketFactory crunchifyFactory = ( SSLSocketFactory ) SSLSocketFactory . getDefault ( ) ; crunchifySocket = ( SSLSocket ) crunchifyFactory . createSocket ( "google.com" , 443 ) ; // Enable protocol : TLS 1.3 crunchifySocket . setEnabledProtocols ( crunchifyProtocols ) ; // Enable Cipher: TLS_AES_128_GCM_SHA256 crunchifySocket . setEnabledCipherSuites ( crunchifyCipher ) ; // Start Handshake crunchifySocket . startHandshake ( ) ; // Creates a new PrintWriter, without automatic line flushing. crunchifyPrintWriter = new PrintWriter ( new BufferedWriter ( new OutputStreamWriter ( crunchifySocket . getOutputStream ( ) ) ) ) ; crunchifyPrintWriter . println ( "GET / HTTP/1.0" ) ; crunchifyPrintWriter . println ( ) ; crunchifyPrintWriter . flush ( ) ; if ( crunchifyPrintWriter . checkError ( ) ) System . out . println ( "SSLSocketClient Error: java.io.PrintWriter error" ) ; // Let's get response crunchifyBufferReader = new BufferedReader ( new InputStreamReader ( crunchifySocket . getInputStream ( ) ) ) ; String crunchifyStringLine ; while ( ( crunchifyStringLine = crunchifyBufferReader . readLine ( ) ) ! = null ) crunchifyLog ( crunchifyStringLine ) ; } catch ( Exception e ) { e . printStackTrace ( ) ; } finally { // Close Socket if ( crunchifySocket ! = null ) crunchifySocket . close ( ) ; // Close PrintWriter if ( crunchifyPrintWriter ! = null ) crunchifyPrintWriter . close ( ) ; // Close Buffer Reader if ( crunchifyBufferReader ! = null ) crunchifyBufferReader . close ( ) ; } } private static void crunchifyLog ( String crunchifyStringLine ) { System . out . println ( crunchifyStringLine ) ; } } |
Dies sind definierte TLS1.3-Protokolle:
- TLS_AES_128_CCM_8_SHA256
- TLS_AES_128_CCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
Ergebnis:
Auf Crunchify haben wir TLS1.3 enabled und daher gibt es keinen Fehler, den wir bekommen haben.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
/ Library / Java / JavaVirtualMachines / jdk - 13.0.1.jdk / Contents / Home / bin / java - javaagent : / Applications / IntelliJ IDEA . app / Contents / lib / idea_rt . jar = 62909 : / Applications / IntelliJ IDEA . app / Contents / bin - Dfile . encoding = UTF - 8 - classpath / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / target / classes : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / zxing - 2.1.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - logging - 1.1.2.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - collections - 3.2.1.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / javax . mail . jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - io - 2.4.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - lang - 2.6.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - configuration - 1.9.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / log4j - 1.2.17.jar : / Users / crunchify / Documents / C / crunchify - github / CrunchifyTutorials / WebContent / WEB - INF / lib / commons - beanutils - 1.8.3.jar : / Users / crunchify / . m2 / repository / org / glassfish / javax . json / 1.0.4 / javax . json - 1.0.4.jar : / Users / crunchify / . m2 / repository / com / github / wnameless / json - flattener / 0.2.2 / json - flattener - 0.2.2.jar : / Users / crunchify / . m2 / repository / com / eclipsesource / minimal - json / minimal - json / 0.9.4 / minimal - json - 0.9.4.jar : / Users / crunchify / . m2 / repository / org / apache / commons / commons - lang3 / 3.4 / commons - lang3 - 3.4.jar : / Users / crunchify / . m2 / repository / com / google / code / gson / gson / 2.8.0 / gson - 2.8.0.jar : / Users / crunchify / . m2 / repository / net / jodah / expiringmap / 0.5.7 / expiringmap - 0.5.7.jar : / Users / crunchify / . m2 / repository / org / apache / httpcomponents / httpclient / 4.3.6 / httpclient - 4.3.6.jar : / Users / crunchify / . m2 / repository / org / apache / httpcomponents / httpcore / 4.3.3 / httpcore - 4.3.3.jar : / Users / crunchify / . m2 / repository / commons - codec / commons - codec / 1.6 / commons - codec - 1.6.jar : / Users / crunchify / . m2 / repository / org / json / json / 20151123 / json - 20151123.jar : / Users / crunchify / . m2 / repository / net / spy / spymemcached / 2.12.3 / spymemcached - 2.12.3.jar : / Users / crunchify / . m2 / repository / com / whalin / Memcached - Java - Client / 3.0.2 / Memcached - Java - Client - 3.0.2.jar : / Users / crunchify / . m2 / repository / commons - pool / commons - pool / 1.5.6 / commons - pool - 1.5.6.jar : / Users / crunchify / . m2 / repository / org / slf4j / slf4j - api / 1.6.4 / slf4j - api - 1.6.4.jar : / Users / crunchify / . m2 / repository / com / googlecode / xmemcached / xmemcached / 2.4.5 / xmemcached - 2.4.5.jar : / Users / crunchify / . m2 / repository / com / paypal / sdk / rest - api - sdk / 1.14.0 / rest - api - sdk - 1.14.0.jar : / Users / crunchify / . m2 / repository / commons - dbcp / commons - dbcp / 20030825.184428 / commons - dbcp - 20030825.184428.jar : / Users / crunchify / . m2 / repository / javax / ws / rs / javax . ws . rs - api / 2.0 / javax . ws . rs - api - 2.0.jar : / Users / crunchify / . m2 / repository / org / hamcrest / hamcrest - all / 1.3 / hamcrest - all - 1.3.jar : / Users / crunchify / . m2 / repository / log4j / log4j / 1.2.17 / log4j - 1.2.17.jar : / Users / crunchify / . m2 / repository / com / google / guava / guava / 19.0 / guava - 19.0.jar : / Users / crunchify / . m2 / repository / com / googlecode / json - simple / json - simple / 1.1 / json - simple - 1.1.jar : / Users / crunchify / . m2 / repository / commons - net / commons - net / 2.0 / commons - net - 2.0.jar : / Users / crunchify / . m2 / repository / asm / asm / 3.3.1 / asm - 3.3.1.jar : / Users / crunchify / . m2 / repository / axis / axis / 1.4 / axis - 1.4.jar : / Users / crunchify / . m2 / repository / org / apache / axis / axis - jaxrpc / 1.4 / axis - jaxrpc - 1.4.jar : / Users / crunchify / . m2 / repository / axis / axis - wsdl4j / 1.5.1 / axis - wsdl4j - 1.5.1.jar : / Users / crunchify / . m2 / repository / commons - beanutils / commons - beanutils / 1.8.3 / commons - beanutils - 1.8.3.jar : / Users / crunchify / . m2 / repository / commons - collections / commons - collections / 3.2.1 / commons - collections - 3.2.1.jar : / Users / crunchify / . m2 / repository / commons - configuration / commons - configuration / 1.10 / commons - configuration - 1.10.jar : / Users / crunchify / . m2 / repository / commons - io / commons - io / 2.4 / commons - io - 2.4.jar : / Users / crunchify / . m2 / repository / commons - discovery / commons - discovery / 0.5 / commons - discovery - 0.5.jar : / Users / crunchify / . m2 / repository / commons - lang / commons - lang / 2.6 / commons - lang - 2.6.jar : / Users / crunchify / . m2 / repository / commons - logging / commons - logging / 1.1.3 / commons - logging - 1.1.3.jar : / Users / crunchify / . m2 / repository / commons - logging / commons - logging - api / 1.1 / commons - logging - api - 1.1.jar : / Users / crunchify / . m2 / repository / javax / mail / mail / 1.4.7 / mail - 1.4.7.jar : / Users / crunchify / . m2 / repository / javax / activation / activation / 1.1 / activation - 1.1.jar : / Users / crunchify / . m2 / repository / javax / xml / jaxrpc - api / 1.1 / jaxrpc - api - 1.1.jar : / Users / crunchify / . m2 / repository / javax / servlet / javax . servlet - api / 3.1.0 / javax . servlet - api - 3.1.0.jar : / Users / crunchify / . m2 / repository / org / apache / axis / axis - saaj / 1.4 / axis - saaj - 1.4.jar : / Users / crunchify / . m2 / repository / wsdl4j / wsdl4j / 1.6.3 / wsdl4j - 1.6.3.jar : / Users / crunchify / . m2 / repository / com / google / zxing / core / 3.2.1 / core - 3.2.1.jar : / Users / crunchify / . m2 / repository / org / apache / commons / commons - compress / 1.9 / commons - compress - 1.9.jar : / Users / crunchify / . m2 / repository / mysql / mysql - connector - java / 5.1.6 / mysql - connector - java - 5.1.6.jar : / Users / crunchify / . m2 / repository / junit / junit / 4.12 / junit - 4.12.jar : / Users / crunchify / . m2 / repository / org / hamcrest / hamcrest - core / 1.3 / hamcrest - core - 1.3.jar : / Users / crunchify / . m2 / repository / ch / qos / logback / logback - classic / 1.2.3 / logback - classic - 1.2.3.jar : / Users / crunchify / . m2 / repository / ch / qos / logback / logback - core / 1.2.3 / logback - core - 1.2.3.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - context / 5.1.3.RELEASE / spring - context - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - aop / 5.1.3.RELEASE / spring - aop - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - beans / 5.1.3.RELEASE / spring - beans - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - core / 5.1.3.RELEASE / spring - core - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - jcl / 5.1.3.RELEASE / spring - jcl - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - expression / 5.1.3.RELEASE / spring - expression - 5.1.3.RELEASE.jar : / Users / crunchify / . m2 / repository / org / springframework / spring - context - support / 5.1.3.RELEASE / spring - context - support - 5.1.3.RELEASE.jar crunchify . com . tutorials . CrunchifySSLTLS13Tutorial HTTP / 1.1 301 Moved Permanently Server : nginx Date : Sat , 18 Jul 2020 03 : 10 : 08 GMT Content - Type : text / html Content - Length : 162 Connection : close Location : http : //000000000.kinsta.com/ X - Content - Type - Options : nosniff < html > < head > < title > 301 Moved Permanently < / title > < / head > < body > < center > < h1 > 301 Moved Permanently < / h1 > < / center > < hr > < center > nginx < / center > < / body > < / html > Process finished with exit code 0 |
Versuchen Sie es mit Google.com. Ersetzen Sie einfach die Domain crunchify.com und führen Sie das Programm erneut aus.
Ergebnis mit google.com-Domain:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
HTTP / 1.0 200 OK Date : Sat , 18 Jul 2020 03 : 29 : 22 GMT Expires : - 1 Cache - Control : private , max - age = 0 Content - Type : text / html ; charset = ISO - 8859 - 1 P3P : CP = "This is not a P3P policy! See g.co/p3phelp for more info." Server : gws X - XSS - Protection : 0 X - Frame - Options : SAMEORIGIN Set - Cookie : 1P_JAR = 2020 - 07 - 18 - 03 ; expires = Mon , 17 - Aug - 2020 03 : 29 : 22 GMT ; path =/ ; domain = . google . com ; Secure Set - Cookie : NID = 204 = BDdFDUl5oe - 0jvYXe8O9RF8x2cYz5q6dy0JRxsdQYFYV86TqTAEIPYB5BwoZCiaM0oUQ5GovV9x8qAiflI3gSbt45VrVmrXCgQX687SyRPO1lh |
Ich hoffe, dieses Tutorial hilft Ihnen dabei, eine beliebige URL mit dem TLS1.3-Protokoll zu erreichen.