I am sending an ssl message to my browser, the browser then returns with a message but i do not know how to decrypt it?
CODE:
import java.io.*;
import javax.net.ssl.*;
public class Server{
public static void main(String[] args) throws IOException{
int port = 8080;
System.setProperty("javax.net.ssl.keyStore", "keys2/newLocal.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.getProperty("java.net.debug", "all");
SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(port);
while(true){
System.out.println("listening on port: " + port);
SSLSocket sslsocket = (SSLSocket) sslServerSocket.accept();
PrintStream out = new PrintStream(sslsocket.getOutputStream(), true);
var protocol = sslsocket.getSSLParameters();
System.out.println(protocol);
BufferedInputStream bufferedInputStream= new BufferedInputStream(sslsocket.getInputStream());
System.out.println(bufferedInputStream);
String msg = "Hello World";
out.println("HTTPS/1.0 200 OK");
out.println("Content-Type: text/html");
out.println();
out.print(msg);
out.close();
}
}
}
The Message returned is:
java.io.BufferedInputStream#1bce4f0a
I assume that i need to get the public key from the browser to decrypt.
Related
I want to create an ssl socket for a multithreaded server, but when a second client is connected I get some exceptions.
Here is my server code:
public class Master implements Runnable{
public static SSLSocket sslSocket = null;
public static SSLServerSocket sslServerSocket =null;
public static SSLServerSocketFactory sslServerSocketfactory ;
Master(SSLSocket s) {
this.sslSocket = s;
}
public static void main(String args[]) throws Exception {
System.out.println("Listening");
sslServerSocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(7777);
while (true)
{
sslSocket = (SSLSocket) sslServerSocket.accept();
sslSocket.setEnabledCipherSuites(sslServerSocketfactory.getSupportedCipherSuites());
System.setProperty("javax.net.ssl.keyStore", "Master_keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "passwd1");
System.out.println("Connected");
new Thread(new Master(sslSocket)).start();
}
}
public void run() {
synchronized(this){
do{
try{
//here is the error
ObjectOutputStream objout = new ObjectOutputStream(sslSocket.getOutputStream());
ObjectInputStream objin = new ObjectInputStream(sslSocket.getInputStream());
/* code */
} catch (Exception ex) {
Logger.getLogger(Master.class.getName()).log(Level.SEVERE, null, ex);}
}while(true);
}
}
}
And my client code is the following
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket("localhost", 7777);
sslsocket.setEnabledCipherSuites(sslsocketfactory.getSupportedCipherSuites());
System.setProperty("javax.net.ssl.keyStore", "Client_keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "passwd2");
try {
do {
ObjectOutputStream objout = new ObjectOutputStream(sslsocket.getOutputStream());
ObjectInputStream objin = new ObjectInputStream(sslsocket.getInputStream());
/* code*/
} while (true);
} catch (Exception ex) {
System.out.println(ex.getMessage());
}
The exceptions I get are:
SEVERE: null
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1541)
at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1553)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:71)
at java.io.ObjectOutputStream$BlockDataOutputStream.drain(ObjectOutputStream.java:1877)
at java.io.ObjectOutputStream$BlockDataOutputStream.setBlockDataMode(ObjectOutputStream.java:1786)
at java.io.ObjectOutputStream.<init>(ObjectOutputStream.java:247)
at master.Master.run(Master.java:233)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1035)
at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:738)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
... 5 more
can someone give me a solution?
public static SSLSocket sslSocket = null;
The problem is here. There is absolutely no reason for making this variable static. Don't use static unless you know exactly why you are doing so.
I am trying to establish a SSL connection between java server and python client.
Here is the code:
Server side:
public class s implements Runnable {
List<SSLSocket> socketList= new ArrayList<SSLSocket>();
List<File> FileList= new ArrayList<File>();
List<Certificate> CertificateList = new ArrayList<Certificate>();
public static void main(String[] args) {
s manager = new s();
new Thread(manager).start();
Scanner scanner = new Scanner(System.in);
while(true){
System.out.printf("Send> ");
String message = scanner.nextLine();
if(message.equals("") || message.equals("/n")){
continue;
}else{
manager.send(message);
}
}
}
private static SSLServerSocket getServerSocket(int thePort)
{
SSLServerSocket s=null;
try
{
String key="G:\\mySrvKeystore";
char keyStorePass[]="123456".toCharArray();
char keyPassword[]="123456".toCharArray();
KeyStore ks= KeyStore.getInstance("JKS");
ks.load(new FileInputStream(key),keyStorePass);
KeyManagerFactory kmf= KeyManagerFactory.getInstance("SunX509");
kmf.init(ks,keyPassword);
SSLContext sslContext= SSLContext.getInstance("SSLv3");
sslContext.init(kmf.getKeyManagers(),null,null);
SSLServerSocketFactory factory=sslContext.getServerSocketFactory();
s=(SSLServerSocket)factory.createServerSocket(thePort);
}catch(Exception e)
{
System.out.println(e);
}
return(s);
}
public void run() {
try {
while (true) {
SSLServerSocket sslserversocket = getServerSocket(**9991**);
SSLSocket client = (SSLSocket)sslserversocket.accept();
socketList.add(client);
new Thread(new SSocket(client,socketList,FileList)).start();
}
} catch (IOException e) {
e.printStackTrace();
}
}
Client side:
class timer(threading.Thread):
def __init__(self):
self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.ssl_sock = ssl.wrap_socket(self.sock, ssl_version=ssl.PROTOCOL_SSLv3)
self.ssl_sock.connect(('localhost',9990))
self.isrun = True
threading.Thread.__init__(self);
def run(self):
while self.isrun:
revice = self.ssl_sock.recv(1024);
print ("recv> " + revice);
self.sock.close();
self.ssl_sock.close();
def send(self,str):
self.ssl_sock.send(str + "\n")
def close(self):
self.isrun=False
if __name__=='__main__':
main()
I got:
I did not use reserve port and my OS is windows-7. And I run the server first then the client.
I don't understand why I cannot run multiple instance of the program?
Is it because I am using the same port?
But it was ok before when I just used socket instead of SSLsocket.
THanks for any help
You cannot have multiple server processes listening to the same port. How would the OS know which one gets the connection?
The usual way to handle multiple clients is to spawn a thread AFTER you have accepted a connection. You pass the connection to the thread and the main thread loops, continuing to listen and accept new connections.
This is all very basic TCP/IP and has nothing to do with SSL.
this is my server code
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
public class SSLServer {
final static String pathToStores = "C:/Users/Amee";
final static String keyStoreFile = "server.jks";
final static String passwd = "changeit";
final static int theServerPort = 8443;
static boolean debug = false;
public static void main(String args[]) throws Exception {
String trustFilename = pathToStores + "/" + keyStoreFile;
// System.out.println("Verifying KeyStore File of Client..");
System.setProperty("javax.net.ssl.keyStore", trustFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
if (debug)
System.setProperty("javax.net.debug", "all");
System.out.println("Setting up SSL parameters");
// Initialize socket connection
SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory
.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf
.createServerSocket(theServerPort);
System.out.println("Server Started..Waiting for clients");
//sslServerSocket.setNeedClientAuth(true);
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
// sslSocket.startHandshake();
System.out.println("Client Connected!");
InputStream sslIS = sslSocket.getInputStream();
OutputStream sslOS = sslSocket.getOutputStream();
final int RSAKeySize = 1024;
final String newline = "\n";
Key pubKey = null;
Key privKey = null;
boolean flag = sslSocket.getNeedClientAuth();
System.out.println("Flag value: " + flag);
String messgae = "Hello Client!";
sslOS.write(messgae.getBytes());
// sslOS.close();
}
}
=================================================================
this is my client code
=============================================
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class SSLClient{
final static String pathToStores = "C:/Users/Amee";
final static String trustStoreFile = "client.jks";
final static String passwd = "changeit";
final static String theServerName = "localhost";
final static int theServerPort = 8443;
static boolean debug = false;
public static void main(String args[]) throws Exception {
String trustFilename = pathToStores + "/" + trustStoreFile;
System.out.println("Validating KeyStore file of Server..");
System.setProperty("javax.net.ssl.trustStore", trustFilename);
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
if (debug)
System.setProperty("javax.net.debug", "all");
SSLSocketFactory sslssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)sslssf.createSocket(theServerName, 8443);
System.out.println("Connected to Server!");
while (true) {
if (sslSocket.getInputStream().available() > 0) {
byte[] data = new byte[sslSocket.getInputStream().available()];
sslSocket.getInputStream().read(data);
System.out.println(new String(data));
}
}
}
}
================================================================
Give some suggestions...How would i be able to transfer the data over channel?
The way you are using available() is specifically warned against in the Javadoc. Use a fixed size buffer, and block in the read() method.
I am very new to Cryptography using Java. I have to build a program that exchanges certificate before any data communication takes place. I am using sslSockets to build basic client-server program and I am not using HTTP/S, this is just to get extra security. (Would like to know difference between Socket and SSLSocket.. does it mean everything is automatically encrypted?)
Here's my UPDATED Server Code:
public class SSLServerExample {
final static String pathToStores = "C:/Users/XXX/Desktop/sslserverclientprogram";
final static String keyStoreFile = "keystore.jks";
final static String passwd = "changeit";
final static int theServerPort = 8443;
static boolean debug = false;
public static void main(String args[]) throws Exception {
String trustFilename = pathToStores + "/" + keyStoreFile;
// System.out.println("Verifying KeyStore File of Client..");
System.setProperty("javax.net.ssl.keyStore", trustFilename);
System.setProperty("javax.net.ssl.keyStorePassword", passwd);
if (debug)
System.setProperty("javax.net.debug", "all");
System.out.println("Setting up SSL parameters");
// Initialize socket connection
SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket)sslssf.createServerSocket(theServerPort);
System.out.println("Server Started..Waiting for clients");
sslServerSocket.setNeedClientAuth(true);
SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept();
//sslSocket.startHandshake();
System.out.println("Client Connected!");
InputStream sslIS = sslSocket.getInputStream();
OutputStream sslOS = sslSocket.getOutputStream();
sslServerSocket.setNeedClientAuth(true);
final int RSAKeySize = 1024;
final String newline = "\n";
Key pubKey = null;
Key privKey = null;
boolean flag = sslSocket.getNeedClientAuth();
System.out.println("Flag value: "+ flag);
The flag results in False, even though I set it as true and client sends data which is decrypted by the server without authenticating each other.
Am I missing something?
Please help.
PS: My Client code:
public class SSLClientExample {
final static String pathToStores = "C:/Users/XXX/Desktop/sslserverclientprogram";
final static String trustStoreFile = "cacerts.jks";
final static String passwd = "changeit";
final static String INPUT_FILE = "E:/workspace/input.txt";
final static String theServerName = "localhost";
final static int theServerPort = 8443;
static boolean debug = false;
public static void main(String args[]) throws Exception {
String trustFilename = pathToStores + "/" + trustStoreFile;
System.out.println("Validating KeyStore file of Server..");
System.setProperty("javax.net.ssl.trustStore", trustFilename);
System.setProperty("javax.net.ssl.trustStorePassword", passwd);
if (debug)
System.setProperty("javax.net.debug", "all");
SSLSocketFactory sslssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)sslssf.createSocket(theServerName, 8443);
System.out.println("Connected to Server!");
You have to invoke sslServerSocket.setNeedClientAuth(true); before accepting incoming client connections. You are modifying the server socket's configuration after the connection has already been established.
I want to create an app use SSLSocket: client send a String to server and server will uppercase that String and send back to client for display.
SSLServer
public class SSLServer {
public static void main(String args[]) throws Exception
{
try{
//Creaet a SSLServersocket
SSLServerSocketFactory factory=(SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslserversocket=(SSLServerSocket) factory.createServerSocket(1234);
//Tạo 1 đối tượng Socket từ serversocket để lắng nghe và chấp nhận kết nối từ client
SSLSocket sslsocket=(SSLSocket) sslserversocket.accept();
//Tao cac luong de nhan va gui du lieu cua client
DataInputStream is=new DataInputStream(sslsocket.getInputStream());
PrintStream os=new PrintStream(sslsocket.getOutputStream());
while(true) //khi dang ket noi voi client
{
//Doc du lieu den
String input=is.readUTF();
String ketqua=input.toUpperCase();
//Du lieu tra ve
os.println(ketqua);
}
}
catch(IOException e)
{
System.out.print(e);
}
}
}
SSLClient
public class SSLClient {
public static void main(String args[])
{
try
{
//Mo 1 client socket den server voi so cong va dia chi xac dinh
SSLSocketFactory factory=(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslsocket=(SSLSocket) factory.createSocket("127.0.0.1",1234);
//Tao luong nhan va gui du lieu len server
DataOutputStream os=new DataOutputStream(sslsocket.getOutputStream());
DataInputStream is=new DataInputStream(sslsocket.getInputStream());
//Gui du lieu len server
String str="helloworld";
os.writeBytes(str);
//Nhan du lieu da qua xu li tu server ve
String responseStr;
if((responseStr=is.readUTF())!=null)
{
System.out.println(responseStr);
}
os.close();
is.close();
sslsocket.close();
}
catch(UnknownHostException e)
{
System.out.println(e.getMessage());
}
catch(IOException e)
{
System.out.println(e.getMessage());
}
}
}
When run SSLServer. It displays this error:
javax.net.ssl.SSLException: No available certificate or key corresponds
to the SSL cipher suites which are enabled
I have search and do some ways but.. Can you help me.
This will generate certificate:
keytool -genkey -keystore yourKEYSTORE -keyalg RSA
Enter yourPASSWORD and than start your server with ssl debug information(put yourKEYSTORE into directory with SSLServer.class):
java -Djavax.net.ssl.keyStore=yourKEYSTORE -Djavax.net.ssl.keyStorePassword=yourPASSWORD -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Djavax.net.debug=ssl SSLServer
Than start your client(put yourKEYSTORE into directory with SSLClient.class):
java -Djavax.net.ssl.trustStore=yourKEYSTORE -Djavax.net.ssl.trustStorePassword=yourPASSWORD SSLClient
#corVaroxid's answer is right. But if you want to set configurations programmatically to avoid global settings (like me), you can go like below (Kotlin):
val password = "yourPassword".toCharArray()
val keyStore = KeyStore.getInstance(File("yourKeystorePath.jks"), password)
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trustManagerFactory.init(keyStore)
val keyManagerFactory = KeyManagerFactory.getInstance("NewSunX509")
keyManagerFactory.init(keyStore, password)
val context = SSLContext.getInstance("TLS") //"SSL" "TLS"
context.init(keyManagerFactory.keyManagers, trustManagerFactory.trustManagers, null)
val factory = context.serverSocketFactory
(factory.createServerSocket(LISTENING_PORT) as SSLServerSocket).use { serverSocket ->
logger.trace("Listening on port: $LISTENING_PORT")
// ...
}
Or in Java:
final char[] password = "yourPassword".toCharArray();
final KeyStore keyStore = KeyStore.getInstance(new File("yourKeystorePath.jks"), password);
final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("NewSunX509");
keyManagerFactory.init(keyStore, password);
final SSLContext context = SSLContext.getInstance("TLS");//"SSL" "TLS"
context.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
final SSLServerSocketFactory factory = context.getServerSocketFactory();
try (SSLServerSocket serverSocket = ((SSLServerSocket) factory.createServerSocket(LISTENING_PORT))) {
logger.trace("Listening on port: " + LISTENING_PORT);
// ...
}
Check the certificates that you have installed. Make sure they are supporting the cipher suites that you are negotiating.