堆栈内存溢出
  简体   繁体   English

Java非阻塞TLS PSK

[英]Java non-blocking TLS PSK

 原文  2015-06-23 13:30:44       java/ ssl/ vert.x/ jsse

问题描述

I'm working with a framework (Vertx 2) and need to implement a service that runs on top of TLS. 我正在使用框架(Vertx 2),需要实现在TLS之上运行的服务。 Vertx 2 has support for TLS, but I cannot get it to use the necessary ciphers (among others): Vertx 2支持TLS,但我无法使用它来使用必需的密码(以及其他密码):

  • TLS_PSK_WITH_3DES_EDE_CBC_SHA TLS_PSK_WITH_3DES_EDE_CBC_SHA
  • TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA

I also cannot use the Bouncy Castle lightweight API as it is stream-based and blocks (spawning threads etc. to deal with this is not acceptable as that will not scale). 我也不能使用Bouncy Castle轻量级API,因为它是基于流的,并且块(生成线程等用于处理此问题是不可接受的,因为这将无法扩展)。 The same goes for JESSIE. JESSIE也是如此。

It must use AES & DES with pre-shared keys, but I've been unable to find a way to get this to work. 它必须使用带有预共享密钥的AES和DES,但是我一直无法找到一种方法来使其工作。 Any solution which is non-blocking/async is workable. 任何非阻塞/异步的解决方案都是可行的。

1 个解决方案

解决方案1
 0  2016-01-23 21:14:14

If you're on Linux or OSX, Conscrypt ( https://conscrypt.org ) might be an option. 如果您使用的是Linux或OSX,则可以选择Conscrypt( https://conscrypt.org )。 This is an OpenSSL/BoringSSL backed JCA Provider which will give you an SSLEngine impl which you can then use with Java NIO in non-blocking mode. 这是一个由OpenSSL / BoringSSL支持的JCA Provider,它将为您提供一个SSLEngine的实现,然后您可以在非阻塞模式下将其与Java NIO一起使用。 For context, Conscrypt is the default provider of crypto and TLS/SSL primitives on Android. 就上下文而言,Conscrypt是Android上默认的加密和TLS / SSL原语提供程序。

To use it with TLS-PSK, you'll need to initialize a Conscrypt-provided SSLContext with an implementation of org.conscrypt.PSKKeyManager and then obtain an SSLEngine from that context. 要将其与TLS-PSK一起使用,您需要使用org.conscrypt.PSKKeyManager的实现来初始化Conscrypt提供的SSLContext,然后从该上下文中获取SSLEngine。 For documentation, see PSKKeyManager interface Javadoc or Javadoc of very similar Android framework class PskKeyManager ( https://developer.android.com/reference/android/net/PskKeyManager.html ). 有关文档,请参见PSKKeyManager接口Javadoc或非常相似的Android框架类PskKeyManager( https://developer.android.com/reference/android/net/PskKeyManager.html )的Javadoc。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 非阻塞Java方法 - Non-blocking Java methods Java NIO 中的阻塞和非阻塞模式 - Blocking and Non-Blocking Modes in Java NIO 使用java.io的非阻塞服务器 - A non-blocking server with java.io Java中的异步非阻塞远程日志记录? - Asynchronous non-blocking remote logging in Java? Java - 处理非阻塞调用 - Java - Handling Non-Blocking Calls Java中的非阻塞(异步)DNS解析 - Non-blocking (async) DNS resolving in Java java非阻塞HTTP客户端 - java Non-blocking HTTP client java Selector是异步或非阻塞体系结构 - java Selector is asynchronous or non-blocking architecture Java中是否存在有限的非阻塞集合? - Is there a bounded non-blocking Collection in Java? Java非阻塞IO ObjectStream - Java Non-Blocking IO ObjectStream
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM