堆栈内存溢出
  简体   繁体   English

Java SSLSocket的问题

[英]Issue with Java SSLSocket

 原文  2017-07-06 18:55:28       java/ sockets/ ssl/ networking/ sslsocketfactory

问题描述

I'm currently working on a client-server project. 我目前正在处理一个客户端-服务器项目。
I've decided I should use SSL for security reasons. 我已出于安全原因决定使用SSL。

I tried converting all Socket and ServerSocket objects to their SSL variants, but to no avail. 我尝试将所有SocketServerSocket对象转换为它们的SSL变体,但无济于事。
When I use the SSLServerSocket and connect to it, socket output on the server-side freezes in the middle of outputstream.write(byte[]) . 当我使用SSLServerSocket并连接到它时,服务器端的套接字输出会冻结在outputstream.write(byte[])的中间。

Here are the functions I use to create the SSL Sockets, ContextController.CONTEXT is the SSLContext and Constants.DEBUG is a fast way for me to toggle SSL: 这是我用来创建SSL套接字的函数, ContextController.CONTEXTSSLContextConstants.DEBUG是我切换SSL的快速方法: 

public static ServerSocket server(int port, int backlog) throws IOException {
    return Constants.DEBUG ? new ServerSocket(port, backlog) : CONTEXT.getServerSocketFactory().createServerSocket(port, backlog);
}

public static Socket client(InetSocketAddress address) throws IOException {
    return Constants.DEBUG ? new Socket(address.getHostName(), address.getPort())
            : ContextController.CONTEXT.getSocketFactory().createSocket(address.getHostName(), address.getPort());
}

public static Socket client() throws IOException {
    return Constants.DEBUG ? new Socket() : ContextController.CONTEXT.getSocketFactory().createSocket();
}

When Constants.DEBUG = true (ie SSL is off) it works, but when SSL is on it freezes as stated above after sending some data indefinitely. Constants.DEBUG = true (即SSL禁用)时,它可以工作,但是当SSL处于启用状态时,它会在无限期发送一些数据后如上所述冻结。 How can I fix this? 我怎样才能解决这个问题?

EDIT : 编辑
Here is the source of ContextController.CONTEXT : 这是ContextController.CONTEXT的来源:
(note, I know I should use an actual TrustManager but first I want this to work) (请注意,我知道我应该使用实际的TrustManager但首先我要使其工作) 

    if (server) {// load the keystore
        try (FileInputStream fis = new FileInputStream(ks)) {
            CONTEXT = SSLContext.getInstance("SSL");

            // load the keystore from the file
            KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
            keystore.load(fis, PASSWORD);

            // setup the KeyManagerFactory (used by the server)
            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            kmf.init(keystore, PASSWORD);

            CONTEXT.init(kmf.getKeyManagers(), null, null);
        }
        catch (Exception e) {
        }
    }
    else {
        CONTEXT = SSLContext.getInstance("SSL");
        CONTEXT.init(null, new TrustManager[] { new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        } }, null);
    }

EDIT 2 : 编辑2
Here is a stacktrace of where it freezes, note it doesn't crash, it hangs: 这是冻结的堆栈跟踪,请注意它不会崩溃,但会挂起: 

Thread [ClientExecThread #0] (Suspended)    
owns: AppOutputStream  (id=54)  
owns: ByteArrayOutputStream  (id=55)    
SocketOutputStream.socketWrite0(FileDescriptor, byte[], int, int) line: not available [native method]   
SocketOutputStream.socketWrite(byte[], int, int) line: 111  
SocketOutputStream.write(byte[], int, int) line: 155    
OutputRecord.writeBuffer(OutputStream, byte[], int, int, int) line: 431 
OutputRecord.write(OutputStream, boolean, ByteArrayOutputStream) line: 417  
SSLSocketImpl.writeRecordInternal(OutputRecord, boolean) line: 876  
SSLSocketImpl.writeRecord(OutputRecord, boolean) line: 847  
AppOutputStream.write(byte[], int, int) line: 123   
ByteArrayOutputStream.writeTo(OutputStream) line: 167   
SocketStream.streamPacket(Packet) line: 181 
ClientThread.lambda$8(Group) line: 150  
1427646530.run(Object) line: not available  
ClientThread.execute() line: 444    
ClientThread$ClientExecThread.run() line: 261

I've placed a breakpoint the line after SocketStream.streamPacket(Packet) 181 and it never reaches it. 我在SocketStream.streamPacket(Packet) 181之后的行上放置了一个断点,但它从未到达过断点。

1 个解决方案

解决方案1
 -1 已采纳  2017-07-09 06:42:34

I really don't know why this happened and I don't need all aspects of SSL (only the encryption part, that why I didn't implement the TrustManager ) so I decided to implement a Diffie Hellman instead. 我真的不知道为什么会这样,而且我不需要SSL的所有方面(只需要加密部分,这就是为什么我没有实现TrustManager ),所以我决定改为实现Diffie Hellman。

This works as intended and combining the DH with AES I have encrypted traffic per my requirements. 这按预期方式工作,并且将DH与AES结合使用,我已根据自己的要求对流量进行了加密。

Thank you everyone for you help! 谢谢大家的帮助!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 JAVA,SSLSocket连接问题 - JAVA, Issue with SSLSocket connection SSLSocket创建中的Java异常 - Java Exception on SSLSocket creation [不支持的密码套件][Java SSLSocket] - [Unsupported ciphersuite][Java SSLSocket] 使用 SSLSocket Java 创建应用程序 - Create app with SSLSocket Java Java SSLSocket握手失败 - Java SSLSocket handshake failure Java的SSLSocket安全吗? - Is Java's SSLSocket Secure? Java,SSLSocket,未收到答案 - Java, SSLSocket, receiving no answer Android Lollipop上的sslsocket中的OutputStream问题 - OutputStream issue in sslsocket on android lollipop 将Java SSLSocket转换为未加密的套接字 - Converting Java SSLSocket to unencrypted Socket 具有Socks5代理的Java SSLSocket - Java SSLSocket with Socks5 Proxy
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM