Socket实战之五 使用加密协议传输对象

http://blog.csdn.net/kongxx/article/details/7259837
前面几篇博文提到了Socket中一些常用的用法，但是对于一些有安全要求的应用就需要加密传输的数据，此时就需要用到SSLSocket了。

还是一样需要一个实现了java.io.Serializable接口的简单Java对象
[java] view plaincopyprint?
package com.googlecode.garbagecan.test.socket.ssl; 
 
public class User implements java.io.Serializable { 
    private static final long serialVersionUID = 1L; 
    private String name; 
    private String password; 
 
    public User() { 
         
    } 
     
    public User(String name, String password) { 
        this.name = name; 
        this.password = password; 
    } 
     
    public String getName() { 
        return name; 
    } 
 
    public void setName(String name) { 
        this.name = name; 
    } 
 
    public String getPassword() { 
        return password; 
    } 
 
    public void setPassword(String password) { 
        this.password = password; 
    } 
     
} 
SSL Server类，这里需要用到ServerSocketFactory类来创建SSLServerSocket类实例，然后在通过SSLServerSocket来获取SSLSocket实例，这里考虑到面向对象中的面向接口编程的理念，所以代码中并没有出现SSLServerSocket和SSLSocket，而是用了他们的父类ServerSocket和Socket。在获取到ServerSocket和Socket实例以后，剩下的代码就和不使用加密方式一样了。
[java] view plaincopyprint?
package com.googlecode.garbagecan.test.socket.ssl; 
 
import java.io.BufferedInputStream; 
import java.io.IOException; 
import java.io.ObjectInputStream; 
import java.io.ObjectOutputStream; 
import java.net.ServerSocket; 
import java.net.Socket; 
import java.util.logging.Level; 
import java.util.logging.Logger; 
 
import javax.net.ServerSocketFactory; 
import javax.net.ssl.SSLServerSocketFactory; 
 
public class MyServer { 
     
    private final static Logger logger = Logger.getLogger(MyServer.class.getName()); 
     
    public static void main(String[] args) { 
        try { 
            ServerSocketFactory factory = SSLServerSocketFactory.getDefault(); 
            ServerSocket server = factory.createServerSocket(10000); 
             
            while (true) { 
                Socket socket = server.accept(); 
                invoke(socket); 
            } 
        } catch (Exception ex) { 
            ex.printStackTrace(); 
        } 
    } 
     
    private static void invoke(final Socket socket) throws IOException { 
        new Thread(new Runnable() { 
            public void run() { 
                ObjectInputStream is = null; 
                ObjectOutputStream os = null; 
                try { 
                    is = new ObjectInputStream(new BufferedInputStream(socket.getInputStream())); 
                    os = new ObjectOutputStream(socket.getOutputStream()); 
 
                    Object obj = is.readObject(); 
                    User user = (User)obj; 
                    System.out.println("user: " + user.getName() + "/" + user.getPassword()); 
 
                    user.setName(user.getName() + "_new"); 
                    user.setPassword(user.getPassword() + "_new"); 
 
                    os.writeObject(user); 
                    os.flush(); 
                } catch (IOException ex) { 
                    logger.log(Level.SEVERE, null, ex); 
                } catch(ClassNotFoundException ex) { 
                    logger.log(Level.SEVERE, null, ex); 
                } finally { 
                    try { 
                        is.close(); 
                    } catch(Exception ex) {} 
                    try { 
                        os.close(); 
                    } catch(Exception ex) {} 
                    try { 
                        socket.close(); 
                    } catch(Exception ex) {} 
                } 
            } 
        }).start(); 
    } 
} 
SSL Client类和SSL Server类类似，只是将其中获取Socket的方式有所变化，其余的代码也和不使用加密方式一样。
[java] view plaincopyprint?
package com.googlecode.garbagecan.test.socket.ssl; 
 
import java.io.BufferedInputStream; 
import java.io.IOException; 
import java.io.ObjectInputStream; 
import java.io.ObjectOutputStream; 
import java.net.Socket; 
import java.util.logging.Level; 
import java.util.logging.Logger; 
 
import javax.net.SocketFactory; 
import javax.net.ssl.SSLSocketFactory; 
 
public class MyClient { 
     
private final static Logger logger = Logger.getLogger(MyClient.class.getName()); 
 
    public static void main(String[] args) throws Exception { 
        for (int i = 0; i < 100; i++) { 
            Socket socket = null; 
            ObjectOutputStream os = null; 
            ObjectInputStream is = null; 
             
            try { 
                SocketFactory factory = SSLSocketFactory.getDefault(); 
                socket = factory.createSocket("localhost", 10000); 
     
                os = new ObjectOutputStream(socket.getOutputStream()); 
                User user = new User("user_" + i, "password_" + i); 
                os.writeObject(user); 
                os.flush(); 
                 
                is = new ObjectInputStream(new BufferedInputStream(socket.getInputStream())); 
                Object obj = is.readObject(); 
                if (obj != null) { 
                    user = (User)obj; 
                    System.out.println("user: " + user.getName() + "/" + user.getPassword()); 
                } 
            } catch(IOException ex) { 
                logger.log(Level.SEVERE, null, ex); 
            } finally { 
                try { 
                    is.close(); 
                } catch(Exception ex) {} 
                try { 
                    os.close(); 
                } catch(Exception ex) {} 
                try { 
                    socket.close(); 
                } catch(Exception ex) {} 
            } 
        } 
    } 
} 
代码写完了，下面就需要产生keystore文件了，运行下面的命令
[plain] view plaincopyprint?
keytool -genkey -alias mysocket -keyalg RSA -keystore mysocket.jks 
在提示输入项中，密码项自己给定，其它都不改直接回车，这里我使用的密码是“mysocket”。
运行Server

[plain] view plaincopyprint?
java -Djavax.net.ssl.keyStore=mysocket.jks -Djavax.net.ssl.keyStorePassword=mysocket com.googlecode.garbagecan.test.socket.ssl.MyServer 
运行Client
[plain] view plaincopyprint?
java -Djavax.net.ssl.trustStore=mysocket.jks  -Djavax.net.ssl.trustStorePassword=mysocket com.googlecode.garbagecan.test.socket.ssl.MyClient