Partage
  • Partager sur Facebook
  • Partager sur Twitter

SSL certificat

-Crixus-
    26 septembre 2021 à 5:17:43

    Bonjour.

    J'essaie de faire fonctionner une socket ssl mais voila, je suis confronté a des difficultés.

    j'ai codé cela de tel manière :

    Server :

    	public void connect() {

		// Start server on the defined port
		try {
			
			SSLContext context = SSLContext.getInstance("SSL");
			KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
			KeyStore ks = KeyStore.getInstance("JKS");
			char[] password = "ChatServer".toCharArray();
			ks.load(new FileInputStream("server.keystore"), password);
			kmf.init(ks, password);
			context.init(kmf.getKeyManagers(), null, null);
			Arrays.fill(password, '0');
			
			SSLServerSocketFactory factory = context.getServerSocketFactory();
			socketserver = (SSLServerSocket) factory.createServerSocket(port); //create the server
			
			String[] supported = factory.getSupportedCipherSuites();
			((SSLServerSocket) socketserver).setEnabledCipherSuites(supported);
			
			uiSocket.updateSocketStatus(1);
			
			try {
				RMIEndPoint endPoint = new RMIEndPoint(this);
				RMIManager.rmi.add("RMIEndPoint", endPoint);
			} catch (Exception e) {
				e.printStackTrace();
			}



			Thread getClientConnection = new Thread(()->{ // launch a thread to get new connection
				try {
					getClientConnection(socketserver); // handles connection asks
				} catch (IOException e) {
					if(socketserver.isClosed()) {
						close();
						/*
						 *  This code will be called at the end of this thread
						 *  We can't use join, it freezes the javafx thread, all button, field etc, in fact, it would crash the app
						 *  You must never block top javafx thread, not with join, not even with futur task or similar stuff
						 */
						Platform.runLater(()-> {
							uiSocket.updateSocketStatus(2);	
						});
					}else {
						e.printStackTrace(); // unexpected error...			
					}
				}
			});
			getClientConnection.start();
		} catch (Exception e) {
			uiSocket.updateSocketStatus(3); // unexpected error during the creation of serverSocket object
		}
	}

	/**
	 * Thread loop to get client server connection
	 * @param socketserver
	 * @throws IOException 
	 */
	public void getClientConnection(ServerSocket socketserver) throws IOException {
		while (!socketserver.isClosed()) {
			Socket remoteClient = socketserver.accept(); // a new client asking for connection
			try {
				handleClientConnection(remoteClient); // handles the new client
			} catch (Exception e) {
				if(!remoteClient.isClosed()) remoteClient.close();
				System.err.println("Unexpected error an client socket");
			}
		}

	}

    Client :

    	public void connect() {

		// start the connection
		try {
        
			SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
			socketClient = (SSLSocket) factory.createSocket(ip, port);
			
			String[] supported = factory.getSupportedCipherSuites();
			((SSLSocket) socketClient).setEnabledCipherSuites(supported);
		} catch (Exception e) {
			notifyMsg("We can't find this server\n");
		}

		try {
			if (socketClient != null && !socketClient.isClosed()) {
				out = new PrintWriter(socketClient.getOutputStream()); //sender flow
				in = new BufferedReader(new InputStreamReader(socketClient.getInputStream())); //receiver flow
				Thread getMessageThread = new Thread( ()->{
					getMsg();
				});
				getMessageThread.start();
				sendMsg(this.pseudo);
				
				RMIManager.createRMI(ip);
				
				notifyStatus(1);
			}			
		} catch (Exception e) {
			e.printStackTrace();
			notifyStatus(0);
		}
	}

    J'ai généré un certificat auto signé comme cela :

    keytool -genkey -alias chatserver -keyalg RSA -validity 365 -keystore server.keystore -storetype JKS

    A la fin j'ai obtenu :

    J'ai copié le fichier généré dans a la racine de mon projet server.

    Voici les erreur :

    javax.net.ssl.SSLException: readHandshakeRecord
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:441)
    at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:904)
    at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:995)
    at java.base/sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:297)
    at java.base/sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:339)
    at java.base/sun.nio.cs.StreamDecoder.read(StreamDecoder.java:188)
    at java.base/java.io.InputStreamReader.read(InputStreamReader.java:178)
    at java.base/java.io.BufferedReader.fill(BufferedReader.java:161)
    at java.base/java.io.BufferedReader.readLine(BufferedReader.java:329)
    at java.base/java.io.BufferedReader.readLine(BufferedReader.java:396)
    at org.openjfx.chatServer/org.openjfx.chatServer.socket.SimpleTextSocket.receiveClientData(SimpleTextSocket.java:143)
    at org.openjfx.chatServer/org.openjfx.chatServer.socket.SimpleTextSocket.lambda$handleClientConnection$2(SimpleTextSocket.java:131)
    at java.base/java.lang.Thread.run(Thread.java:831)
    Suppressed: java.net.SocketException: Broken pipe
        at java.base/sun.nio.ch.NioSocketImpl.implWrite(NioSocketImpl.java:420)
        at java.base/sun.nio.ch.NioSocketImpl.write(NioSocketImpl.java:440)
        at java.base/sun.nio.ch.NioSocketImpl$2.write(NioSocketImpl.java:826)
        at java.base/java.net.Socket$SocketOutputStream.write(Socket.java:1045)
        at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:82)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:400)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:451)
        ... 12 more
Caused by: java.net.SocketException: Broken pipe
    at java.base/sun.nio.ch.NioSocketImpl.implWrite(NioSocketImpl.java:420)
    at java.base/sun.nio.ch.NioSocketImpl.write(NioSocketImpl.java:440)
    at java.base/sun.nio.ch.NioSocketImpl$2.write(NioSocketImpl.java:826)
    at java.base/java.net.Socket$SocketOutputStream.write(Socket.java:1045)
    at java.base/sun.security.ssl.SSLSocketOutputRecord.flush(SSLSocketOutputRecord.java:268)
    at java.base/sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:89)
    at java.base/sun.security.ssl.Finished$T13FinishedProducer.onProduceFinished(Finished.java:789)
    at java.base/sun.security.ssl.Finished$T13FinishedProducer.produce(Finished.java:677)
    at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:440)
    at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1252)
    at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1188)
    at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:851)
    at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:812)
    at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1498)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1404)
    ... 13 more



    -------------------------------------------

    Je suppose qu'il y a un soucis d'authentification mais je suis un peu bloqué.

    -
    Edité par -Crixus- 26 septembre 2021 à 5:22:39

    • Partager sur Facebook
    • Partager sur Twitter

    "Etre vrai, peu le peuvent."
    Friedrich Nietzsche

    SSL certificat

    × Après avoir cliqué sur "Répondre" vous serez invité à vous connecter pour que votre message soit publié.
    × Attention, ce sujet est très ancien. Le déterrer n'est pas forcément approprié. Nous te conseillons de créer un nouveau sujet pour poser ta question.
    • Editeur
    • Markdown