我有一个用 Java 编写的基本客户端/服务器应用程序,它使用普通的 Sockets 进行通信.
I have a basic client/server application written in Java which uses plain Sockets for communication.
我想防止对其进行被动窃听攻击,并通过 TLS/SSL 进行通信.我不希望应用程序用户遇到设置证书等的麻烦,我想使用 AES 加密(TLS_DH_anon_WITH_AES_128_CBC_SHA 模式)通过匿名 Diffie Hellman 设置 SSL 套接字.
I'd like to prevent passive eavesdropping attacks against it and do the communication over TLS/SSL. I don't want the application user to get in the hassle of setting up certificates etc., I'd like to setup Sockets over SSL with Anonymous Diffie Hellman using AES encryption (TLS_DH_anon_WITH_AES_128_CBC_SHA mode).
但是,关于如何设置 SSLContext 或 SSLSocketFactory 以启用我想要的模式,我无法在网络或任何文档上找到任何合适的示例.我很感激这个最小的例子.
However I can't find any suitable examples on net or any documentation as to how I'd setup the SSLContext or SSLSocketFactory to enable the mode I want. I'd appreciate a minimal example for this.
推荐答案您应该使用 SSLSocket(或 SSLEngine)上设置密码套件docs.oracle/javase/7/docs/api/javax/net/ssl/SSLSocket.html#setEnabledCipherSuites%28java.lang.String%5b%5d%29" rel="nofollow">setEnabledCipherSuites.
You should set the cipher suite on the SSLSocket (or SSLEngine) using setEnabledCipherSuites.
更多推荐
带有匿名 Diffie Hellman 的 Java SSL/TLS
发布评论