Configuring SSLContext using an existing SSL / certificate pair in java (JSSE API)

I am working on a java project where I have to implement SSL-protokol on the server side. Well, this is the first time I will use SSL in my application, so I read a lot about ssl / tls, and now I want to implement something in java. I will implement this process using the JSSE API:

1) the client will connect to me

2) I will do authentication using my pubic key. I mean, I will send the public key to the client and the corresponding certificate

3) the client encrypts the secret key using my public key and RSA algorithm and sends it to me

I already have a private key and certificate stored on the keystore on my computer. Therefore, I hesitate to access them from my java application . I do not know what are the steps that need to be taken to eliminate them, since this is the first time I am faced with such things.

I am using SSLEngine . Therefore, I must first initialize the SSLContext with this code:

// First initialize the key and trust material.
    KeyStore ksKeys = KeyStore.getInstance("JKS");
    ksKeys.load(new FileInputStream("/.../myKey"), passphrase);
    KeyStore ksTrust = KeyStore.getInstance("JKS");
    ksTrust.load(new FileInputStream("/../myCertificate"), passphrase);

    sslContext = SSLContext.getInstance("TLS");
    sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null);
    // We're ready for the engine.
    SSLEngine engine = sslContext.createSSLengine(hostname, port);

    // Use as client
    engine.setUseClientMode(true);

I am really new to crypthography and this is the first time I am programming this material. Any idea?

0
source share
2 answers

, , . , , . , (.key ) ( .cer), java- ( ssl-). , - .jks /, java-. , , http://blog.jgc.org/2011/06/importing-existing-ssl-keycertificate.html

, my.jks ?

, , SSLEngine:

char [] keyphrase="xxx".toCharArray();
char [] passphrase= "yyy".toCharArray();

// First initialize the key and trust material.
KeyStore ksKeys = KeyStore.getInstance("JKS");
InputStream readStream = new FileInputStream(new File("/.../file.jks"));
ks.load(readStream, passphrase );
// create an factory for key-managers
KeyManagerFactory   =KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyphrase);
SSLContext sslContext = SSLContext.getInstance("TLS");
//initialize the ssl-context
sslContext.init(kmf.getKeyManagers(),null,null);
// We're ready for the engine.
SSLEngine engine = sslContext.createSSLEngine(host, port);
// Use as client
engine.setUseClientMode(true);
0

, KeyStore , .

, .

. :

javax.net.ssl.keyStore
javax.net.ssl.keyStorePassword
javax.net.ssl.trustStore

.

+1

Source: https://habr.com/ru/post/1017207/


All Articles