0
即時工作的軟件項目,我有任務使Proxi,像客戶端一樣工作。這個Clientproxi在win10 上以java運行,並與嵌入式Serviceregistry Yocto-Linux進行通信,並且必須使用certivifiedexchange TLS1.2通過HTTP構建安全的外部連接。即時通訊工具,並與bouncycastlelibraries工作,並具有下列做:「openTlsConnect」認證與CA和openTlsConnect
UnsecureHttpExecutor unsecureHttpExecutor = new UnsecureHttpExecutor();// Connection for external Clientservices
logger.debug("Try to connect!");
HttpRequest httpRequest = new BasicHttpRequest("GET", "/auth");// simple GET /auth -for REST
logger.debug("http.request: \n" + httpRequest.toString());
try {
HttpResponse httpResponse = unsecureHttpExecutor.executeRequest(httpRequest);// createHttpClient(); connectHttpClient();
String mibIdentifierJson = EntityUtils.toString(httpResponse.getEntity());
logger.debug("This is MIBIdentifierJson:\n" + mibIdentifierJson);
ResponseObject responseObject = JsonUtils.objectMapper().readValue(mibIdentifierJson, ResponseObject.class);
logger.debug("JSONUtils" + JsonUtils.objectMapper().readValue(mibIdentifierJson, ResponseObject.class).toString());
ClientContext clientContext = null;
RegistrationProcess registrationProcess = new RegistrationProcess();
logger.debug("Here is all ok!?");
RegistrationResult registrationResult = registrationProcess.registerNewClient(); //<-- Here are the question
//__________________________________________________________________________
public RegistrationResult registerNewClient(ClientContext clientContext) {
RegistrationResult registrationResult = null;
try {
createHttpClient();
// create KeyPair, CSR and Self-Signed certificate which will be send to server during tls handshake (see MSC_002)
KeyPair keyPair = CertificateUtils.generateKeyPair();
//L.d("KeyPair abgeschlossen");
logger.debug("KeyPair abgeschlossen KeyPair: " + keyPair.toString());
PKCS10CertificationRequest certificationRequest = CertificateUtils.createCertificationRequest(/*clientContext.getAppName()*/"Testapp", keyPair);
logger.debug("PKCS10CertificationRequest erfolgreich abgeschlossen");
//L.d("PKCS10CertificationRequest erfolgreich abgeschlossen"
X509CertificateHolder selfSignedCertificate = CertificateUtils.selfSignCertificate(certificationRequest, keyPair.getPrivate());
//L.d("X509 Selbstsigniertes");
logger.debug("X509 Selbstsigniertes Certifikat erstellt" + selfSignedCertificate.toString());
openTlsConnect(selfSignedCertificate, keyPair.getPrivate());
我獲得以下日誌
08:30:15.264 [main] DEBUG [main][connect()] - Try to connect!
08:30:15.268 [main] DEBUG [main][connect()] - http.request: GET /auth []
08:30:15.296 [main] DEBUG [main][connect()] - Das ist der MIBIdentifierJson: {"data":[{"id":"","name":"this is the auth-service of ViWi-ServiceRegistry","uri":"auth\/"}],"status":"ok","timestamp":1002380}
08:30:15.401 [main] DEBUG [main][connect()] - [email protected]
08:30:15.402 [main] DEBUG [main][connect()] - Hier noch alles gut!
08:30:15.598 [main] DEBUG [Registrationprocess] - KeyPair abgeschlossen KeyPair: [email protected]
08:30:15.619 [main] DEBUG [Registrationprocess] - PKCS10CertificationRequest erfolgreich abgeschlossen
08:30:15.626 [main] DEBUG [Registrationprocess] - X509 Selbstsigniertes Certifikat [email protected] Registration started RegistrationSocked erstellt
08:30:15.627 [main] DEBUG Registrationsocked] - Connect registration socket using timeout: 3000
08:30:15.638 [main] DEBUG Registrationsocked] - Client Inputstream: %s
08:30:15.638 [main] DEBUG Registrationsocked] - Client Outputstream: %s
08:30:15.639 [main] DEBUG Registrationsocked] - TlsClientProtocol
08:30:15.639 [main] DEBUG Registrationsocked] - connect now via tls
08:30:15.639 [main] DEBUG Registrationsocked] - TLS Client: [email protected]
08:30:15.639 [main] DEBUG Registrationsocked] - TLS Client: [email protected] java.io.IOException: Internal TLS error, this could be an attackCould not perform registration process.
的方法openTLSConnection問題奠定了,我不知道我做錯了。也許它提供了另一種獲得TLS連接或客戶端連接的方式。 thx foward徵求意見!
我debbuged和系統顯示我的方法中的錯誤 – Paul