Last active
September 13, 2022 05:20
-
-
Save mkp246/cca2dc23b22afb3a074516793764cb02 to your computer and use it in GitHub Desktop.
java ssl echo server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.BufferedInputStream; | |
import java.io.BufferedOutputStream; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.io.OutputStream; | |
import java.net.Socket; | |
import java.security.cert.Certificate; | |
import javax.net.ServerSocketFactory; | |
import javax.net.ssl.SSLPeerUnverifiedException; | |
import javax.net.ssl.SSLServerSocket; | |
import javax.net.ssl.SSLServerSocketFactory; | |
import javax.net.ssl.SSLSession; | |
import javax.net.ssl.SSLSocket; | |
public class SSLSocketEchoServer { | |
public static void main(String[] args) throws IOException { | |
System.setProperty("javax.net.ssl.keyStore", "C:\\Users\\Administrator\\Desktop\\work\\WIP\\client-cert-validation\\serverkeystore.p12"); | |
System.setProperty("javax.net.ssl.keyStorePassword", "password"); | |
System.setProperty("javax.net.ssl.trustStore", "C:\\Users\\Administrator\\Desktop\\work\\WIP\\client-cert-validation\\servertruststore.p12"); | |
System.setProperty("javax.net.ssl.trustStorePassword", "password"); | |
startServer(443); | |
} | |
static void startServer(int port) throws IOException { | |
ServerSocketFactory factory = SSLServerSocketFactory.getDefault(); | |
try (SSLServerSocket listener = (SSLServerSocket) factory.createServerSocket(port)) { | |
// enable client cert auth | |
listener.setWantClientAuth(true); | |
listener.setEnabledProtocols(new String[]{"TLSv1.2"}); | |
System.out.println("listening for messages..."); | |
while (true) { | |
try (Socket socket = listener.accept()) { | |
InputStream is = new BufferedInputStream(socket.getInputStream()); | |
byte[] data = new byte[2048]; | |
int len = is.read(data); | |
String message = new String(data, 0, len); | |
OutputStream os = new BufferedOutputStream(socket.getOutputStream()); | |
System.out.printf("server received %d bytes%n%s%n", len, message); | |
os.write("HTTP/1.1 200 OK\n".getBytes()); | |
os.write("App: java std\n".getBytes()); | |
os.write("Writer: mkp246\n".getBytes()); | |
os.write("Server: my server\n".getBytes()); | |
os.write("Content-Type: text/plain\n".getBytes()); | |
os.write("\n".getBytes()); | |
os.write("Request has been processed by the java server\r\n".getBytes()); | |
if (socket instanceof SSLSocket) { | |
SSLSession session = ((SSLSocket) socket).getSession(); | |
Certificate[] certs = getPeerCertsOrNull(session); | |
//print client cert detail to response | |
if (certs != null && certs.length != 0) { | |
os.write("client certificate chain:\r\n".getBytes()); | |
int depth = 1; | |
for (Certificate cert : certs) { | |
os.write(("depth: " + depth++ + "\r\n").getBytes()); | |
os.write(cert.toString().getBytes()); | |
os.write("\r\n".getBytes()); | |
} | |
} | |
} | |
os.flush(); | |
} catch (Exception e) { | |
System.out.println("error: " + e); | |
} | |
} | |
} | |
} | |
private static Certificate[] getPeerCertsOrNull(SSLSession session) { | |
try { | |
return session.getPeerCertificates(); | |
} catch (SSLPeerUnverifiedException e) { | |
return null; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment