 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / January 2004Encrypting TCP?
Hi, I'm looking for a way to encrypt the data segment of TCP in Java. Can anyone point me in the right direction? Some examples or guides would be nice if possible. Thanks, Kai I think SSL might help you out over here. You can check out the JSSE docs for more info. Hope this helps. :-) > Hi, > [quoted text clipped - 5 lines] > > Kai > Hi, > [quoted text clipped - 5 lines] > > Kai Here is an SSL Tunnel that I wrote to use anon SSL (you may want utilize an SSL context with real certs {you can gen self certs with keytool}) <<SocketConnector.java>> import java.net.InetAddress; import java.net.Socket; import java.util.Arrays; class SocketConnector implements Runnable { Socket input = null; Socket output = null; String desc = null; boolean sniff = false; SocketConnector(Socket input, Socket output, String desc, boolean sniff) { this.sniff = sniff; this.desc = desc; this.input = input; this.output = output; } public void run() { try { int i = 0; byte[] b = new byte[1024]; while ((i = input.getInputStream().read(b)) > 0) { if (sniff) { String str1 = desc + ":"; String str2 = ""; for (int j = 0; j < i; j++) { String hex = Integer.toHexString(b[j]&0xFF); str1 += " " + (hex.length()==1?"0"+hex:hex); str2 += (char)((b[j]>=' '&&b[j]<='~')||(b[j]>=160&&b[j]<=255)?b[j]:'.'); if ((1+j) % 16 == 0) { System.out.println(str1 + " " + str2); char[] c = new char[desc.length()+1]; Arrays.fill(c, ' '); str1 = new String(c); str2 = ""; } } if (i%16!=0) { char[] c = new char[3*(16-(i%16))]; Arrays.fill(c, ' '); System.out.println(str1 + new String(c) + " " + str2); } } output.getOutputStream().write(b, 0, i); } } catch (Exception e) { System.out.println(desc + ":Input Closed"); } } } <<TunnelServer.java>> import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocketFactory; import javax.net.ssl.SSLSocket; import java.net.Socket; class TunnelServer { // (1) server(SSL) for localhost:port ssl tunnel // (2) client to localhost:port actual service static public void main(String[] args) throws Exception { if (args.length < 3) { System.err.println("Usage TunnelServer port remoteHost remotePort"); return; } int port = Integer.parseInt( args[0] ); String remoteHost = args[1]; int remotePort = Integer.parseInt( args[2] ); boolean sniff = Boolean.valueOf(args[3]).booleanValue(); System.out.println("Press Ctrl-C to exit"); SSLServerSocket listen = (SSLServerSocket)SSLServerSocketFactory.getDefault().createServerSocket( port ); listen.setEnabledCipherSuites( new String[] {"SSL_DH_anon_WITH_RC4_128_MD5"} ); while (true) { SSLSocket sslClient = (SSLSocket)listen.accept(); sslClient.setEnabledCipherSuites( new String[] {"SSL_DH_anon_WITH_RC4_128_MD5"} ); System.out.println("Received connect from " + sslClient.getInetAddress().getHostName()); Socket localClient = new Socket(remoteHost, remotePort ); new Thread(new SocketConnector(sslClient, localClient, "rsp-rdr",sniff)).start(); new Thread(new SocketConnector(localClient, sslClient, "msg-act",sniff)).start(); } } } <<TunnelClient.java>> import javax.net.ssl.SSLSocket; import java.net.Socket; import java.net.InetAddress; import javax.net.ssl.SSLSocketFactory; import java.net.ServerSocket; class TunnelClient { private static final int BYTES_TO_EAT = 2; private static final int WAIT_EAT = 1000; private static final int RESOLUTION = 10; static SSLSocket createSocket(String host, int port) throws Exception { Socket s = new Socket(InetAddress.getByName(host), port); int slept = 0; outer: for (int i = 0; i < BYTES_TO_EAT; i++) { while (true) { int a = s.getInputStream().available(); if (a>0) { break; } else if (slept>WAIT_EAT) { break outer; } else { try { Thread.sleep(RESOLUTION); slept += RESOLUTION; } catch (InterruptedException e) { } } } int b1 = s.getInputStream().read(); } return (SSLSocket)((SSLSocketFactory)SSLSocketFactory.getDefault()).createSocket( s, host, port, true); } // (1) server for localhost:port actual service // (2) client(SSL) to remotehost:port ssl tunnel static public void main(String[] args) throws Exception { if (args.length < 3) { System.err.println("Usage TunnelClient port remoteHost remotePort"); return; } int port = Integer.parseInt( args[0] ); String remoteHost = args[1]; int remotePort = Integer.parseInt( args[2] ); boolean sniff = Boolean.valueOf(args[3]).booleanValue(); System.out.println("Press Ctrl-C to exit"); ServerSocket listen = new ServerSocket ( port ); while (true) { Socket localClient = listen.accept(); System.out.println("Received connect from " + localClient.getInetAddress().getHostName()); SSLSocket sslClient = createSocket(remoteHost, remotePort); sslClient.setEnabledCipherSuites( new String[] {"SSL_DH_anon_WITH_RC4_128_MD5"} ); new Thread(new SocketConnector(sslClient, localClient, "msg-rdr",sniff)).start(); new Thread(new SocketConnector(localClient, sslClient, "rsp-act",sniff)).start(); } } } Hello, I tried Richards TunnelClient and TunnelServer and it works fine (thanks Richard). Has anyone an idea how to get multiport protocols work. (e.g. ftp (control channel + data channels)). Thanks Jens > > Hi, > > [quoted text clipped - 11 lines] > > ... ftp protocol responds to a control message with the address and port for the data channel: ie control socket on port 21 from client to server server responds with a PORT message: PORT b1,b2,b3,b4,p1,p2 which tells the client where the data channel is > Hello, > [quoted text clipped - 21 lines] > > > > ... Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.