Naga SSL 问题

sandy_shell 2017-12-11 05:53:22

使用Naga 库做tcp 的 TLS时遇到，Client端已显示握手已完成，但Server却未握手完成，Client 端往Server端发数据也发送不出去，但write 返回又是true。没有任何报错，不知道哪里问题了。目前是单向认证模式

Server段代码:
int tcpPort = Constants.BIND_TCP_PORT;
sslContext = TLSAuth.getSSLContext();
final NIOService service = new NIOService();
sslServerSocket = service.openSSLServerSocket(sslContext, tcpPort);
Log.i(TAG, "Server listenning port:"+tcpPort);
observer = new SSLServerSocketObserverAdapter();
sslObserver = new SSLSocketObserverAdapter();
sslServerSocket.listen(observer);
while(true){
service.selectBlocking();
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

public class SSLServerSocketObserverAdapter implements ServerSocketObserver{

@Override
public void acceptFailed(IOException exception) {
// TODO Auto-generated method stub
System.out.println("acceptFailed:"+exception.getMessage());

}

@Override
public void serverSocketDied(Exception exception) {
// TODO Auto-generated method stub
Log.i(TAG, "serverSocketDied");

}

@Override
public void newConnection(NIOSocket nioSocket) {
// TODO Auto-generated method stub
Log.i(TAG,"newConnection");
nioSocket.listen(sslObserver);
}

}

/**
* SSLSocket
* @author huanghuan1
*
*/
public class SSLSocketObserverAdapter implements SSLSocketObserver{

@Override
public void connectionOpened(NIOSocket nioSocket) {
// TODO Auto-generated method stub
try {
((NIOSocketSSL)nioSocket).beginHandshake();
} catch (SSLException e) {
e.printStackTrace();
}
Log.i(TAG, "Client " + nioSocket.getIp()+":"+nioSocket.getPort()+ " begin handshake");

}

@Override
public void connectionBroken(NIOSocket nioSocket, Exception exception) {
// TODO Auto-generated method stub
System.out.println("Client " + nioSocket.getIp()
+ " disconnected. Exception: " + exception.getMessage());
}

@Override
public void packetReceived(NIOSocket socket, byte[] packet) {

// TODO Auto-generated method stub
String data = DataConvertUtil.byteArrayToHexString(packet);
Log.i(TAG, "Received from "+socket.getIp() + ":"+new String(data));
}

@Override
public void packetSent(NIOSocket socket, Object tag) {
// TODO Auto-generated method stub
Log.i(TAG, "packet sent to:"+socket.getIp()+":"+socket.getPort()+",len:"+socket.getBytesWritten());
}

@Override
public void handleFinished(NIOSocket nioSocket) {
// TODO Auto-generated method stub
Log.i(TAG, nioSocket.getIp()+":"+nioSocket.getPort()+" handshake finish");
nioSocket.write("This is an SSL Server".getBytes());
System.out.println("Server sent: " + "This is an SSL Server");
}

}

client段代码：

public void creatNIOSSLConnect() throws IOException, UnrecoverableKeyException, KeyManagementException, KeyStoreException, NoSuchAlgorithmException, CertificateException {

NIOService service = new NIOService();
SSLEngine engine = getSSLContext().createSSLEngine();
if(null != engine){
SSLSocketChannelResponder socket = service.openSSLSocket(engine, SERVER_HOST, SERVER_PORT);
socket.listen(this);
while(true){
service.selectBlocking();
}
}
}

public static SSLContext getSSLContext() {
char[] password = "123456".toCharArray();
// char[]keypwd = "654321".toCharArray();
// try {
// KeyStore keyStore = KeyStore.getInstance("JKS");
// } catch (KeyStoreException e2) {
// // TODO Auto-generated catch block
// e2.printStackTrace();
// }
KeyStore trustStore = null;
try {
trustStore = KeyStore.getInstance("JKS");
} catch (KeyStoreException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
}

// keyStore.load(new FileInputStream("./certificate/client.jks"), password);
try {
trustStore.load(new FileInputStream("certificate/clientTrust"), password);
} catch (NoSuchAlgorithmException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
} catch (CertificateException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
} catch (FileNotFoundException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
} catch (IOException e2) {
// TODO Auto-generated catch block
e2.printStackTrace();
}

// KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
// kmf.init(keyStore, keypwd);
TrustManagerFactory tmf = null;
try {
tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(trustStore);
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, tmf.getTrustManagers(), null);
} catch (NoSuchAlgorithmException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

return sslContext;
}

public static void sendMessage(NIOSocket socket) {
boolean ret = socket.write("hello word".getBytes());
if(ret){
Log.i(TAG, "*Client sent: hello word to:"+socket.getIp()+","+socket.getPort());
}else{
Log.i(TAG, "send failed");
}

}

public static void receivMessage(String string) {
// TODO Auto-generated method stub
System.out.println("receivMessage:"+string);
}

@Override
public void connectionOpened(NIOSocket nioSocket) {
// TODO Auto-generated method stub
try {

((NIOSocketSSL) nioSocket).beginHandshake();
} catch (SSLException e) {
e.printStackTrace();
}
Log.i(TAG, nioSocket.getIp()+" begin handshake");
}

@Override
public void connectionBroken(NIOSocket nioSocket, Exception exception) {
// TODO Auto-generated method stub
Log.i(TAG,"connection broken:"+exception.getLocalizedMessage());

}

@Override
public void packetReceived(NIOSocket socket, byte[] packet) {
// TODO Auto-generated method stub
receivMessage(new String(packet));
}

@Override
public void packetSent(NIOSocket socket, Object tag) {
// TODO Auto-generated method stub
Log.i(TAG,"sent");

}

@Override
public void handleFinished(NIOSocket nioSocket) {
// TODO Auto-generated method stub
Log.i(TAG, nioSocket.getIp()+":"+nioSocket.getPort()+" handshake finished");
//sendMessage(nioSocket);
}

Server端日志打印：
com.guogee.server.network.SSLTCPManager Server listenning port:8087
com.guogee.server.network.SSLTCPManager newConnection
com.guogee.server.network.SSLTCPManager Client 192.168.7.151:60945 begin ha
ndshake
com.guogee.server.network.SSLTCPManager packet sent to:192.168.7.151:60945,
len:1320
com.guogee.server.network.SSLTCPManager packet sent to:192.168.7.151:60945,
len:1411
com.guogee.server.network.SSLTCPManager packet sent to:192.168.7.151:60945,
len:1480
可以看到单次握手后发了3个包

Client 端日志打印：可以看到已经握手完成
SSL 192.168.7.151 begin handshake
SSL sent
SSL sent
SSL 192.168.7.151:8087 handshake finished

...全文