Click here to download code (NB: You should register first)
[download id=”6″]
Assignment 5 (Client/Server Message Security)
Purpose: Develop an AC module to login users and accept their (typed) message. The module should comprehensively protect the message using a combination of secret and public key cryptography. Channel protection should be provided by the SSL (through JSSE), message protection by the PKCS#7 or S/MIME formats.
Client/Server
1. Operate server:
2. Register for users:
3. Login:
4. Chat (message transfer)
Main code:
1. AppServer.java
//Code for the connect class
class Connect
{
ObjectOutputStream streamToClient;
int ctr=0;
BufferedReader streamFromClient;
static
Vector
vector;
static
Vector
vctrList;
String message=” “;
static String str=new String(“UsrList”);
static
{
vector=new
Vector(1,1);
vctrList=new
Vector(1,1);
vctrList.addElement((String)str);
}
int verify(String mesg)
{
try
{
RandomAccessFile RAS=new RandomAccessFile(“UsrPwd.txt”, “r”);
int
i=0;
String str=””;
while((RAS.getFilePointer())!=(RAS.length()))
{
str=RAS.readLine();
if(str.equals(mesg))
{
ctr=1;
break;
}
}
RAS.close();
}
catch(Exception e)
{
}
return ctr;
}//end of verify()
2. clientInt.java
class TimerAction implements ActionListener
{
Socket toServer;
ObjectInputStream streamFromServer;
PrintStream streamToServer;
public
void actionPerformed(ActionEvent e2)
{
try
{
toServer=new Socket(“machine-name”,1001);
streamFromServer=new ObjectInputStream(toServer.getInputStream());
streamToServer=new PrintStream(toServer.getOutputStream());
message=txtMsg.getText();
//send a message to the server
streamToServer.println(“From Timer”);
//receive vectors from the server
Vector vector=(Vector)streamFromServer.readObject();
Vector vector1=(Vector)streamFromServer.readObject();
//show the online users
txtListUsers.setText(“”);
for(int j=1;j<vector1.capacity();j++)
{
txtListUsers.append((String)vector1.elementAt(j));
txtListUsers.append(“\n”);
}
//show the messsages
int i=messageCount;
for(;i<vector.capacity();i++)
{
txtMessages.append((String)vector.elementAt(i));
txtMessages.append(“\n”);
}
messageCount=i;
}//end of try
catch(Exception e)
{
System.out.println(“Exception “+e);
}
}//end of actionPerformed
}//end of TimerListener class
3.
Register.java
public
void actionPerformed(ActionEvent e1)
{
JButton button=(JButton)e1.getSource(); //get the source of the event
if(button.equals(btnCancel))
{
this.dispose();
}
else
{
int ver=verify(); //call the verify()
if(ver==1)
{
try
{
//establish a socket connection and create I/O socket streams
toServer=new Socket(“machine-name”,1001);
streamFromServer=new ObjectInputStream(toServer.getInputStream());
streamToServer=new PrintStream(toServer.getOutputStream());
//send a message to server for Registration
streamToServer.println(“RegisterInfo”);
usrName=txtUserName.getText();
usrPwd=txtUsrPwd.getPassword();
String pwd=new String(usrPwd);
//send the user name and password to the server
streamToServer.println(usrName+”:”+pwd);
//read the response from the server
String frmServer=(String)streamFromServer.readObject();
if(frmServer.equals(“Registered”))
{
new Login();
this.dispose();
}
else
if(frmServer.equals(“User Exists”))
{
showUsrExists(); //show error message
}
}//end of try
catch(Exception e)
{
System.out.println(“Exception “+e);
}
}//end of if
}//end of else
}//end of actionPerformed()
4. Login.java
public
void actionPerformed(ActionEvent e1)
{
JButton button=(JButton)e1.getSource();
if(button.equals(btnCancel))
{
this.dispose(); //close the current frame
}
else
if(button.equals(btnRegister))
{
new Register(); //call Register program
this.dispose();
}
else
{
try
{
//create socket and input-output socket streams
toServer=new Socket(“machine-name”,1001);
streamFromServer=new ObjectInputStream(toServer.getInputStream());
streamToServer=new PrintStream(toServer.getOutputStream());
//send message to server for login
streamToServer.println(“LoginInfo”);
UsrName=txtUsrName.getText();
UsrPwd=txtUsrPwd.getPassword();
strPwd=new String(UsrPwd);
//send the user name and password to the server
streamToServer.println(UsrName+”:”+strPwd);
//read the message from the server
String frmServer=(String)streamFromServer.readObject();
if(frmServer.equals(“Welcome”))
{
new clientInt(UsrName); //start the chat screen
this.dispose();
}
else
{
showdlg();//show error message
}
}//end of try
catch(Exception e)
{
System.out.println(“Exception Occured: “+e);
}
}//end of if..else
}//end of actionPerformed
SSL through JSSE
Simple client/sever includes SimpleSSLServer and SimpleSSLClient. We should configure KeyStore and TrustStore files before we operate the program.
We use keytool to generate KeyStore, clientStore and serverstore which contain the authorization for A, B and Server.
Establish authorization for Bob:
Check the authorization:
Generate certificate:
Export the certificate:
File list:
Operate server:
Operate client:
PKCS#7 implementation
Use java Security package. There is no PKCS#7 for digital signature in jdk. So we use BASE64 code as follows:
Security for Java and E-commerce Environments | Blog~Soloist Excellent goods from you, man. I’ve understand your stuff previous to and you are just extremely great. I really like what you have acquired here, really like what you are saying and the way in which you say it. You make it entertaining and you still take care of to keep it sensible. I can not wait to read far more Security for Java and E-commerce Environments | Blog~Soloist again from you. Thanks For Share .
[回复]