12.3 Netty中使用SPDY

    **支持SPDY的ChannelPipeline如下图：**

    **不支持SPDY的ChannelPipeline如下图：**

   ** 例子代码如下：**

[java] view plaincopy

1. package netty.in.action.spdy;
3. import java.util.Arrays;
4. import java.util.Collections;
5. import java.util.List;
7. import org.eclipse.jetty.npn.NextProtoNego.ServerProvider;
9. public class DefaultServerProvider implements ServerProvider {
11. private static final List<String> PROTOCOLS = Collections.unmodifiableList(Arrays
12. .asList("spdy/3.1", "http/1.1", "http/1.0", "Unknown"));
14. private String protocol;
16. public String getSelectedProtocol() {
17. return protocol;
18. }
20. @Override
21. public void protocolSelected(String arg0) {
22. this.protocol = arg0;
23. }
25. @Override
26. public List<String> protocols() {
27. return PROTOCOLS;
28. }
30. @Override
31. public void unsupported() {
32. protocol = "http/1.1";
33. }
35. }

[java] view plaincopy

1. package netty.in.action.spdy;
3. import io.netty.channel.ChannelFuture;
4. import io.netty.channel.ChannelFutureListener;
5. import io.netty.channel.ChannelHandlerContext;
6. import io.netty.channel.SimpleChannelInboundHandler;
7. import io.netty.handler.codec.http.DefaultFullHttpResponse;
8. import io.netty.handler.codec.http.FullHttpRequest;
9. import io.netty.handler.codec.http.FullHttpResponse;
10. import io.netty.handler.codec.http.HttpHeaders;
11. import io.netty.handler.codec.http.HttpResponseStatus;
12. import io.netty.handler.codec.http.HttpVersion;
13. import io.netty.util.CharsetUtil;
15. public class HttpRequestHandler extends SimpleChannelInboundHandler<FullHttpRequest> {
17. @Override
18. protected void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request)
19. throws Exception {
20. if (HttpHeaders.is100ContinueExpected(request)) {
21. send100Continue(ctx);
22. }
23. FullHttpResponse response = new DefaultFullHttpResponse(
24. request.getProtocolVersion(), HttpResponseStatus.OK);
25. response.content().writeBytes(getContent().getBytes(CharsetUtil.UTF_8));
26. response.headers().set(HttpHeaders.Names.CONTENT_TYPE,
27. "text/plain; charset=UTF-8");
28. boolean keepAlive = HttpHeaders.isKeepAlive(request);
29. if (keepAlive) {
30. response.headers().set(HttpHeaders.Names.CONTENT_LENGTH,
31. response.content().readableBytes());
32. response.headers().set(HttpHeaders.Names.CONNECTION,
33. HttpHeaders.Values.KEEP_ALIVE);
34. }
35. ChannelFuture future = ctx.writeAndFlush(response);
36. if (!keepAlive) {
37. future.addListener(ChannelFutureListener.CLOSE);
38. }
39. }
41. private static void send100Continue(ChannelHandlerContext ctx) {
42. FullHttpResponse response = new DefaultFullHttpResponse(HttpVersion.HTTP_1_1,
43. HttpResponseStatus.CONTINUE);
44. ctx.writeAndFlush(response);
45. }
47. protected String getContent() {
48. return "This content is transmitted via HTTP\r\n";
49. }
51. @Override
52. public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause)
53. throws Exception {
54. cause.printStackTrace();
55. ctx.close();
56. }
57. }

[java] view plaincopy

1. package netty.in.action.spdy;
3. public class SpdyRequestHandler extends HttpRequestHandler {
5. @Override
6. protected String getContent() {
7. return "This content is transmitted via SPDY\r\n";
8. }
10. }

[java] view plaincopy

1. package netty.in.action.spdy;
3. import io.netty.channel.ChannelInboundHandler;
4. import io.netty.handler.codec.spdy.SpdyOrHttpChooser;
6. import javax.net.ssl.SSLEngine;
8. import org.eclipse.jetty.npn.NextProtoNego;
10. public class DefaultSpdyOrHttpChooser extends SpdyOrHttpChooser {
12. protected DefaultSpdyOrHttpChooser(int maxSpdyContentLength, int maxHttpContentLength) {
13. super(maxSpdyContentLength, maxHttpContentLength);
14. }
16. @Override
17. protected SelectedProtocol getProtocol(SSLEngine engine) {
18. DefaultServerProvider provider = (DefaultServerProvider) NextProtoNego
19. .get(engine);
20. String protocol = provider.getSelectedProtocol();
21. if (protocol == null) {
22. return SelectedProtocol.UNKNOWN;
23. }
24. switch (protocol) {
25. case "spdy/3.1":
26. return SelectedProtocol.SPDY_3_1;
27. case "http/1.0":
28. case "http/1.1":
29. return SelectedProtocol.HTTP_1_1;
30. default:
31. return SelectedProtocol.UNKNOWN;
32. }
33. }
35. @Override
36. protected ChannelInboundHandler createHttpRequestHandlerForHttp() {
37. return new HttpRequestHandler();
38. }
40. @Override
41. protected ChannelInboundHandler createHttpRequestHandlerForSpdy() {
42. return new SpdyRequestHandler();
43. }
45. }

[java] view plaincopy

1. package netty.in.action.spdy;
3. import io.netty.channel.Channel;
4. import io.netty.channel.ChannelInitializer;
5. import io.netty.channel.ChannelPipeline;
6. import io.netty.handler.ssl.SslHandler;
8. import javax.net.ssl.SSLContext;
9. import javax.net.ssl.SSLEngine;
11. import org.eclipse.jetty.npn.NextProtoNego;
13. public class SpdyChannelInitializer extends ChannelInitializer<Channel> {
14. private final SSLContext context;
16. public SpdyChannelInitializer(SSLContext context) {
17. this.context = context;
18. }
20. @Override
21. protected void initChannel(Channel ch) throws Exception {
22. ChannelPipeline pipeline = ch.pipeline();
23. SSLEngine engine = context.createSSLEngine();
24. engine.setUseClientMode(false);
25. NextProtoNego.put(engine, new DefaultServerProvider());
26. NextProtoNego.debug = true;
27. pipeline.addLast("sslHandler", new SslHandler(engine));
28. pipeline.addLast("chooser",
29. new DefaultSpdyOrHttpChooser(1024 1024, 1024 1024));
30. }
32. }

[java] view plaincopy

1. package netty.in.action.spdy;
3. import io.netty.bootstrap.ServerBootstrap;
4. import io.netty.channel.Channel;
5. import io.netty.channel.ChannelFuture;
6. import io.netty.channel.nio.NioEventLoopGroup;
7. import io.netty.channel.socket.nio.NioServerSocketChannel;
8. import io.netty.example.securechat.SecureChatSslContextFactory;
10. import java.net.InetSocketAddress;
12. import javax.net.ssl.SSLContext;
14. public class SpdyServer {
16. private final NioEventLoopGroup group = new NioEventLoopGroup();
17. private final SSLContext context;
18. private Channel channel;
20. public SpdyServer(SSLContext context) {
21. this.context = context;
22. }
24. public ChannelFuture start(InetSocketAddress address) {
25. ServerBootstrap bootstrap = new ServerBootstrap();
26. bootstrap.group(group).channel(NioServerSocketChannel.class)
27. .childHandler(new SpdyChannelInitializer(context));
28. ChannelFuture future = bootstrap.bind(address);
29. future.syncUninterruptibly();
30. channel = future.channel();
31. return future;
32. }
34. public void destroy() {
35. if (channel != null) {
36. channel.close();
37. }
38. group.shutdownGracefully();
39. }
41. public static void main(String[] args) {
42. SSLContext context = SecureChatSslContextFactory.getServerContext();
43. final SpdyServer endpoint = new SpdyServer(context);
44. ChannelFuture future = endpoint.start(new InetSocketAddress(4096));
45. Runtime.getRuntime().addShutdownHook(new Thread() {
46. @Override
47. public void run() {
48. endpoint.destroy();
49. }
50. });
51. future.channel().closeFuture().syncUninterruptibly();
52. }
54. }

使用SSL需要使用到SSLContext，下面代买是获取SSLContext对象：

[java] view plaincopy

1. /*
2. • Copyright 2012 The Netty Project
3. *
4. • The Netty Project licenses this file to you under the Apache License,
5. • version 2.0 (the "License"); you may not use this file except in compliance
6. • with the License. You may obtain a copy of the License at:
7. *
8. • http://www.apache.org/licenses/LICENSE-2.0
9. *
10. • Unless required by applicable law or agreed to in writing, software
11. • distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12. • WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13. • License for the specific language governing permissions and limitations
14. • under the License.
15. */
16. package netty.in.action.spdy;
18. import javax.net.ssl.ManagerFactoryParameters;
19. import javax.net.ssl.TrustManager;
20. import javax.net.ssl.TrustManagerFactorySpi;
21. import javax.net.ssl.X509TrustManager;
22. import java.security.InvalidAlgorithmParameterException;
23. import java.security.KeyStore;
24. import java.security.KeyStoreException;
25. import java.security.cert.X509Certificate;
27. /**
28. • Bogus {@link TrustManagerFactorySpi} which accepts any certificate
29. • even if it is invalid.
30. */
31. public class SecureChatTrustManagerFactory extends TrustManagerFactorySpi {
33. private static final TrustManager DUMMY_TRUST_MANAGER = new X509TrustManager() {
34. @Override
35. public X509Certificate[] getAcceptedIssuers() {
36. return new X509Certificate[0];
37. }
39. @Override
40. public void checkClientTrusted(X509Certificate[] chain, String authType) {
41. // Always trust - it is an example.
42. // You should do something in the real world.
43. // You will reach here only if you enabled client certificate auth,
44. // as described in SecureChatSslContextFactory.
45. System.err.println(
46. "UNKNOWN CLIENT CERTIFICATE: " + chain[0].getSubjectDN());
47. }
49. @Override
50. public void checkServerTrusted(X509Certificate[] chain, String authType) {
51. // Always trust - it is an example.
52. // You should do something in the real world.
53. System.err.println(
54. "UNKNOWN SERVER CERTIFICATE: " + chain[0].getSubjectDN());
55. }
56. };
58. public static TrustManager[] getTrustManagers() {
59. return new TrustManager[] { DUMMY_TRUST_MANAGER };
60. }
62. @Override
63. protected TrustManager[] engineGetTrustManagers() {
64. return getTrustManagers();
65. }
67. @Override
68. protected void engineInit(KeyStore keystore) throws KeyStoreException {
69. // Unused
70. }
72. @Override
73. protected void engineInit(ManagerFactoryParameters managerFactoryParameters)
74. throws InvalidAlgorithmParameterException {
75. // Unused
76. }
77. }

[java] view plaincopy

1. /*
2. • Copyright 2012 The Netty Project
3. *
4. • The Netty Project licenses this file to you under the Apache License,
5. • version 2.0 (the "License"); you may not use this file except in compliance
6. • with the License. You may obtain a copy of the License at:
7. *
8. • http://www.apache.org/licenses/LICENSE-2.0
9. *
10. • Unless required by applicable law or agreed to in writing, software
11. • distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12. • WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13. • License for the specific language governing permissions and limitations
14. • under the License.
15. */
16. package netty.in.action.spdy;
18. import java.io.ByteArrayInputStream;
19. import java.io.InputStream;
21. /**
22. • A bogus key store which provides all the required information to
23. • create an example SSL connection.
24. *
25. • To generate a bogus key store:
26. • <pre>
27. • keytool -genkey -alias securechat -keysize 2048 -validity 36500
28. • -keyalg RSA -dname "CN=securechat"
29. • -keypass secret -storepass secret
30. • -keystore cert.jks
31. • </pre>
32. */
33. public final class SecureChatKeyStore {
34. private static final short[] DATA = {
35. 0xfe, 0xed, 0xfe, 0xed, 0x00, 0x00, 0x00, 0x02,
36. 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x01,
37. 0x00, 0x07, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c,
38. 0x65, 0x00, 0x00, 0x01, 0x1a, 0x9f, 0x57, 0xa5,
39. 0x27, 0x00, 0x00, 0x01, 0x9a, 0x30, 0x82, 0x01,
40. 0x96, 0x30, 0x0e, 0x06, 0x0a, 0x2b, 0x06, 0x01,
41. 0x04, 0x01, 0x2a, 0x02, 0x11, 0x01, 0x01, 0x05,
42. 0x00, 0x04, 0x82, 0x01, 0x82, 0x48, 0x6d, 0xcf,
43. 0x16, 0xb5, 0x50, 0x95, 0x36, 0xbf, 0x47, 0x27,
44. 0x50, 0x58, 0x0d, 0xa2, 0x52, 0x7e, 0x25, 0xab,
45. 0x14, 0x1a, 0x26, 0x5e, 0x2d, 0x8a, 0x23, 0x90,
46. 0x60, 0x7f, 0x12, 0x20, 0x56, 0xd1, 0x43, 0xa2,
47. 0x6b, 0x47, 0x5d, 0xed, 0x9d, 0xd4, 0xe5, 0x83,
48. 0x28, 0x89, 0xc2, 0x16, 0x4c, 0x76, 0x06, 0xad,
49. 0x8e, 0x8c, 0x29, 0x1a, 0x9b, 0x0f, 0xdd, 0x60,
50. 0x4b, 0xb4, 0x62, 0x82, 0x9e, 0x4a, 0x63, 0x83,
51. 0x2e, 0xd2, 0x43, 0x78, 0xc2, 0x32, 0x1f, 0x60,
52. 0xa9, 0x8a, 0x7f, 0x0f, 0x7c, 0xa6, 0x1d, 0xe6,
53. 0x92, 0x9e, 0x52, 0xc7, 0x7d, 0xbb, 0x35, 0x3b,
54. 0xaa, 0x89, 0x73, 0x4c, 0xfb, 0x99, 0x54, 0x97,
55. 0x99, 0x28, 0x6e, 0x66, 0x5b, 0xf7, 0x9b, 0x7e,
56. 0x6d, 0x8a, 0x2f, 0xfa, 0xc3, 0x1e, 0x71, 0xb9,
57. 0xbd, 0x8f, 0xc5, 0x63, 0x25, 0x31, 0x20, 0x02,
58. 0xff, 0x02, 0xf0, 0xc9, 0x2c, 0xdd, 0x3a, 0x10,
59. 0x30, 0xab, 0xe5, 0xad, 0x3d, 0x1a, 0x82, 0x77,
60. 0x46, 0xed, 0x03, 0x38, 0xa4, 0x73, 0x6d, 0x36,
61. 0x36, 0x33, 0x70, 0xb2, 0x63, 0x20, 0xca, 0x03,
62. 0xbf, 0x5a, 0xf4, 0x7c, 0x35, 0xf0, 0x63, 0x1a,
63. 0x12, 0x33, 0x12, 0x58, 0xd9, 0xa2, 0x63, 0x6b,
64. 0x63, 0x82, 0x41, 0x65, 0x70, 0x37, 0x4b, 0x99,
65. 0x04, 0x9f, 0xdd, 0x5e, 0x07, 0x01, 0x95, 0x9f,
66. 0x36, 0xe8, 0xc3, 0x66, 0x2a, 0x21, 0x69, 0x68,
67. 0x40, 0xe6, 0xbc, 0xbb, 0x85, 0x81, 0x21, 0x13,
68. 0xe6, 0xa4, 0xcf, 0xd3, 0x67, 0xe3, 0xfd, 0x75,
69. 0xf0, 0xdf, 0x83, 0xe0, 0xc5, 0x36, 0x09, 0xac,
70. 0x1b, 0xd4, 0xf7, 0x2a, 0x23, 0x57, 0x1c, 0x5c,
71. 0x0f, 0xf4, 0xcf, 0xa2, 0xcf, 0xf5, 0xbd, 0x9c,
72. 0x69, 0x98, 0x78, 0x3a, 0x25, 0xe4, 0xfd, 0x85,
73. 0x11, 0xcc, 0x7d, 0xef, 0xeb, 0x74, 0x60, 0xb1,
74. 0xb7, 0xfb, 0x1f, 0x0e, 0x62, 0xff, 0xfe, 0x09,
75. 0x0a, 0xc3, 0x80, 0x2f, 0x10, 0x49, 0x89, 0x78,
76. 0xd2, 0x08, 0xfa, 0x89, 0x22, 0x45, 0x91, 0x21,
77. 0xbc, 0x90, 0x3e, 0xad, 0xb3, 0x0a, 0xb4, 0x0e,
78. 0x1c, 0xa1, 0x93, 0x92, 0xd8, 0x72, 0x07, 0x54,
79. 0x60, 0xe7, 0x91, 0xfc, 0xd9, 0x3c, 0xe1, 0x6f,
80. 0x08, 0xe4, 0x56, 0xf6, 0x0b, 0xb0, 0x3c, 0x39,
81. 0x8a, 0x2d, 0x48, 0x44, 0x28, 0x13, 0xca, 0xe9,
82. 0xf7, 0xa3, 0xb6, 0x8a, 0x5f, 0x31, 0xa9, 0x72,
83. 0xf2, 0xde, 0x96, 0xf2, 0xb1, 0x53, 0xb1, 0x3e,
84. 0x24, 0x57, 0xfd, 0x18, 0x45, 0x1f, 0xc5, 0x33,
85. 0x1b, 0xa4, 0xe8, 0x21, 0xfa, 0x0e, 0xb2, 0xb9,
86. 0xcb, 0xc7, 0x07, 0x41, 0xdd, 0x2f, 0xb6, 0x6a,
87. 0x23, 0x18, 0xed, 0xc1, 0xef, 0xe2, 0x4b, 0xec,
88. 0xc9, 0xba, 0xfb, 0x46, 0x43, 0x90, 0xd7, 0xb5,
89. 0x68, 0x28, 0x31, 0x2b, 0x8d, 0xa8, 0x51, 0x63,
90. 0xf7, 0x53, 0x99, 0x19, 0x68, 0x85, 0x66, 0x00,
91. 0x00, 0x00, 0x01, 0x00, 0x05, 0x58, 0x2e, 0x35,
92. 0x30, 0x39, 0x00, 0x00, 0x02, 0x3a, 0x30, 0x82,
93. 0x02, 0x36, 0x30, 0x82, 0x01, 0xe0, 0xa0, 0x03,
94. 0x02, 0x01, 0x02, 0x02, 0x04, 0x48, 0x59, 0xf1,
95. 0x92, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
96. 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
97. 0x30, 0x81, 0xa0, 0x31, 0x0b, 0x30, 0x09, 0x06,
98. 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4b, 0x52,
99. 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
100. 0x08, 0x13, 0x0a, 0x4b, 0x79, 0x75, 0x6e, 0x67,
101. 0x67, 0x69, 0x2d, 0x64, 0x6f, 0x31, 0x14, 0x30,
102. 0x12, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0b,
103. 0x53, 0x65, 0x6f, 0x6e, 0x67, 0x6e, 0x61, 0x6d,
104. 0x2d, 0x73, 0x69, 0x31, 0x1a, 0x30, 0x18, 0x06,
105. 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x54, 0x68,
106. 0x65, 0x20, 0x4e, 0x65, 0x74, 0x74, 0x79, 0x20,
107. 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x31,
108. 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0b,
109. 0x13, 0x0f, 0x45, 0x78, 0x61, 0x6d, 0x70, 0x6c,
110. 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72,
111. 0x73, 0x31, 0x30, 0x30, 0x2e, 0x06, 0x03, 0x55,
112. 0x04, 0x03, 0x13, 0x27, 0x73, 0x65, 0x63, 0x75,
113. 0x72, 0x65, 0x63, 0x68, 0x61, 0x74, 0x2e, 0x65,
114. 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x6e,
115. 0x65, 0x74, 0x74, 0x79, 0x2e, 0x67, 0x6c, 0x65,
116. 0x61, 0x6d, 0x79, 0x6e, 0x6f, 0x64, 0x65, 0x2e,
117. 0x6e, 0x65, 0x74, 0x30, 0x20, 0x17, 0x0d, 0x30,
118. 0x38, 0x30, 0x36, 0x31, 0x39, 0x30, 0x35, 0x34,
119. 0x31, 0x33, 0x38, 0x5a, 0x18, 0x0f, 0x32, 0x31,
120. 0x38, 0x37, 0x31, 0x31, 0x32, 0x34, 0x30, 0x35,
121. 0x34, 0x31, 0x33, 0x38, 0x5a, 0x30, 0x81, 0xa0,
122. 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
123. 0x06, 0x13, 0x02, 0x4b, 0x52, 0x31, 0x13, 0x30,
124. 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a,
125. 0x4b, 0x79, 0x75, 0x6e, 0x67, 0x67, 0x69, 0x2d,
126. 0x64, 0x6f, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
127. 0x55, 0x04, 0x07, 0x13, 0x0b, 0x53, 0x65, 0x6f,
128. 0x6e, 0x67, 0x6e, 0x61, 0x6d, 0x2d, 0x73, 0x69,
129. 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04,
130. 0x0a, 0x13, 0x11, 0x54, 0x68, 0x65, 0x20, 0x4e,
131. 0x65, 0x74, 0x74, 0x79, 0x20, 0x50, 0x72, 0x6f,
132. 0x6a, 0x65, 0x63, 0x74, 0x31, 0x18, 0x30, 0x16,
133. 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x0f, 0x45,
134. 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x20, 0x41,
135. 0x75, 0x74, 0x68, 0x6f, 0x72, 0x73, 0x31, 0x30,
136. 0x30, 0x2e, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13,
137. 0x27, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x63,
138. 0x68, 0x61, 0x74, 0x2e, 0x65, 0x78, 0x61, 0x6d,
139. 0x70, 0x6c, 0x65, 0x2e, 0x6e, 0x65, 0x74, 0x74,
140. 0x79, 0x2e, 0x67, 0x6c, 0x65, 0x61, 0x6d, 0x79,
141. 0x6e, 0x6f, 0x64, 0x65, 0x2e, 0x6e, 0x65, 0x74,
142. 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
143. 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
144. 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41,
145. 0x00, 0xc3, 0xe3, 0x5e, 0x41, 0xa7, 0x87, 0x11,
146. 0x00, 0x42, 0x2a, 0xb0, 0x4b, 0xed, 0xb2, 0xe0,
147. 0x23, 0xdb, 0xb1, 0x3d, 0x58, 0x97, 0x35, 0x60,
148. 0x0b, 0x82, 0x59, 0xd3, 0x00, 0xea, 0xd4, 0x61,
149. 0xb8, 0x79, 0x3f, 0xb6, 0x3c, 0x12, 0x05, 0x93,
150. 0x2e, 0x9a, 0x59, 0x68, 0x14, 0x77, 0x3a, 0xc8,
151. 0x50, 0x25, 0x57, 0xa4, 0x49, 0x18, 0x63, 0x41,
152. 0xf0, 0x2d, 0x28, 0xec, 0x06, 0xfb, 0xb4, 0x9f,
153. 0xbf, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0d,
154. 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
155. 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x41, 0x00,
156. 0x65, 0x6c, 0x30, 0x01, 0xc2, 0x8e, 0x3e, 0xcb,
157. 0xb3, 0x77, 0x48, 0xe9, 0x66, 0x61, 0x9a, 0x40,
158. 0x86, 0xaf, 0xf6, 0x03, 0xeb, 0xba, 0x6a, 0xf2,
159. 0xfd, 0xe2, 0xaf, 0x36, 0x5e, 0x7b, 0xaa, 0x22,
160. 0x04, 0xdd, 0x2c, 0x20, 0xc4, 0xfc, 0xdd, 0xd0,
161. 0x82, 0x20, 0x1c, 0x3d, 0xd7, 0x9e, 0x5e, 0x5c,
162. 0x92, 0x5a, 0x76, 0x71, 0x28, 0xf5, 0x07, 0x7d,
163. 0xa2, 0x81, 0xba, 0x77, 0x9f, 0x2a, 0xd9, 0x44,
164. 0x00, 0x00, 0x00, 0x01, 0x00, 0x05, 0x6d, 0x79,
165. 0x6b, 0x65, 0x79, 0x00, 0x00, 0x01, 0x1a, 0x9f,
166. 0x5b, 0x56, 0xa0, 0x00, 0x00, 0x01, 0x99, 0x30,
167. 0x82, 0x01, 0x95, 0x30, 0x0e, 0x06, 0x0a, 0x2b,
168. 0x06, 0x01, 0x04, 0x01, 0x2a, 0x02, 0x11, 0x01,
169. 0x01, 0x05, 0x00, 0x04, 0x82, 0x01, 0x81, 0x29,
170. 0xa8, 0xb6, 0x08, 0x0c, 0x85, 0x75, 0x3e, 0xdd,
171. 0xb5, 0xe5, 0x1a, 0x87, 0x68, 0xd1, 0x90, 0x4b,
172. 0x29, 0x31, 0xee, 0x90, 0xbc, 0x9d, 0x73, 0xa0,
173. 0x3f, 0xe9, 0x0b, 0xa4, 0xef, 0x30, 0x9b, 0x36,
174. 0x9a, 0xb2, 0x54, 0x77, 0x81, 0x07, 0x4b, 0xaa,
175. 0xa5, 0x77, 0x98, 0xe1, 0xeb, 0xb5, 0x7c, 0x4e,
176. 0x48, 0xd5, 0x08, 0xfc, 0x2c, 0x36, 0xe2, 0x65,
177. 0x03, 0xac, 0xe5, 0xf3, 0x96, 0xb7, 0xd0, 0xb5,
178. 0x3b, 0x92, 0xe4, 0x14, 0x05, 0x7a, 0x6a, 0x92,
179. 0x56, 0xfe, 0x4e, 0xab, 0xd3, 0x0e, 0x32, 0x04,
180. 0x22, 0x22, 0x74, 0x47, 0x7d, 0xec, 0x21, 0x99,
181. 0x30, 0x31, 0x64, 0x46, 0x64, 0x9b, 0xc7, 0x13,
182. 0xbf, 0xbe, 0xd0, 0x31, 0x49, 0xe7, 0x3c, 0xbf,
183. 0xba, 0xb1, 0x20, 0xf9, 0x42, 0xf4, 0xa9, 0xa9,
184. 0xe5, 0x13, 0x65, 0x32, 0xbf, 0x7c, 0xcc, 0x91,
185. 0xd3, 0xfd, 0x24, 0x47, 0x0b, 0xe5, 0x53, 0xad,
186. 0x50, 0x30, 0x56, 0xd1, 0xfa, 0x9c, 0x37, 0xa8,
187. 0xc1, 0xce, 0xf6, 0x0b, 0x18, 0xaa, 0x7c, 0xab,
188. 0xbd, 0x1f, 0xdf, 0xe4, 0x80, 0xb8, 0xa7, 0xe0,
189. 0xad, 0x7d, 0x50, 0x74, 0xf1, 0x98, 0x78, 0xbc,
190. 0x58, 0xb9, 0xc2, 0x52, 0xbe, 0xd2, 0x5b, 0x81,
191. 0x94, 0x83, 0x8f, 0xb9, 0x4c, 0xee, 0x01, 0x2b,
192. 0x5e, 0xc9, 0x6e, 0x9b, 0xf5, 0x63, 0x69, 0xe4,
193. 0xd8, 0x0b, 0x47, 0xd8, 0xfd, 0xd8, 0xe0, 0xed,
194. 0xa8, 0x27, 0x03, 0x74, 0x1e, 0x5d, 0x32, 0xe6,
195. 0x5c, 0x63, 0xc2, 0xfb, 0x3f, 0xee, 0xb4, 0x13,
196. 0xc6, 0x0e, 0x6e, 0x74, 0xe0, 0x22, 0xac, 0xce,
197. 0x79, 0xf9, 0x43, 0x68, 0xc1, 0x03, 0x74, 0x2b,
198. 0xe1, 0x18, 0xf8, 0x7f, 0x76, 0x9a, 0xea, 0x82,
199. 0x3f, 0xc2, 0xa6, 0xa7, 0x4c, 0xfe, 0xae, 0x29,
200. 0x3b, 0xc1, 0x10, 0x7c, 0xd5, 0x77, 0x17, 0x79,
201. 0x5f, 0xcb, 0xad, 0x1f, 0xd8, 0xa1, 0xfd, 0x90,
202. 0xe1, 0x6b, 0xb2, 0xef, 0xb9, 0x41, 0x26, 0xa4,
203. 0x0b, 0x4f, 0xc6, 0x83, 0x05, 0x6f, 0xf0, 0x64,
204. 0x40, 0xe1, 0x44, 0xc4, 0xf9, 0x40, 0x2b, 0x3b,
205. 0x40, 0xdb, 0xaf, 0x35, 0xa4, 0x9b, 0x9f, 0xc4,
206. 0x74, 0x07, 0xe5, 0x18, 0x60, 0xc5, 0xfe, 0x15,
207. 0x0e, 0x3a, 0x25, 0x2a, 0x11, 0xee, 0x78, 0x2f,
208. 0xb8, 0xd1, 0x6e, 0x4e, 0x3c, 0x0a, 0xb5, 0xb9,
209. 0x40, 0x86, 0x27, 0x6d, 0x8f, 0x53, 0xb7, 0x77,
210. 0x36, 0xec, 0x5d, 0xed, 0x32, 0x40, 0x43, 0x82,
211. 0xc3, 0x52, 0x58, 0xc4, 0x26, 0x39, 0xf3, 0xb3,
212. 0xad, 0x58, 0xab, 0xb7, 0xf7, 0x8e, 0x0e, 0xba,
213. 0x8e, 0x78, 0x9d, 0xbf, 0x58, 0x34, 0xbd, 0x77,
214. 0x73, 0xa6, 0x50, 0x55, 0x00, 0x60, 0x26, 0xbf,
215. 0x6d, 0xb4, 0x98, 0x8a, 0x18, 0x83, 0x89, 0xf8,
216. 0xcd, 0x0d, 0x49, 0x06, 0xae, 0x51, 0x6e, 0xaf,
217. 0xbd, 0xe2, 0x07, 0x13, 0xd8, 0x64, 0xcc, 0xbf,
218. 0x00, 0x00, 0x00, 0x01, 0x00, 0x05, 0x58, 0x2e,
219. 0x35, 0x30, 0x39, 0x00, 0x00, 0x02, 0x34, 0x30,
220. 0x82, 0x02, 0x30, 0x30, 0x82, 0x01, 0xda, 0xa0,
221. 0x03, 0x02, 0x01, 0x02, 0x02, 0x04, 0x48, 0x59,
222. 0xf2, 0x84, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
223. 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05,
224. 0x00, 0x30, 0x81, 0x9d, 0x31, 0x0b, 0x30, 0x09,
225. 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x4b,
226. 0x52, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
227. 0x04, 0x08, 0x13, 0x0a, 0x4b, 0x79, 0x75, 0x6e,
228. 0x67, 0x67, 0x69, 0x2d, 0x64, 0x6f, 0x31, 0x14,
229. 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
230. 0x0b, 0x53, 0x65, 0x6f, 0x6e, 0x67, 0x6e, 0x61,
231. 0x6d, 0x2d, 0x73, 0x69, 0x31, 0x1a, 0x30, 0x18,
232. 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x11, 0x54,
233. 0x68, 0x65, 0x20, 0x4e, 0x65, 0x74, 0x74, 0x79,
234. 0x20, 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74,
235. 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04,
236. 0x0b, 0x13, 0x0c, 0x43, 0x6f, 0x6e, 0x74, 0x72,
237. 0x69, 0x62, 0x75, 0x74, 0x6f, 0x72, 0x73, 0x31,
238. 0x30, 0x30, 0x2e, 0x06, 0x03, 0x55, 0x04, 0x03,
239. 0x13, 0x27, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65,
240. 0x63, 0x68, 0x61, 0x74, 0x2e, 0x65, 0x78, 0x61,
241. 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x6e, 0x65, 0x74,
242. 0x74, 0x79, 0x2e, 0x67, 0x6c, 0x65, 0x61, 0x6d,
243. 0x79, 0x6e, 0x6f, 0x64, 0x65, 0x2e, 0x6e, 0x65,
244. 0x74, 0x30, 0x20, 0x17, 0x0d, 0x30, 0x38, 0x30,
245. 0x36, 0x31, 0x39, 0x30, 0x35, 0x34, 0x35, 0x34,
246. 0x30, 0x5a, 0x18, 0x0f, 0x32, 0x31, 0x38, 0x37,
247. 0x31, 0x31, 0x32, 0x33, 0x30, 0x35, 0x34, 0x35,
248. 0x34, 0x30, 0x5a, 0x30, 0x81, 0x9d, 0x31, 0x0b,
249. 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
250. 0x02, 0x4b, 0x52, 0x31, 0x13, 0x30, 0x11, 0x06,
251. 0x03, 0x55, 0x04, 0x08, 0x13, 0x0a, 0x4b, 0x79,
252. 0x75, 0x6e, 0x67, 0x67, 0x69, 0x2d, 0x64, 0x6f,
253. 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04,
254. 0x07, 0x13, 0x0b, 0x53, 0x65, 0x6f, 0x6e, 0x67,
255. 0x6e, 0x61, 0x6d, 0x2d, 0x73, 0x69, 0x31, 0x1a,
256. 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
257. 0x11, 0x54, 0x68, 0x65, 0x20, 0x4e, 0x65, 0x74,
258. 0x74, 0x79, 0x20, 0x50, 0x72, 0x6f, 0x6a, 0x65,
259. 0x63, 0x74, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03,
260. 0x55, 0x04, 0x0b, 0x13, 0x0c, 0x43, 0x6f, 0x6e,
261. 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x6f, 0x72,
262. 0x73, 0x31, 0x30, 0x30, 0x2e, 0x06, 0x03, 0x55,
263. 0x04, 0x03, 0x13, 0x27, 0x73, 0x65, 0x63, 0x75,
264. 0x72, 0x65, 0x63, 0x68, 0x61, 0x74, 0x2e, 0x65,
265. 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x6e,
266. 0x65, 0x74, 0x74, 0x79, 0x2e, 0x67, 0x6c, 0x65,
267. 0x61, 0x6d, 0x79, 0x6e, 0x6f, 0x64, 0x65, 0x2e,
268. 0x6e, 0x65, 0x74, 0x30, 0x5c, 0x30, 0x0d, 0x06,
269. 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
270. 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30,
271. 0x48, 0x02, 0x41, 0x00, 0x95, 0xb3, 0x47, 0x17,
272. 0x95, 0x0f, 0x57, 0xcf, 0x66, 0x72, 0x0a, 0x7e,
273. 0x5b, 0x54, 0xea, 0x8c, 0x6f, 0x79, 0xde, 0x94,
274. 0xac, 0x0b, 0x5a, 0xd4, 0xd6, 0x1b, 0x58, 0x12,
275. 0x1a, 0x16, 0x3d, 0xfe, 0xdf, 0xa5, 0x2b, 0x86,
276. 0xbc, 0x64, 0xd4, 0x80, 0x1e, 0x3f, 0xf9, 0xe2,
277. 0x04, 0x03, 0x79, 0x9b, 0xc1, 0x5c, 0xf0, 0xf1,
278. 0xf3, 0xf1, 0xe3, 0xbf, 0x3f, 0xc0, 0x1f, 0xdd,
279. 0xdb, 0xc0, 0x5b, 0x21, 0x02, 0x03, 0x01, 0x00,
280. 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
281. 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00,
282. 0x03, 0x41, 0x00, 0x02, 0xd7, 0xdd, 0xbd, 0x0c,
283. 0x8e, 0x21, 0x20, 0xef, 0x9e, 0x4f, 0x1f, 0xf5,
284. 0x49, 0xf1, 0xae, 0x58, 0x9b, 0x94, 0x3a, 0x1f,
285. 0x70, 0x33, 0xf0, 0x9b, 0xbb, 0xe9, 0xc0, 0xf3,
286. 0x72, 0xcb, 0xde, 0xb6, 0x56, 0x72, 0xcc, 0x1c,
287. 0xf0, 0xd6, 0x5a, 0x2a, 0xbc, 0xa1, 0x7e, 0x23,
288. 0x83, 0xe9, 0xe7, 0xcf, 0x9e, 0xa5, 0xf9, 0xcc,
289. 0xc2, 0x61, 0xf4, 0xdb, 0x40, 0x93, 0x1d, 0x63,
290. 0x8a, 0x50, 0x4c, 0x11, 0x39, 0xb1, 0x91, 0xc1,
291. 0xe6, 0x9d, 0xd9, 0x1a, 0x62, 0x1b, 0xb8, 0xd3,
292. 0xd6, 0x9a, 0x6d, 0xb9, 0x8e, 0x15, 0x51 };
294. public static InputStream asInputStream() {
295. byte[] data = new byte[DATA.length];
296. for (int i = 0; i < data.length; i ++) {
297. data[i] = (byte) DATA[i];
298. }
299. return new ByteArrayInputStream(data);
300. }
302. public static char[] getCertificatePassword() {
303. return "secret".toCharArray();
304. }
306. public static char[] getKeyStorePassword() {
307. return "secret".toCharArray();
308. }
310. private SecureChatKeyStore() {
311. // Unused
312. }
313. }

[java] view plaincopy

1. /*
2. • Copyright 2012 The Netty Project
3. *
4. • The Netty Project licenses this file to you under the Apache License,
5. • version 2.0 (the "License"); you may not use this file except in compliance
6. • with the License. You may obtain a copy of the License at:
7. *
8. • http://www.apache.org/licenses/LICENSE-2.0
9. *
10. • Unless required by applicable law or agreed to in writing, software
11. • distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12. • WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13. • License for the specific language governing permissions and limitations
14. • under the License.
15. */
16. package netty.in.action.spdy;
18. import io.netty.handler.ssl.SslHandler;
19. import io.netty.util.internal.SystemPropertyUtil;
21. import java.security.KeyStore;
22. import java.security.SecureRandom;
24. import javax.net.ssl.KeyManager;
25. import javax.net.ssl.KeyManagerFactory;
26. import javax.net.ssl.SSLContext;
27. import javax.net.ssl.SSLEngine;
28. import javax.net.ssl.TrustManager;
30. /**
31. • Creates a bogus {@link SSLContext}. A client-side context created by this
32. • factory accepts any certificate even if it is invalid. A server-side context
33. • created by this factory sends a bogus certificate defined in {@link SecureChatKeyStore}.
34. • <p>
35. • You will have to create your context differently in a real world application.
36. *
37. • <h3>Client Certificate Authentication</h3>
38. *
39. • To enable client certificate authentication:
40. • <ul>
41. • <li>Enable client authentication on the server side by calling
42. • {@link SSLEngine#setNeedClientAuth(boolean)} before creating
43. • {@link SslHandler}.</li>
44. • <li>When initializing an {@link SSLContext} on the client side,
45. • specify the {@link KeyManager} that contains the client certificate as
46. • the first argument of {@link SSLContext#init(KeyManager[], TrustManager[], SecureRandom)}.</li>
47. • <li>When initializing an {@link SSLContext} on the server side,
48. • specify the proper {@link TrustManager} as the second argument of
49. • {@link SSLContext#init(KeyManager[], TrustManager[], SecureRandom)}
50. • to validate the client certificate.</li>
51. • </ul>
52. */
53. public final class SecureChatSslContextFactory {
55. private static final String PROTOCOL = "TLS";
56. private static final SSLContext SERVER_CONTEXT;
57. private static final SSLContext CLIENT_CONTEXT;
59. static {
60. String algorithm = SystemPropertyUtil.get("ssl.KeyManagerFactory.algorithm");
61. if (algorithm == null) {
62. algorithm = "SunX509";
63. }
65. SSLContext serverContext;
66. SSLContext clientContext;
67. try {
68. KeyStore ks = KeyStore.getInstance("JKS");
69. ks.load(SecureChatKeyStore.asInputStream(),
70. SecureChatKeyStore.getKeyStorePassword());
72. // Set up key manager factory to use our key store
73. KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
74. kmf.init(ks, SecureChatKeyStore.getCertificatePassword());
76. // Initialize the SSLContext to work with our key managers.
77. serverContext = SSLContext.getInstance(PROTOCOL);
78. serverContext.init(kmf.getKeyManagers(), null, null);
79. } catch (Exception e) {
80. throw new Error(
81. "Failed to initialize the server-side SSLContext", e);
82. }
84. try {
85. clientContext = SSLContext.getInstance(PROTOCOL);
86. clientContext.init(null, SecureChatTrustManagerFactory.getTrustManagers(), null);
87. } catch (Exception e) {
88. throw new Error(
89. "Failed to initialize the client-side SSLContext", e);
90. }
92. SERVER_CONTEXT = serverContext;
93. CLIENT_CONTEXT = clientContext;
94. }
96. public static SSLContext getServerContext() {
97. return SERVER_CONTEXT;
98. }
100. public static SSLContext getClientContext() {
101. return CLIENT_CONTEXT;
102. }
104. private SecureChatSslContextFactory() {
105. // Unused
106. }
107. }