如何在Eclipse PAHO Java MQTT客户端和Mosquitto代理之间创建PSK连接? [英] How can I create a PSK connection between the Eclipse PAHO Java MQTT client and the Mosquitto broker?

问题描述

我正在尝试在mosquitto mqtt代理和使用Eclipse Paho客户端库用Java编写的应用程序之间配置预共享密钥加密连接.

I am trying to configure a Pre Shared Key encrypted connection between a mosquitto mqtt broker and an application written in Java which uses the Eclipse Paho client library.

我已经成功地在不使用加密和SSL的情况下在两者之间建立了连接，其中服务器证书已通过身份验证，但没有客户端证书.

I have successfully made connections between the two using no encryption and using SSL where the Server certificate is authenticated but with no client certificate.

我想使用预共享密钥对连接进行加密(身份验证不重要)，这是mosquitto经纪人绝对支持的，但是我不确定Eclipse Paho库是否支持它.

I would like to get the connection encrypted (authentication not important) by using a Pre Shared Key, which is definitely supported by the mosquitto broker, but I am uncertain whether the Eclipse Paho library supports it or not.

该库为您提供了两种不同的配置安全连接的方式.通过

The library offers you two different ways of configuring a secure connection. Either through the

setSSLProperties(java.util.Properties props)

方法-利用以下属性:

com.ibm.ssl.protocol
com.ibm.ssl.contextProvider
com.ibm.ssl.keyStore
com.ibm.ssl.keyStorePassword
com.ibm.micro.security.Password.obfuscate(char[] password). 
com.ibm.ssl.keyStoreType
com.ibm.ssl.keyStoreProvider
com.ibm.ssl.trustStore
com.ibm.ssl.trustStorePassword
com.ibm.micro.security.Password.obfuscate(char[] password).
com.ibm.ssl.trustStoreType
com.ibm.ssl.trustStoreProvider
com.ibm.ssl.enabledCipherSuites
com.ibm.ssl.keyManager
com.ibm.ssl.trustManager

或通过

setSocketFactory(javax.net.SocketFactory socketFactory)

方法.

有人对我使用的工具和库有任何经验吗?有人可以提供有关如何使我的工作正常工作的建议吗?

Does anyone have any experience with the tools and libraries that I am using and could anyone offer any suggestions as to how I might be able to get something working?

是否可以创建一个ssl套接字工厂，该工厂能够返回可以应付我需要的PSK实现的套接字?

Is it possible to create an ssl socket factory which is capable of returning a socket that can cope with the PSK implementation I will need?

感谢您的帮助:-)

推荐答案

Paho客户端依赖JVM运行时中提供的任何安全密码等. Paho本身不提供任何内容.

The Paho client relies on whatever security cyphers etc are provided within the JVM runtime; Paho does not provide any itself.

据我所知，主流JVM提供程序都不包含TLS-PSK支持.可能可以添加第三方的支持，例如 http://www.bouncycastle.org/

As far as I know, none of the mainstream JVM providers include TLS-PSK support. It may be possible to add support from a third party, such as http://www.bouncycastle.org/

您可能还需要检查有关此主题的以下(当前未答复)问题:

You may also want to check these (currently unanswered) quesitons on this subject:

• > https://stackoverflow.com/questions/15403999/jsse-implementation-of-tls -psk
• 在JCA中定义TLS的密码套件

• https://stackoverflow.com/questions/15403999/jsse-implementation-of-tls-psk
• Define cipher suite for TLS in JCA

这篇关于如何在Eclipse PAHO Java MQTT客户端和Mosquitto代理之间创建PSK连接?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！