如何在Eclipse PAHO Java MQTT客户端和Mosquitto代理之间创建PSK连接? [英] How can I create a PSK connection between the Eclipse PAHO Java MQTT client and the Mosquitto broker?
问题描述
我正在尝试在mosquitto mqtt代理和使用Eclipse Paho客户端库用Java编写的应用程序之间配置预共享密钥加密连接.
I am trying to configure a Pre Shared Key encrypted connection between a mosquitto mqtt broker and an application written in Java which uses the Eclipse Paho client library.
我已经成功地在不使用加密和SSL的情况下在两者之间建立了连接,其中服务器证书已通过身份验证,但没有客户端证书.
I have successfully made connections between the two using no encryption and using SSL where the Server certificate is authenticated but with no client certificate.
我想使用预共享密钥对连接进行加密(身份验证不重要),这是mosquitto经纪人绝对支持的,但是我不确定Eclipse Paho库是否支持它.
I would like to get the connection encrypted (authentication not important) by using a Pre Shared Key, which is definitely supported by the mosquitto broker, but I am uncertain whether the Eclipse Paho library supports it or not.
该库为您提供了两种不同的配置安全连接的方式.通过
The library offers you two different ways of configuring a secure connection. Either through the
setSSLProperties(java.util.Properties props)
方法-利用以下属性:
com.ibm.ssl.protocol
com.ibm.ssl.contextProvider
com.ibm.ssl.keyStore
com.ibm.ssl.keyStorePassword
com.ibm.micro.security.Password.obfuscate(char[] password).
com.ibm.ssl.keyStoreType
com.ibm.ssl.keyStoreProvider
com.ibm.ssl.trustStore
com.ibm.ssl.trustStorePassword
com.ibm.micro.security.Password.obfuscate(char[] password).
com.ibm.ssl.trustStoreType
com.ibm.ssl.trustStoreProvider
com.ibm.ssl.enabledCipherSuites
com.ibm.ssl.keyManager
com.ibm.ssl.trustManager
或通过
setSocketFactory(javax.net.SocketFactory socketFactory)
方法.
有人对我使用的工具和库有任何经验吗?有人可以提供有关如何使我的工作正常工作的建议吗?
Does anyone have any experience with the tools and libraries that I am using and could anyone offer any suggestions as to how I might be able to get something working?
是否可以创建一个ssl套接字工厂,该工厂能够返回可以应付我需要的PSK实现的套接字?
Is it possible to create an ssl socket factory which is capable of returning a socket that can cope with the PSK implementation I will need?
感谢您的帮助:-)
推荐答案
Paho客户端依赖JVM运行时中提供的任何安全密码等. Paho本身不提供任何内容.
The Paho client relies on whatever security cyphers etc are provided within the JVM runtime; Paho does not provide any itself.
据我所知,主流JVM提供程序都不包含TLS-PSK支持.可能可以添加第三方的支持,例如 http://www.bouncycastle.org/
As far as I know, none of the mainstream JVM providers include TLS-PSK support. It may be possible to add support from a third party, such as http://www.bouncycastle.org/
您可能还需要检查有关此主题的以下(当前未答复)问题:
You may also want to check these (currently unanswered) quesitons on this subject:
- https://stackoverflow.com/questions/15403999/jsse-implementation-of-tls-psk
- Define cipher suite for TLS in JCA
这篇关于如何在Eclipse PAHO Java MQTT客户端和Mosquitto代理之间创建PSK连接?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!