带有匿名 Diffie Hellman 的 Java SSL/TLS [英] Java SSL/TLS with Anonymous Diffie Hellman
问题描述
我有一个用 Java 编写的基本客户端/服务器应用程序,它使用普通的 Sockets 进行通信.
I have a basic client/server application written in Java which uses plain Sockets for communication.
我想防止对其进行被动窃听攻击,并通过 TLS/SSL 进行通信.我不希望应用程序用户遇到设置证书等的麻烦,我想使用 AES 加密(TLS_DH_anon_WITH_AES_128_CBC_SHA 模式)通过匿名 Diffie Hellman 设置 SSL 套接字.
I'd like to prevent passive eavesdropping attacks against it and do the communication over TLS/SSL. I don't want the application user to get in the hassle of setting up certificates etc., I'd like to setup Sockets over SSL with Anonymous Diffie Hellman using AES encryption (TLS_DH_anon_WITH_AES_128_CBC_SHA mode).
但是,关于如何设置 SSLContext 或 SSLSocketFactory 以启用我想要的模式,我无法在网络或任何文档上找到任何合适的示例.我很感激这个最小的例子.
However I can't find any suitable examples on net or any documentation as to how I'd setup the SSLContext or SSLSocketFactory to enable the mode I want. I'd appreciate a minimal example for this.
推荐答案
您应该使用 setEnabledCipherSuites
.
You should set the cipher suite on the SSLSocket
(or SSLEngine
) using setEnabledCipherSuites
.
这篇关于带有匿名 Diffie Hellman 的 Java SSL/TLS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!