lizongbo at 618119.com 工作,生活,Android,前端,Linode,Ubuntu,nginx,java,apache,tomcat,Resin,mina,Hessian,XMPP,RPC

2007年12月14日

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (六)

Filed under: Java,SSL — 标签:, , , , , , , — lizongbo @ 14:37

接上一篇: http://618119.com/archives/2007/12/13/45.html

使用 commons ssl生成 SSLContext :

[code]

package com.lizongbo.smpp.ssl;

import javax.net.ssl.SSLContext;
import java.security.GeneralSecurityException;
import java.io.IOException;
import javax.net.ssl.KeyManager;
import org.apache.commons.ssl.KeyMaterial;

public class SMPPSSLContextFactory {
private static final String PROTOCOL = “TLS”;
private static final String CA_FILE = “ca.crt.properties”;
private static final String CERT_FILE = “server.crt.properties”;
private static final String KEY_FILE = “server.key.properties”;
private static final String CILENT_FILE = “client.crt.properties”;;//”client.p12.properties”;
private static final String CILENT_KEY_FILE = “client.key.properties”;

private static final char[] password =new char[0] ;//”lizongbo”.toCharArray();

private static SSLContext serverInstance = null;

private static SSLContext clientInstance = null;

/**
* Get SSLContext singleton.
*
* @return SSLContext
* @throws java.security.GeneralSecurityException
*
*/
public static SSLContext getInstance(boolean server) throws
GeneralSecurityException, IOException {
SSLContext retInstance = null;
if (server) {
if (serverInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (serverInstance == null) {
try {
serverInstance = createSMPPServerSSLContext();
}
catch (Exception ioe) {
throw new GeneralSecurityException(
“Can’t create Server SSLContext:” + ioe);
}
}
}
}
retInstance = serverInstance;
}
else {
if (clientInstance == null) {
synchronized (SMPPSSLContextFactory.class) {
if (clientInstance == null) {
clientInstance = createSMPPClientSSLContext();
}
}
}
retInstance = clientInstance;
}
return retInstance;
}

private static SSLContext createSMPPServerSSLContext() throws
GeneralSecurityException, IOException {
// ssl.setCheckHostname(false); // default setting is “false” for SSLServer
// ssl.setCheckExpiry(true); // default setting is “true” for SSLServer
// ssl.setCheckCRL(true); // default setting is “true” for SSLServer
// ssl.useStrongCiphers();
// return ssl.getSSLContext();
SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CERT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(KEY_FILE),
password);
sslContext.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
// System.out.println(“getCipherSuites ==” +
// java.util.Arrays.toString(sslContext.getServerSessionContext().
// getSupportedSSLParameters().
// getCipherSuites()));
return sslContext;

}

private static SSLContext createSMPPClientSSLContext() throws
GeneralSecurityException, IOException {
{
SSLContext context = SSLContext.getInstance(PROTOCOL);
KeyMaterial km = new KeyMaterial(SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_FILE),
SMPPSSLContextFactory.class
.getResourceAsStream(CILENT_KEY_FILE),
password);
context.init( (KeyManager[]) km.getKeyManagers(),
SMPPTrustManagerFactory.X509_MANAGERS, null);
return context;
}
}
}
[/code]

实现证书检查认证的代码:

[code]

package com.lizongbo.smpp.ssl;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;

public class SMPPTrustManagerFactory
extends TrustManagerFactorySpi {

static final X509TrustManager X509 = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
elem.checkValidity();
//System.out.println(“checkClientTrusted elem ==” + elem);
}
}
// System.out.println(“checkClientTrusted s ==” + s);
}

public void checkServerTrusted(X509Certificate[] x509Certificates,
String s) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate elem : x509Certificates) {
// System.out.println(“checkServerTrusted elem ==” + elem);
}
}
// System.out.println(“checkServerTrusted s ==” + s);

}

public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};

static final TrustManager[] X509_MANAGERS = new TrustManager[] {
X509};

public SMPPTrustManagerFactory() {
}

protected TrustManager[] engineGetTrustManagers() {
return X509_MANAGERS;
}

protected void engineInit(KeyStore keystore) throws KeyStoreException {
// noop
}

protected void engineInit(
ManagerFactoryParameters managerFactoryParameters) throws
InvalidAlgorithmParameterException {
// noop
}
}
[/code]

2007年12月13日

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (五)

Filed under: Java,SSL — 标签:, , , , , , , , — lizongbo @ 08:43

接上一篇: http://618119.com/archives/2007/12/06/39.html

为 DefaultIoFilterChainBuilder 增加filter:

[code]
import org.apache.mina.filter.LoggingFilter;
import javax.net.ssl.SSLContext;
import org.apache.mina.filter.SSLFilter;
import org.apache.mina.common.DefaultIoFilterChainBuilder;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.apache.commons.ssl.*;
import java.io.*;
import java.security.*;
import com.lizongbo.smpp.ssl.SMPPSSLContextFactory;
import com.lizongbo.smpp.server.codec.SMPPProtocolCodecFactory;

public static final int PORT = 5432;
public static final int CONNECT_TIMEOUT = 3; // seconds
private static final boolean USE_SSL = true;
private static final boolean USE_LOG = false;
private static final boolean USE_COMPRESS = false;
private static final boolean USE_THREADPOOL = false;
/**
添加服务端的ssl支持
*/
public static void addServerSSLSupport(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_SSL) {
SSLContext sslc = SMPPSSLContextFactory.getInstance(true);
SSLFilter sslFilter = new SSLFilter(sslc);
sslFilter.setNeedClientAuth(true);//
//sslFilter.setWantClientAuth(true);
sslFilter.setEnabledCipherSuites(new String[] {
“TLS_RSA_WITH_AES_256_CBC_SHA”
“SSL_RSA_WITH_RC4_128_MD5″//,
“TLS_RSA_WITH_AES_128_CBC_SHA”,
“TLS_DHE_RSA_WITH_AES_128_CBC_SHA”,
“TLS_DHE_DSS_WITH_AES_128_CBC_SHA”,
“TLS_RSA_WITH_AES_256_CBC_SHA”,
“TLS_DHE_RSA_WITH_AES_256_CBC_SHA”,
“SSL_RSA_WITH_RC4_128_SHA”,
“TLS_DHE_DSS_WITH_AES_256_CBC_SHA”
});
chain.addLast(“sslFilter”, sslFilter);
System.out.println(“Server SSL ON”);
}
}
/**
添加客户端的ssl支持
*/
public static void addCilentSSLSupport(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_SSL) {
SSLContext sslc = SMPPSSLContextFactory.getInstance(false);
SSLFilter sslFilter = new SSLFilter(sslc);
sslFilter.setUseClientMode(true);
chain.addLast(“sslFilter”, sslFilter);
System.out.println(“Client SSL ON”);
}
}
/**
添加 logger 过滤器
*/
public static void addLogger(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_LOG) {
chain.addLast(“logger”, new LoggingFilter());
System.out.println(“Logging ON”);
}
}
/**
添加压缩 过滤器
*/
public static void addCompress(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_COMPRESS) {
chain.addLast(“compress”, new org.apache.mina.filter.CompressionFilter());
System.out.println(“Compress ON”);
}
}
/**
添加编码解码过滤器
*/
public static void addCodec(DefaultIoFilterChainBuilder chain) throws
Exception {
chain.addLast(“codec”,
new ProtocolCodecFilter(new SMPPProtocolCodecFactory()));

}
/**
添加线程池过滤器
*/
public static void addThreadPool(DefaultIoFilterChainBuilder chain) throws
Exception {
if (USE_THREADPOOL) {
chain.addLast(“threadpool”,
new org.apache.mina.filter.executor.ExecutorFilter());
System.out.println(“Threadpool ON”);
}
}

public static void main(String[] args) throws IOException, Exception {
IoAcceptor acceptor = new SocketAcceptor();
IoAcceptorConfig config = new SocketAcceptorConfig();
DefaultIoFilterChainBuilder chain = config.getFilterChain();
//Utils.addServerSSLSupport(chain);
Utils.addThreadPool(chain);
Utils.addCompress(chain);
Utils.addCodec(chain);
Utils.addLogger(chain);
SMPPServerSessionHandler handlers = new SMPPServerSessionHandler();
handlers.getHandles().put(Integer.valueOf(0x00000001),
new com.lizongbo.smpp.server.handlers.
BindReceiverHandler());
handlers.getHandles().put(Integer.valueOf(0x00000002),
new com.lizongbo.smpp.server.handlers.
BindTransmitterHandler());
handlers.getHandles().put(Integer.valueOf(0x00000004),
new com.lizongbo.smpp.server.handlers.
SubmitSMHandler());
handlers.getHandles().put(Integer.valueOf(0x00000006),
new com.lizongbo.smpp.server.handlers.
UnbindHandler());
InetSocketAddress serverAddr = new InetSocketAddress(Utils.PORT);
acceptor.bind(
serverAddr, handlers,
config);

//JMX控制

IoServiceManager serviceManager = new IoServiceManager(acceptor);
serviceManager.startCollectingStats(1000);
MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
ObjectName name = new ObjectName(
“com.lizongbo.smpp.server:type=IoServiceManager”);
mbs.registerMBean(serviceManager, name);

System.out.println(“Listening on port ” + Utils.PORT);
}

[/code]

2007年12月6日

用Spring,smppapi,apache mina, commons ssl快速实现安全的smpp smsc (四)

Filed under: Java,SSL — 标签:, , , , , , — lizongbo @ 09:18

接上一篇: http://618119.com/archives/2007/12/03/35.html

对 SMPPPacket的业务处理代码:

1.处理 BIND_RECEIVER消息

[code]

package com.lizongbo.smpp.server.handlers;

import org.apache.mina.common.*;
import com.lizongbo.smpp.server.*;
import ie.omk.smpp.*;
import ie.omk.smpp.message.*;
import ie.omk.smpp.message.tlv.*;
import ie.omk.smpp.util.*;
import ie.omk.smpp.version.*;

/**
*
* <p>Title: BindReceiver Handler</p>
*
* <p>Description: smpp BIND_RECEIVER</p>
*
* <p>Copyright: Copyright (c) 2007</p>
*
* <p>Company: http://618119.com </p>
*
* @author lizongbo
* @version 1.0
*/
public class BindReceiverHandler
implements SMPPPacketHandler {
public void process(IoSession session, SMPPPacket packet) throws
BadCommandIDException {
BindReceiver msg = (BindReceiver) packet;
System.out.println(“sysId=” + msg.getSystemId());
System.out.println(“password=” + msg.getPassword());
//在这里判断账号和密码是否正确
System.out.println(“sysType=” + msg.getSystemType());
System.out.println(“interfaceVer=” + msg.getInterfaceVersion());
System.out.println(“addrTon=” + msg.getAddressTon());
System.out.println(“addrNpi=” + msg.getAddressNpi());
System.out.println(“addressRange=” + msg.getAddressRange());

BindReceiverResp res = (BindReceiverResp) PacketFactory.
newInstance(SMPPPacket.BIND_RECEIVER_RESP);
res.setCommandStatus(0);
res.setSequenceNum(packet.getSequenceNum());
res.setSystemId(“smsc.618119.com”);
res.setOptionalParameter(Tag.SC_INTERFACE_VERSION,
SMPPVersion.getDefaultVersion().getVersionID());
session.write(res);
}

}

[/code]

2.处理BIND_TRANSMITTER消息

[code]

package com.lizongbo.smpp.server.handlers;

import org.apache.mina.common.*;
import com.lizongbo.smpp.server.*;
import ie.omk.smpp.*;
import ie.omk.smpp.message.*;
import ie.omk.smpp.message.tlv.*;
import ie.omk.smpp.util.*;
import ie.omk.smpp.version.*;
/**
*
* <p>Title: BindTransmitter Handler</p>
*
* <p>Description: smpp BIND_TRANSMITTER</p>
*
* <p>Copyright: Copyright (c) 2007</p>
*
* <p>Company: http://618119.com </p>
*
* @author lizongbo
* @version 1.0
*/
public class BindTransmitterHandler
implements SMPPPacketHandler {
public void process(IoSession session, SMPPPacket packet) throws
BadCommandIDException {
BindTransmitter msg = (BindTransmitter) packet;
System.out.println(“sysId=” + msg.getSystemId());
System.out.println(“password=” + msg.getPassword());
System.out.println(“sysType=” + msg.getSystemType());
System.out.println(“interfaceVer=” + msg.getInterfaceVersion());
System.out.println(“addrTon=” + msg.getAddressTon());
System.out.println(“addrNpi=” + msg.getAddressNpi());
System.out.println(“addressRange=” + msg.getAddressRange());

BindTransmitterResp res = (BindTransmitterResp) PacketFactory.
newInstance(SMPPPacket.BIND_TRANSMITTER_RESP);
res.setCommandStatus(msg.getCommandStatus());
res.setSequenceNum(packet.getSequenceNum());
res.setSystemId(“smsc.618119.com”);
res.setOptionalParameter(Tag.SC_INTERFACE_VERSION,
SMPPVersion.getDefaultVersion().getVersionID());
session.write(res);
}

}
[/code]

3.处理DELIVER_SM_RESP,SUBMIT_SM,UNBIND消息的代码片断.

[code]

public void process(IoSession session, SMPPPacket packet) throws
BadCommandIDException {
DeliverSMResp msg = (DeliverSMResp) packet;
System.out.println(“收到确认的消息编号:” + msg.getMessageId());
}

public void process(IoSession session, SMPPPacket packet) throws
BadCommandIDException {
SubmitSM msg = (SubmitSM) packet;

System.out.println(“serviceType=” + msg.getServiceType());
System.out.println(“source=” + msg.getSource());
System.out.println(“destination=” + msg.getDestination());
System.out.println(“esmClass=” + msg.getEsmClass());
System.out.println(“protocolID=” + msg.getProtocolID());
System.out.println(“priority=” + msg.getPriority());
System.out.println(“delivery=” + msg.getDeliveryTime());

System.out.println(“expiryTime=” + msg.getExpiryTime());
System.out.println(“registered=” + msg.getRegistered());
System.out.println(“replaceIfPresent=” + msg.getReplaceIfPresent());
System.out.println(“dataCoding=” + msg.getDataCoding());
System.out.println(“defaultMsg=” + msg.getDefaultMsg());
System.out.println(“message=” + new String(msg.getMessage()));
SubmitSMResp res = (SubmitSMResp) PacketFactory.
newInstance(SMPPPacket.SUBMIT_SM_RESP);
res.setCommandStatus(0);
res.setSequenceNum(packet.getSequenceNum());
res.setMessageId(“11233”);
session.write(res);
}

public void process(IoSession session, SMPPPacket packet) throws
BadCommandIDException {
Unbind msg = (Unbind) packet;
UnbindResp res = (UnbindResp) PacketFactory.
newInstance(SMPPPacket.UNBIND_RESP);
res.setCommandStatus(0);
res.setSequenceNum(packet.getSequenceNum());
session.write(res);
}

[/code]

Older Posts »

Powered by WordPress