Java NIO SSL(安全套接层)讲解和实战demo

Java NIO提供了用于网络安全通信的SSL（安全套接层）支持。SSL是一种加密协议，用于保护通信过程中传输的数据的安全性。

Java NIO SSL通过以下方式实现：

创建一个SSLContext对象，并指定加密算法和安全参数。
创建SSLEngine对象，并将其设置为服务器或客户端模式。
使用SSLEngine对象对数据进行加密或解密，以便在通信过程中保证数据的安全性。

以下是Java NIO SSL的示例代码：

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import java.io.FileInputStream;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.nio.channels.SocketChannel;
import java.security.KeyStore;

public class SSLExample {
    public static void main(String[] args) throws Exception {
        String host = "localhost";
        int port = 8080;

        SSLContext sslContext = SSLContext.getInstance("TLS");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream inputStream = new FileInputStream("/path/to/keystore");
        keyStore.load(inputStream, "password".toCharArray());
        sslContext.init(null, null, null);
        SSLEngine sslEngine = sslContext.createSSLEngine(host, port);
        sslEngine.setUseClientMode(true);

        SocketChannel socketChannel = SocketChannel.open();
        socketChannel.connect(new InetSocketAddress(host, port));
        socketChannel.configureBlocking(false);

        Selector selector = Selector.open();
        socketChannel.register(selector, SelectionKey.OP_CONNECT);

        while (true) {
            selector.select();

            for (SelectionKey selectionKey : selector.selectedKeys()) {
                if (selectionKey.isConnectable()) {
                    socketChannel.finishConnect();
                    socketChannel.register(selector, SelectionKey.OP_WRITE);
                } else if (selectionKey.isWritable()) {
                    ByteBuffer buffer = ByteBuffer.allocate(1024);
                    buffer.put("Hello, World!".getBytes());
                    buffer.flip();

                    ByteBuffer encryptedBuffer = ByteBuffer.allocate(1024);
                    sslEngine.wrap(buffer, encryptedBuffer);
                    encryptedBuffer.flip();

                    while (encryptedBuffer.hasRemaining()) {
                        socketChannel.write(encryptedBuffer);
                    }

                    socketChannel.register(selector, SelectionKey.OP_READ);
                } else if (selectionKey.isReadable()) {
                    ByteBuffer buffer = ByteBuffer.allocate(1024);
                    int bytesRead = socketChannel.read(buffer);

                    if (bytesRead > 0) {
                        buffer.flip();

                        ByteBuffer decryptedBuffer = ByteBuffer.allocate(1024);
                        sslEngine.unwrap(buffer, decryptedBuffer);
                        decryptedBuffer.flip();

                        String message = new String(decryptedBuffer.array());
                        System.out.println("Received message: " + message);
                    }
                }
            }
        }
    }
}

此示例代码演示了如何使用Java NIO SSL进行客户端通信。首先，我们创建了一个SSLContext对象，用于管理SSL安全协议。然后，我们创建了一个SSLEngine对象，并将其设置为客户端模式。接下来，我们创建了一个SocketChannel对象，并使用SSL通信进行连接。我们还创建了一个Selector对象，用于监视连接、写入和读取事件。最后，我们使用SSLEngine对象对数据进行加密，并将加密的数据写入SocketChannel中。