Beijing Institute of Electronic Technology
Lab Report
Course: Mobile Platform Application development Practice class: 201592 Name: Zeng Junhong No.: 20159210
Score: ___________ Instructor: Lou Jia Peng Experimental Date: 2015.10.25
Experiment Name: Java Network programming and Security
Experiment content: 1, Master Socket program writing 2, mastering the use of cryptographic technology 3, design a secure transmission system
My lab partner is Cai Binsi http://www.cnblogs.com/20159217cbs/, the client is in my charge, the service driven by he's responsible.
Experimental steps:
1. Secure transmission based on Java socket
2, give TCP to implement the client and server, pair programming one person responsible for the client, one person responsible for the server
3. Use Git for version control
4. Choose symmetric algorithm for data encryption
5. Select asymmetric algorithm for key distribution of symmetric encryption key
6, select the appropriate hash algorithm for integrity verification
In this experiment, we use DES Algorithm for clear text encryption/decryption, using RSA algorithm to implement the DES key encryption/decryption.
Before the experiment begins, distribute the prepared RSA public and private keys to the client and the server.
The client uses DES key encryption for the plaintext information and encrypts the DES's decryption key using the RSA public key, which eventually sends the ciphertext information and the encrypted key to the server. Use the hash function to authenticate the plaintext as well.
After receiver B receives the information, decrypts the DES Key with the RSA private key, and then uses the obtained des decryption key to decrypt the text information, it can get the plaintext information sent by the client. The hash function is used to verify the clear text, and the hash value sent by the client is equal to the validation pass.
/**
* Client
*/
Import java.net.*;
Import java.io.*;
Import java.security.*;
Import javax.crypto.*;
Import javax.crypto.spec.*;
Import java.security.spec.*;
Import javax.crypto.interfaces.*;
Import java.security.interfaces.*;
Import java.math.*;
public class Client {
public static void Main (String srgs[]) throws Exception {
try {
keygenerator kg = keygenerator.getinstance ("Desede");
Kg.init (168);
Secretkey k = Kg.generatekey ();
byte[] ptext2 = k.getencoded ();//Generate DES decryption key
To create a socket object that connects to a specified port on a specific server
Socket socket = new Socket ("222.28.132.26", 4421);
Network input stream
BufferedReader in = new BufferedReader (New InputStreamReader (
Socket.getinputstream ()));
Network output stream
PrintWriter out = new PrintWriter (New BufferedWriter (
New OutputStreamWriter (Socket.getoutputstream ())), true);
Creating a keyboard input stream
BufferedReader stdin = new BufferedReader (New InputStreamReader (
system.in));
FileInputStream F3 = new FileInputStream ("Skey_rsa_pub.dat");//Enter the server's public key
ObjectInputStream b2 = new ObjectInputStream (F3);
Rsapublickey pbk = (rsapublickey) b2.readobject ();
BigInteger e = Pbk.getpublicexponent ();
BigInteger n = pbk.getmodulus ();
BigInteger m = new BigInteger (PTEXT2);
BigInteger C = M.modpow (e, n);//Use the server public key to encrypt the DES decryption key
String cs = c.tostring ();
OUT.PRINTLN (CS); Transfer over the network to the server
System.out.print ("Please enter data to be sent:");
String s = stdin.readline ();
Cipher CP = Cipher.getinstance ("Desede");
Cp.init (Cipher.encrypt_mode, k);
byte ptext[] = S.getbytes ("UTF8");
byte ctext[] = cp.dofinal (ptext);//DES encryption for plaintext
String str = PARSEBYTE2HEXSTR (ctext);
Out.println (str);
String x = s;
MessageDigest m2 = messagedigest.getinstance ("MD5");//hash of plaintext
M2.update (X.getbytes ());
byte a[] = M2.digest ();
String result = "";
for (int i = 0; i < a.length; i++) {
Result + = Integer.tohexstring ((0x000000ff & A[i]) | 0xffffff00)
. substring (6);
}
SYSTEM.OUT.PRINTLN (result);
OUT.PRINTLN (result);
str = In.readline ();//Read results from the network input stream
SYSTEM.OUT.PRINTLN ("The result received from the server is:" + str); Results returned by the output server
} catch (Exception e) {
System.out.println (e);
} finally {
}
}
public static String Parsebyte2hexstr (byte buf[]) {
StringBuffer sb = new StringBuffer ();
for (int i = 0; i < buf.length; i++) {
String hex = integer.tohexstring (Buf[i] & 0xFF);
if (hex.length () = = 1) {
Hex = ' 0 ' + hex;
}
Sb.append (Hex.touppercase ());
}
return sb.tostring ();
}
public static byte[] Parsehexstr2byte (String hexstr) {
if (Hexstr.length () < 1)
return null;
Byte[] result = new Byte[hexstr.length ()/2];
for (int i = 0; i < hexstr.length ()/2; i++) {
int high = Integer.parseint (Hexstr.substring (i * 2, I * 2 + 1), 16);
int low = Integer.parseint (Hexstr.substring (i * 2 + 1, I * 2 + 2),
16);
Result[i] = (byte) (high * + low);
}
return result;
}
}
Server driven by Cai Binsi is responsible for http://www.cnblogs.com/20159217cbs/
/**
* Server
*/
Import java.net.*;
Import java.io.*;
Import java.security.*;
Import java.security.spec.*;
Import javax.crypto.*;
Import javax.crypto.spec.*;
Import javax.crypto.interfaces.*;
Import java.security.interfaces.*;
Import java.math.*;
public class Server {
public static void Main (String srgs[]) throws Exception {
ServerSocket sc = null;
Socket socket = NULL;
try {
sc = new ServerSocket (4421);//Create a server socket
SYSTEM.OUT.PRINTLN ("Port number:" + sc.getlocalport ());
SYSTEM.OUT.PRINTLN ("Server has started ...");
Socket = Sc.accept (); Waiting for client connections
SYSTEM.OUT.PRINTLN ("Connection already established");
Get a reference to a network input stream object
BufferedReader in = new BufferedReader (New InputStreamReader (
Socket.getinputstream ()));
Get a reference to a network output stream object
PrintWriter out = new PrintWriter (New BufferedWriter (
New OutputStreamWriter (Socket.getoutputstream ())), true);
String aline2 = In.readline ();
BigInteger C = new BigInteger (aline2);
FileInputStream f = new FileInputStream ("Skey_rsa_priv.dat");
ObjectInputStream B = new ObjectInputStream (f);
Rsaprivatekey PRK = (rsaprivatekey) b.readobject ();
BigInteger d = prk.getprivateexponent ();
BigInteger n = prk.getmodulus ();
BigInteger m = C.modpow (d, N);
byte[] keykb = M.tobytearray ();
String aline = In.readline ();//Read data sent by the client
byte[] Ctext = Parsehexstr2byte (aline);
Key k = new Secretkeyspec (keykb, "Desede");
Cipher CP = Cipher.getinstance ("Desede");
Cp.init (Cipher.decrypt_mode, k);
byte[] Ptext = cp.dofinal (Ctext);
String p = new String (Ptext, "UTF8");
System.out.println ("received from the client information:" + P); Returns results to the client over a network output stream
String Aline3 = In.readline ();
String x = p;
MessageDigest m2 = messagedigest.getinstance ("MD5");
M2.update (X.getbytes ());
byte a[] = M2.digest ();
String result = "";
for (int i = 0; i < a.length; i++) {
Result + = Integer.tohexstring ((0x000000ff & A[i]) | 0xffffff00)
. substring (6);
}
SYSTEM.OUT.PRINTLN (result);
if (aline3.equals (result)) {
System.out.println ("match success");
}
Out.println ("match success");
Out.close ();
In.close ();
Sc.close ();
} catch (Exception e) {
System.out.println (e);
}
}
public static String Parsebyte2hexstr (byte buf[]) {
StringBuffer sb = new StringBuffer ();
for (int i = 0; i < buf.length; i++) {
String hex = integer.tohexstring (Buf[i] & 0xFF);
if (hex.length () = = 1) {
Hex = ' 0 ' + hex;
}
Sb.append (Hex.touppercase ());
}
return sb.tostring ();
}
public static byte[] Parsehexstr2byte (String hexstr) {
if (Hexstr.length () < 1)
return null;
Byte[] result = new Byte[hexstr.length ()/2];
for (int i = 0; i < hexstr.length ()/2; i++) {
int high = Integer.parseint (Hexstr.substring (i * 2, I * 2 + 1), 16);
int low = Integer.parseint (Hexstr.substring (i * 2 + 1, I * 2 + 2),
16);
Result[i] = (byte) (high * + low);
}
return result;
}
}
By querying the server IP address, our group first did a ping test, through after, by Cai Binsi first start the server, I then start the client.
The operation results are as follows
1. Server Operation Result:
2. Client Run Results
Experiment Summary:
In this experiment, the most difficult thing is the use of socket communication. Through this experiment, because the program code logic is initiated by the Client connection request, the server passive response, so there is a limited number of operations.
It is envisaged that the RSA public-private key pair should be created by the server, and then the RSA public key is transferred to the client through the socket, but because the process of transferring the files to the client inevitably leads to the complexity of the code, finally we select the client and the server to pass the data flow to each other. It does not involve a file transfer operation.
There are many ways to harvest this experiment:
1. Review the socket transfer content, let me understand the data flow between the conversion can be in a variety of ways.
2. Further understand the socket communication, understand the server's response mechanism, but there are still some doubts.
3. Learn the operation of the encryption and decryption algorithm in Java, familiar with the operation process of encryption and decryption.
4. Learned the operation of the file in the socket communication, but because of the complexity of the operation and the implementation of logic, and finally only wrote a transmission demo, not put into use.
5. A simple understanding of the security system.
Experiment five Java network programming and security