Shulou(Shulou.com)06/01 Report--

How to use Carlifornium to implement the DTLS protocol using PSK algorithm, I believe that many inexperienced people do not know what to do about it. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Carlifornium is a CoAP+DTLS framework on Eclipse. Forget about what CoAP and DTLS are. Go to the code.

/ / specify public and private key file information private static final char [] KEY_STORE_PASSWORD = "123456" .toCharArray (); private static final String KEY_STORE_LOCATION = "demo2.jks"; private static final char [] TRUST_STORE_PASSWORD = "123456" .toCharArray (); private static final String TRUST_STORE_LOCATION = "demo2.jks" . / / load public and private key files SslContextUtil.Credentials clientCredentials = SslContextUtil.loadCredentials (SslContextUtil.CLASSPATH_SCHEME + KEY_STORE_LOCATION, "demo2", KEY_STORE_PASSWORD,KEY_STORE_PASSWORD); Certificate [] trustedCertificates = SslContextUtil.loadTrustedCertificates (SslContextUtil.CLASSPATH_SCHEME + TRUST_STORE_LOCATION, "demo2", TRUST_STORE_PASSWORD); DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder (); / / specify PSK key builder.setPskStore (new StaticPskStore ("Client_identity", "secretPSK" .getBytes () Builder.setIdentity (clientCredentials.getPrivateKey (), clientCredentials.getCertificateChain (), CertificateType.RAW_PUBLIC_KEY, CertificateType.X_509); builder.setTrustStore (trustedCertificates); builder.setRpkTrustAll (); builder.setConnectionThreadCount (1); dtlsConnector = new DTLSConnector (builder.build ())

The demo2.jks here is generated by jdk's keytool. I'm lazy. I use the same public and private key. KEY_STORE_LOCATION should be my own key.

Keytool-genkey-alias demo2-keypass 123456-keyalg EC-keysize 256-validity 3650-keystore demo2.jks-storepass 123456

The pass generated by keytool should be the same as the password in the code, and the name of the alias should be the same.

Client code

DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder (); / / specify the key of PSK. The string secretPSK is the key builder.setPskStore (new StaticPskStore ("Client_identity", "secretPSK" .getBytes ()); builder.setConnectionThreadCount (1); / / specify the PSK key, otherwise the public and private keys of ECDHE will be found automatically ("TLS_PSK_WITH_AES_128_GCM_SHA256"); dtlsConnector = new DTLSConnector (builder.build ()).

The interactive process of packet capture goes something like this:

In Server Hello, you can see that the PSK algorithm we specified is used.

If the configuration keys on both sides are wrong, you can see that the data failed:

The dependencies in pom.xml are as follows

Org.eclipse.californium californium-core 2.3.0 org.eclipse.californium scandium 2.3.0 org.slf4j slf4j-api 1.7.30 Org.apache.logging.log4j log4j-api 2.13.3 org.apache.logging.log4j log4j-core 2.13.3 org.apache.logging.log4j log4j-slf4j-impl 2.13.3 read the above content Do you know how to use Carlifornium to implement the DTLS protocol using the PSK algorithm? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.