用netty造一个简易的fiddler ( 一 生成证书重庆幸运农场 )

企业开发 2018-07-20 16:49:10 阅读次数: 0

  本人曾在上一家公司,搞过半年的爬虫.因此认识了这个叫 fiddler 的工具.当然市面上还有 charles ,开源也有 anyproxy whistle.到最后我还是喜欢用fiddler.似乎有点念旧.而现在这家公司是做erp的.项目用到了netty.

  因此才有这个念头.造一个简单的轮子-简易的fiddler

  Fiddler是一个http协议调试代理工具重庆幸运农场 QQ2952777280【话仙源码论坛】hxforum.com【木瓜源码论坛】papayabbs.com,它能够记录并检查所有你的电脑和互联网之间的http通讯,设置断点,查看所有的“进出”Fiddler的数据。摘自百度百科.

  用过上面的工具都知道,捕获https请求都要安装证书的.本篇内容:生成证书

  网上很多都是使用openssl生成证书的.其实用java完全可以生成的.

复制代码
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.59</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.6</version>
</dependency>
复制代码

复制代码
Security.addProvider(new BouncyCastleProvider());

KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA", "BC");
keyPairGenerator.initialize(2048, new SecureRandom());
KeyPair keyPair = keyPairGenerator.genKeyPair();

X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE).addRDN(BCStyle.C, "C");
builder.addRDN(BCStyle.L, "L").addRDN(BCStyle.O, "O").addRDN(BCStyle.ST, "ST");
X500Name x500Name=builder.addRDN(BCStyle.OU, "OU").addRDN(BCStyle.CN, "CN").build();

Date notBefore = new Date(System.currentTimeMillis());
Date notAfter = new Date(System.currentTimeMillis() + 730 48 3600000L);//two year
X509v3CertificateBuilder xcBuilder = new JcaX509v3CertificateBuilder(
x500Name, BigInteger.valueOf(1), notBefore, notAfter, x500Name, keyPair.getPublic());
xcBuilder.addExtension(Extension.basicConstraints, false, new BasicConstraints(true));
xcBuilder.addExtension(Extension.subjectKeyIdentifier, false, new JcaX509ExtensionUtils().createSubjectKeyIdentifier(keyPair.getPublic()));
xcBuilder.addExtension(Extension.authorityKeyIdentifier, false, new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(keyPair.getPublic()));

ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider("BC").build(keyPair.getPrivate());
X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(xcBuilder.build(signer));
String caPath="d:\ca.crt";
String privateKeyPath="d:\private.der";
saveX509Certificate(certificate.getEncoded(), caPath);
savePrivateKey(new File(privateKeyPath), keyPair.getPrivate(),null);

复制代码

复制代码
public static void saveX509Certificate(byte[] content, String caPath) throws IOException, URISyntaxException {

    PemWriter pemWriter = null;
    try {
        pemWriter = new PemWriter(new OutputStreamWriter(new FileOutputStream(new File(caPath))));
        pemWriter.writeObject(new PemObject("CERTIFICATE", content));
    } finally {
        try {
            if (pemWriter != null) {
                pemWriter.close();
            }
        } catch (IOException ignore) {

        }
    }

}
public static void savePrivateKey(File file, PrivateKey privateKey, OutputEncryptor encryptor) throws IOException {
JcaPKCS8Generator jcaPKCS8Generator = new JcaPKCS8Generator(privateKey, encryptor);

StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pw = new JcaPEMWriter(stringWriter)) {
    pw.writeObject(jcaPKCS8Generator.generate());
}

FileUtils.writeByteArrayToFile(file, stringWriter.toString().getBytes());

}

复制代码
  运行上面代码都产生2个文件(ca.crt 是根证书 , private.der 是私钥).双击ca.crt,再点详细信息,就能看到下图右边那块了.下图是解释上面代码

  至此,我们已经生成好了ca 证书和私钥,下面是windows安装图解

  ps.2-3 步之间要点击下一步才行的.需要说明的是 openssl 和jdk 自带的 keytool 也是可以生成证书的.再次强调证书是要花钱买的.当然也有免费的

猜你喜欢

转载自blog.51cto.com/13879413/2147791
今日推荐
周排行
AIZU 2224 Save your cats(并查集)
HTTP响应头状态码详解
Python socket编程(2)
MaxCompute Studio使用心得系列7—作业对比
Supervisor安装使用
LeetCode 164. Maximum Gap
mysql面试题: 一张表里面有ID自增主键,当insert了17条记录之后,删除了第15,16,17条记录,再把mysql重启,再insert一条记录,这条记录的ID是18还是15
nutch1.2 DeleteDuplicates IndexMerger 详解
OC - @property与setter,getter方法
SpringBoot @Transactional的rollbackFor属性
每日归档
更多
2024-09-19(0)
2024-09-18(0)
2024-09-17(0)
2024-09-16(0)
2024-09-15(0)
2024-09-14(0)
2024-09-13(0)
2024-09-12(0)
2024-09-11(0)
2024-09-10(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022