java - 使用套接字与 XML API openssl s_client -connect with Java 进行通信

Question

我可以使用 openssl 来使用(OpenVAS 的)xml API，例如:

openssl s_client -connect localhost:9390 
...certificate info...
<get_version/>
<get_version_response status="200" status_text="OK"><version>7.0</version></get_version_response>
DONE

我试图在java代码中实现同样的事情:

@Test
public void tryOpenVasGetVersion() throws InterruptedException,
        ExecutionException {

    WebSocketClient webSocketClient = new StandardWebSocketClient();
    WebSocketSession webSocketSession = webSocketClient.doHandshake(new TextWebSocketHandler() {
        @Override
        public void handleTextMessage(WebSocketSession session, TextMessage message) {
            System.out.println("received message - " + message.getPayload());
        }

        @Override
        public void afterConnectionEstablished(WebSocketSession session) throws InterruptedException {
            TimeUnit.SECONDS.sleep(1);
            System.out.println("established connection - " + session);
        }
    }, new WebSocketHttpHeaders(), URI.create("wss://127.0.0.1:9390")).get();

    Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(() -> {
        try {
            TextMessage message = new TextMessage("<get_version/>");
            webSocketSession.sendMessage(message);
            System.out.println("sent message - " + message.getPayload());
        } catch (Exception e) {
            System.out.println("Exception while sending a message "+ e);
        }
    }, 1, 10, TimeUnit.SECONDS);
}

但我得到的是:

java.util.concurrent.ExecutionException: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed

at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:192) at pl.corpnet.mixer.plugins.codescan.fortify.apiclient.SocketTest.connect(SocketTest.java:51) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.junit.runner.JUnitCore.run(JUnitCore.java:137) at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68) at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47) at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242) at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70) Caused by: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:484) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServer(WsWebSocketContainer.java:194) at org.springframework.web.socket.client.standard.StandardWebSocketClient.lambda$doHandshakeInternal$0(StandardWebSocketClient.java:150) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.lang.Thread.run(Thread.java:748) Caused by: java.util.concurrent.ExecutionException: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$WrapperFuture.get(AsyncChannelWrapperSecure.java:512) at org.apache.tomcat.websocket.WsWebSocketContainer.processResponse(WsWebSocketContainer.java:783) at org.apache.tomcat.websocket.WsWebSocketContainer.connectToServerRecursive(WsWebSocketContainer.java:347) ... 4 more Caused by: java.lang.IllegalStateException: Unexpected Status of SSLEngineResult after an unwrap() operation at org.apache.tomcat.websocket.AsyncChannelWrapperSecure$ReadTask.run(AsyncChannelWrapperSecure.java:314) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ... 1 more

任何人都可以给我一个提示，如果我可以使用 WebSocketClient 实现与使用 openssl s_cllient -connect 相同的效果吗？

Answer 1

您可以尝试通过创建 SSLSocket 进行连接。

SSLContext context = SSLContextBuilder.create().setProtocol("TLS1.2").setKeyStoreType("JKS").loadKeyMaterial(...).build();
SSLFactory factory = context.getSocketFactory();

SSLSocket socket = factory.createSocket(host, port);

去年它在 kali linux 上使用 openvas 对我有用。