netty(十六)报文加密
本次作实践,序列号承接 netty(十三)protobuf + 心跳
1 对称加密AES
服务端
pipeline.addLast(new LengthFieldBasedFrameDecoder(10000, 0, 4, 0, 4));
pipeline.addLast(new MyProtobufDecoder());
pipeline.addLast(new ProtobufDecoder(MyBaseProtoV2.BaseProto.getDefaultInstance()));
pipeline.addLast(new LengthFieldPrepender(4));
pipeline.addLast(new MyProtobufEncoder());
pipeline.addLast(new ProtobufEncoder());
pipeline.addLast(new IdleStateHandler(61, 0, 0, TimeUnit.SECONDS));
pipeline.addLast(new ServerHeartbeatHandler());
//处理类
pipeline.addLast(new ServerHandler4V2Heart());
客户端
pipeline.addLast(new LengthFieldBasedFrameDecoder(10000, 0, 4, 0, 4));
pipeline.addLast(new MyProtobufDecoder());
pipeline.addLast(new ProtobufDecoder(MyBaseProto.BaseProto.getDefaultInstance()));
pipeline.addLast(new LengthFieldPrepender(4));
pipeline.addLast(new MyProtobufEncoder());
pipeline.addLast(new ProtobufEncoder());
pipeline.addLast(new IdleStateHandler(61, 30, 0, TimeUnit.SECONDS));主动发心跳
pipeline.addLast(new ClientHeartbeatHandler());
//处理类
pipeline.addLast(new ClientHandler4Heart());
AES算法,服务端、客户端两端使用同样的加密、解密handler
netty编码的顺序为:
pb encoder-aesencoder-tcp粘拆包
netty解码的顺序为:
tcp粘拆包-aesdecoder-pb decoder
加密:
1 2 3 4 5 6 7 8 9 10 11 12 | public class MyProtobufEncoder extends MessageToMessageEncoder<ByteBuf> { @Override protected void encode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = AESTest.encode(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
解密:
1 2 3 4 5 6 7 8 9 10 11 | public class MyProtobufDecoder extends MessageToMessageDecoder<ByteBuf> { @Override protected void decode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = AESTest.decode(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
这个地方性能会有些问题,Bytebuf——byte[]——Bytebuf,存在2次内存拷贝
2 非对称加密RSA
服务端使用私钥加解密
pipeline.addLast(new LengthFieldBasedFrameDecoder(10000, 0, 4, 0, 4));
pipeline.addLast(new MyProtobufServerDecoder());
pipeline.addLast(new ProtobufDecoder(MyBaseProtoV2.BaseProto.getDefaultInstance()));
pipeline.addLast(new LengthFieldPrepender(4));
pipeline.addLast(new MyProtobufServerEncoder());
pipeline.addLast(new ProtobufEncoder());
pipeline.addLast(new IdleStateHandler(61, 0, 0, TimeUnit.SECONDS));
pipeline.addLast(new ServerHeartbeatHandler());
//处理类
pipeline.addLast(new ServerHandler4V2Heart());
客户端使用公钥加解密
pipeline.addLast(new LengthFieldBasedFrameDecoder(10000, 0, 4, 0, 4));
pipeline.addLast(new MyProtobufClientDecoder());
pipeline.addLast(new ProtobufDecoder(MyBaseProto.BaseProto.getDefaultInstance()));
pipeline.addLast(new LengthFieldPrepender(4));
pipeline.addLast(new MyProtobufClientEncoder());
pipeline.addLast(new ProtobufEncoder());
pipeline.addLast(new IdleStateHandler(61, 30, 0, TimeUnit.SECONDS));
pipeline.addLast(new ClientHeartbeatHandler());
//处理类
pipeline.addLast(new ClientHandler4Heart());
netty服务端编码的顺序为:
pb encoder-rsa私钥加密-tcp粘拆包
1 2 3 4 5 6 7 8 9 10 11 12 | public class MyProtobufServerEncoder extends MessageToMessageEncoder<ByteBuf> { @Override protected void encode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = RSACoder.encryptByPrivateKey(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
netty服务端解码的顺序为:
tcp粘拆包-rsa私钥解密-pb decoder
1 2 3 4 5 6 7 8 9 10 11 | public class MyProtobufServerDecoder extends MessageToMessageDecoder<ByteBuf> { @Override protected void decode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = RSACoder.decryptByPrivateKey(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
netty客户端编码的顺序为:
pb encoder-rsa公钥加密-tcp粘拆包
1 2 3 4 5 6 7 8 9 10 11 12 | public class MyProtobufClientEncoder extends MessageToMessageEncoder<ByteBuf> { @Override protected void encode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = RSACoder.encryptByPublicKey(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
netty客户端解码的顺序为:
tcp粘拆包-rsa公钥解密-pb decoder
1 2 3 4 5 6 7 8 9 10 11 | public class MyProtobufClientDecoder extends MessageToMessageDecoder<ByteBuf> { @Override protected void decode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception { byte [] bytes = new byte[byteBuf.readableBytes()]; byteBuf.readBytes(bytes); byte [] encoded = RSACoder.decryptByPublicKey(bytes); ByteBuf buf = Unpooled.wrappedBuffer(encoded); list.add(buf); }} |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 地球OL攻略 —— 某应届生求职总结
· 提示词工程——AI应用必不可少的技术
· Open-Sora 2.0 重磅开源!
· 字符编码:从基础到乱码解决
2018-11-09 netty client 连接超时设置