20162307 实验五 网络编程与安全
北京电子科技学院(BESTI)
实 验 报 告
课程:程序设计与数据结构
班级:1623
姓名:张韵琪
学号:20162307
指导教师:娄佳鹏老师、王志强老师
实验日期:2017年6月5号
实验密级:非密级
实验时间:一周
必修/选修:必修
实验名称:网络编程与安全
实验仪器:电脑
实验目的与要求:
-
目的:
学习网络编程与安全 -
要求:
1.没有Linux基础的同学建议先学习《Linux基础入门(新版)》《Vim编辑器》 课程 2.完成实验、撰写实验报告,实验报告以博客方式发表在博客园,注意实验报告重点是运行结果,遇到的问题(工具查找,安装,使用,程序的编辑,调试,运行等)、解决办法(空洞的方法如“查网络”、“问同学”、“看书”等一律得0分)以及分析(从中可以得到什么启示,有什么收获,教训等)。报告可以参考范飞龙老师的指导 3. 严禁抄袭,有该行为者实验成绩归零,并附加其他惩罚措施。
实验内容、步骤
实验内容1
两人一组结对编程:
0. 参考http://www.cnblogs.com/rocedu/p/6766748.html#SECDSA
1. 结对实现中缀表达式转后缀表达式的功能 MyBC.java
2. 结对实现从上面功能中获取的表达式中实现后缀表达式求值的功能,调用MyDC.java
3. 上传测试代码运行结果截图和码云链接
实验步骤1
1.按照娄老师所给的博客, 博客链接:http://www.cnblogs.com/rocedu/p/6766748.html#SECDSA
2.实现中缀转后缀的MyBC的代码:
public class MyBC{
public static String toPostfix(String expr){
MyStack<String> stack = new MyStack<>(expr.length());
String postfix = "";
int i = 0;
while(i<expr.length()){
char ch = expr.charAt(i);
switch (ch){
case '+':
case '-':while(!stack.isEmpty() && !stack.get().equals("("))
postfix += stack.pop();
//postfix += " ";
stack.push(ch + "");
i++;
break;
case '*':
case '/':while (!stack.isEmpty() && (stack.get().equals("*")||stack.get().equals("/")))
postfix += stack.pop();
//postfix += " ";
stack.push(ch + "");
i++;
break;
case '(':stack.push(ch + "");
i++;
break;
case ')':String out = stack.pop();
while(out!=null && !out.equals("(")){
postfix += out;
out = stack.pop();
//postfix += " ";
}
i++;
break;
default:while(i < expr.length() && ch>='0' && ch<='9'){
postfix += ch;
i++;
if(i<expr.length())
ch = expr.charAt(i);
}
postfix += " ";
}
}
while (!stack.isEmpty())
postfix += stack.pop();
return postfix;
}
public interface SStack<T> {
boolean isEmpty();
void push(T x);
T pop();
T get();
}
public static class MyStack<T> implements SStack<T> {
private Object element[];
private int top;
public MyStack(int size){
this.element = new Object[Math.abs(size)];
this.top = -1;
}
public MyStack() {
this(64);
}
public boolean isEmpty() {
return this.top == -1;
}
public void push(T x) {
if(x==null)
return;
if(this.top == element.length-1){
Object[] temp = this.element;
this.element = new Object[temp.length*2];
for(int i = 0; i < temp.length; i++)
this.element[i] = temp[i];
}
this.top++;
this.element[this.top] = x;
}
public T pop() {
return this.top==-1 ? null:(T)this.element[this.top--];
}
public T get() {
return this.top==-1 ? null:(T)this.element[this.top];
}
}
}
能够求出后缀表达式的值的MyDC代码:
import java.util.*;
public class MyDC {
/**
* constant for addition symbol
*/
private final char ADD = '+';
/**
* constant for subtraction symbol
*/
private final char SUBTRACT = '-';
/**
* constant for multiplication symbol
*/
private final char MULTIPLY = '*';
/**
* constant for division symbol
*/
private final char DIVIDE = '/';
/**
* the stack
*/
private Stack <Integer> stack;
public int evaluate(String postfix) {
Stack <Integer> stack = new Stack ();
int i = 0, result = 0;
while (i < postfix.length ()) {
char ch = postfix.charAt ( i );
if (ch >= '0' && ch <= '9') {
result = 0;
while (ch != ' ') {
result = result * 10 + Integer.parseInt ( ch + "" );
i++;
ch = postfix.charAt ( i );
}
i++;
stack.push ( new Integer ( result ) );
} else {
int y = stack.pop ().intValue ();
int x = stack.pop ().intValue ();
switch (ch) {
case ADD:
result = x + y;
break;
case SUBTRACT:
result = x - y;
break;
case MULTIPLY:
result = x * y;
break;
case DIVIDE:
result = x / y;
}
stack.push ( new Integer ( result ) );
i++;
}
}
return stack.pop ().intValue ();
}
}
实验结果1
实验内容2
结对编程:1人负责客户端,一人负责服务器
0. 注意责任归宿,要会通过测试证明自己没有问题
1. 基于Java Socket实现客户端/服务器功能,传输方式用TCP
2. 客户端让用户输入中缀表达式,然后把中缀表达式调用MyBC.java的功能转化为后缀表达式,把后缀表达式通过网络发送给服务器
3. 服务器接收到后缀表达式,调用MyDC.java的功能计算后缀表达式的值,把结果发送给客户端
4. 客户端显示服务器发送过来的结果
5. 上传测试结果截图和码云链接
实验步骤2
1.了解学习Socket用法
2.我是客户端,所以要在此行代码中写出服务器的IP与端口
Socket socket = new Socket ( "172.16.43.118", 1428 ); //IP与端口
端口是自己设置,要保证客户端的端口和服务器的端口一致,IP是服务器的IP
3.ClientSide代码:
package shiyan1;
/**
* Created by zhangyunqi on 2017/6/8.
*/
import java.net.*;
import java.io.*;
public class ClientSide {
public static void main(String srgs[]) {
try {
//创建连接特定服务器的指定端口的Socket对象
Socket socket = new Socket("172.16.43.118", 1428);
//获得从服务器端来的网络输入流
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
//获得从客户端向服务器端输出数据的网络输出流
PrintWriter out=new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())),true);
//创建键盘输入流,以便客户端从键盘上输入信息
BufferedReader stdin = new BufferedReader(new InputStreamReader(System.in));
System.out.println ( "客户端启动啦!" );
System.out.print("输入中缀表达式:");
String str=stdin.readLine(); //从键盘读入待发送的数据
String postfix = MyBC.toPostfix(str);
out.println(postfix); //通过网络传送到服务器
str=in.readLine();//从网络输入流读取结果
System.out.println( "传过来的答案:"+str); //输出服务器返回的结果
}
catch (Exception e) {
System.out.println(e);
}
finally{
}
}
}
实验结果2
实验内容3
加密结对编程:1人负责客户端,一人负责服务器
0. 注意责任归宿,要会通过测试证明自己没有问题
1. 基于Java Socket实现客户端/服务器功能,传输方式用TCP
2. 客户端让用户输入中缀表达式,然后把中缀表达式调用MyBC.java的功能转化为后缀表达式,把后缀表达式用3DES或AES算法加密后通过网络把密文发送给服务器
3. 服务器接收到后缀表达式表达式后,进行解密(和客户端协商密钥,可以用数组保存),然后调用MyDC.java的功能计算后缀表达式的值,把结果发送给客户端
4. 客户端显示服务器发送过来的结果
5. 上传测试结果截图和码云链接
实验步骤3
ClientSide代码:
public class ClientSide {
public static void main(String srgs[]) throws Exception {
try {
KeyGenerator kg = KeyGenerator.getInstance("DESede");
kg.init(168);
SecretKey k = kg.generateKey();
byte[] ptext2 = k.getEncoded();
Socket socket = new Socket("192.168.199.147", 442);
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())), true);
BufferedReader stdin = new BufferedReader(new InputStreamReader(System.in));
//RSA算法,使用服务器端的公钥对DES的密钥进行加密
FileInputStream f3 = new FileInputStream("Skey_RSA_pub.dat");
ObjectInputStream b2 = new ObjectInputStream(f3);
RSAPublicKey pbk = (RSAPublicKey) b2.readObject();
BigInteger e = pbk.getPublicExponent();
BigInteger n = pbk.getModulus();
BigInteger m = new BigInteger(ptext2);
BigInteger c = m.modPow(e, n);
String cs = c.toString();
out.println(cs);
System.out.print("输入中缀表达式:");
//用DES加密明文得到密文
String s = stdin.readLine(); // 从键盘读入待发送的数据
String postfix = MyBC.toPostfix(s);
Cipher cp = Cipher.getInstance("DESede");
cp.init(Cipher.ENCRYPT_MODE, k);
byte ptext[] = postfix.getBytes("UTF8");
byte ctext[] = cp.doFinal(ptext);
String str = parseByte2HexStr(ctext);
System.out.print("密文:");
out.println(str); // 通过网络将密文传送到服务器
//将十六进制转换成二进制
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
}
实验结果3
实验内容4
密钥分发结对编程:1人负责客户端,一人负责服务器
0. 注意责任归宿,要会通过测试证明自己没有问题
1. 基于Java Socket实现客户端/服务器功能,传输方式用TCP
2. 客户端让用户输入中缀表达式,然后把中缀表达式调用MyBC.java的功能转化为后缀表达式,把后缀表达式用3DES或AES算法加密通过网络把密文发送给服务器
3. 客户端和服务器用DH算法进行3DES或AES算法的密钥交换
4. 服务器接收到后缀表达式表达式后,进行解密,然后调用MyDC.java的功能计算后缀表达式的值,把结果发送给客户端
5. 客户端显示服务器发送过来的结果
6. 上传测试结果截图和码云链接
实验步骤4
import java.io.*;
import java.math.*;
import java.security.*;
import javax.crypto.spec.*;
public class Key1 {
private static final byte skip1024ModulusBytes[] = {
(byte)0xF4, (byte)0x88, (byte)0xFD, (byte)0x58,
(byte)0x4E, (byte)0x49, (byte)0xDB, (byte)0xCD,
(byte)0x20, (byte)0xB4, (byte)0x9D, (byte)0xE4,
(byte)0x91, (byte)0x07, (byte)0x36, (byte)0x6B,
(byte)0x33, (byte)0x6C, (byte)0x38, (byte)0x0D,
(byte)0x45, (byte)0x1D, (byte)0x0F, (byte)0x7C,
(byte)0x88, (byte)0xB3, (byte)0x1C, (byte)0x7C,
(byte)0x5B, (byte)0x2D, (byte)0x8E, (byte)0xF6,
(byte)0xF3, (byte)0xC9, (byte)0x23, (byte)0xC0,
(byte)0x43, (byte)0xF0, (byte)0xA5, (byte)0x5B,
(byte)0x18, (byte)0x8D, (byte)0x8E, (byte)0xBB,
(byte)0x55, (byte)0x8C, (byte)0xB8, (byte)0x5D,
(byte)0x38, (byte)0xD3, (byte)0x34, (byte)0xFD,
(byte)0x7C, (byte)0x17, (byte)0x57, (byte)0x43,
(byte)0xA3, (byte)0x1D, (byte)0x18, (byte)0x6C,
(byte)0xDE, (byte)0x33, (byte)0x21, (byte)0x2C,
(byte)0xB5, (byte)0x2A, (byte)0xFF, (byte)0x3C,
(byte)0xE1, (byte)0xB1, (byte)0x29, (byte)0x40,
(byte)0x18, (byte)0x11, (byte)0x8D, (byte)0x7C,
(byte)0x84, (byte)0xA7, (byte)0x0A, (byte)0x72,
(byte)0xD6, (byte)0x86, (byte)0xC4, (byte)0x03,
(byte)0x19, (byte)0xC8, (byte)0x07, (byte)0x29,
(byte)0x7A, (byte)0xCA, (byte)0x95, (byte)0x0C,
(byte)0xD9, (byte)0x96, (byte)0x9F, (byte)0xAB,
(byte)0xD0, (byte)0x0A, (byte)0x50, (byte)0x9B,
(byte)0x02, (byte)0x46, (byte)0xD3, (byte)0x08,
(byte)0x3D, (byte)0x66, (byte)0xA4, (byte)0x5D,
(byte)0x41, (byte)0x9F, (byte)0x9C, (byte)0x7C,
(byte)0xBD, (byte)0x89, (byte)0x4B, (byte)0x22,
(byte)0x19, (byte)0x26, (byte)0xBA, (byte)0xAB,
(byte)0xA2, (byte)0x5E, (byte)0xC3, (byte)0x55,
(byte)0xE9, (byte)0x2F, (byte)0x78, (byte)0xC7
};
// The SKIP 1024 bit modulus
private static final BigInteger skip1024Modulus
= new BigInteger(1, skip1024ModulusBytes);
// The base used with the SKIP 1024 bit modulus
private static final BigInteger skip1024Base = BigInteger.valueOf(2);
public static void main(String args[ ]) throws Exception{
DHParameterSpec DHP=
new DHParameterSpec(skip1024Modulus,skip1024Base);
KeyPairGenerator kpg= KeyPairGenerator.getInstance("DH");
kpg.initialize(DHP);
KeyPair kp=kpg.genKeyPair();
PublicKey pbk=kp.getPublic();
PrivateKey prk=kp.getPrivate();
// 保存公钥
FileOutputStream f1=new FileOutputStream(args[0]);
ObjectOutputStream b1=new ObjectOutputStream(f1);
b1.writeObject(pbk);
// 保存私钥
FileOutputStream f2=new FileOutputStream(args[1]);
ObjectOutputStream b2=new ObjectOutputStream(f2);
b2.writeObject(prk);
}
}
/**
* Created by zhangyunqi on 2017/6/8.
*/
import java.io.*;
import java.math.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import javax.crypto.interfaces.*;
public class Key2{
public static void main(String args[ ]) throws Exception{
// 读取对方的DH公钥
FileInputStream f1=new FileInputStream(args[0]);
ObjectInputStream b1=new ObjectInputStream(f1);
PublicKey pbk=(PublicKey)b1.readObject( );
//读取自己的DH私钥
FileInputStream f2=new FileInputStream(args[1]);
ObjectInputStream b2=new ObjectInputStream(f2);
PrivateKey prk=(PrivateKey)b2.readObject( );
// 执行密钥协定
KeyAgreement ka=KeyAgreement.getInstance("DH");
ka.init(prk);
ka.doPhase(pbk,true);
//生成共享信息
byte[ ] sb=ka.generateSecret();
for(int i=0;i<sb.length;i++){
System.out.print(sb[i]+",");
}
SecretKeySpec k=new SecretKeySpec(sb,"DESede");
}
}
实验结果4:
实验内容5
完整性校验结对编程:1人负责客户端,一人负责服务器
0. 注意责任归宿,要会通过测试证明自己没有问题
1. 基于Java Socket实现客户端/服务器功能,传输方式用TCP
2. 客户端让用户输入中缀表达式,然后把中缀表达式调用MyBC.java的功能转化为后缀表达式,把后缀表达式用3DES或AES算法加密通过网络把密文和明文的MD5値发送给服务器
3. 客户端和服务器用DH算法进行3DES或AES算法的密钥交换
4. 服务器接收到后缀表达式表达式后,进行解密,解密后计算明文的MD5值,和客户端传来的MD5进行比较,一致则调用MyDC.java的功能计算后缀表达式的值,把结果发送给客户端
5. 客户端显示服务器发送过来的结果
6. 上传测试结果截图和码云链接
实验步骤5
import java.net.*;
import java.io.*;
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.spec.*;
import javax.crypto.interfaces.*;
import java.security.interfaces.*;
import java.math.*;
public class ClientSide {
public static void main(String srgs[]) throws Exception {
try {
KeyGenerator kg = KeyGenerator.getInstance("DESede");
kg.init(168);
SecretKey k = kg.generateKey();
byte[] ptext2 = k.getEncoded();
Socket socket = new Socket("192.168.199.147", 888);
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(socket.getOutputStream())), true);
BufferedReader stdin = new BufferedReader(new InputStreamReader(System.in));
//RSA算法,使用服务器端的公钥对DES的密钥进行加密
FileInputStream f3 = new FileInputStream("Skey_RSA_pub.dat");
ObjectInputStream b2 = new ObjectInputStream(f3);
RSAPublicKey pbk = (RSAPublicKey) b2.readObject();
BigInteger e = pbk.getPublicExponent();
BigInteger n = pbk.getModulus();
BigInteger m = new BigInteger(ptext2);
BigInteger c = m.modPow(e, n);
String cs = c.toString();
out.println(cs); // 通过网络将加密后的秘钥传送到服务器
System.out.print("输入中缀表达式:");
//用DES加密明文得到密文
String s = stdin.readLine(); // 从键盘读入待发送的数据
String postfix = MyBC.toPostfix(s);
Cipher cp = Cipher.getInstance("DESede");
cp.init(Cipher.ENCRYPT_MODE, k);
byte ptext[] = postfix.getBytes("UTF8");
byte ctext[] = cp.doFinal(ptext);
String str = parseByte2HexStr(ctext);
System.out.print ( "密文:" );
out.println(str); // 通过网络将密文传送到服务器
// 将客户端明文的Hash值传送给服务器
String x = postfix;
MessageDigest m2 = MessageDigest.getInstance("MD5");
m2.update(x.getBytes());
byte a[] = m2.digest();
String result = "";
for (int i = 0; i < a.length; i++) {
result += Integer.toHexString((0x000000ff & a[i]) | 0xffffff00).substring(6);
}
System.out.println(result);
out.println(result);//通过网络将明文的Hash函数值传送到服务器
str = in.readLine();// 从网络输入流读取结果
System.out.println("传过来的答案:" + str); // 输出服务器返回的结果
} catch (Exception e) {
System.out.println(e);//输出异常
} finally {
}
}
//将十六进制转换成二进制
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
}
实验结果5
统计自己的PSP(Personal Software Process)时间
| 步骤 | 耗时 | 百分比 |
|---|---|---|
| 需求分析 | 90min | 16.7% |
| 代码实现 | 240min | 44.4% |
| 测试 | 150min | 27.8% |
| 分析总结 | 60min | 11.1% |
实验总结与体会
此次的结对编程中,我负责的是客户端,我的结对小伙伴石亚鑫20162303负责的是服务器。