DTLS

From air
Jump to navigation Jump to search

Datagram Transport Layer Security https://en.wikipedia.org/wiki/Datagram_Transport_Layer_Security

provides communications security for datagram protocols to prevent eavesdropping, tampering, or message forgery.


IETF Datagram Transport Layer Security Version 1.2, RFC 6347

API

Java

http://git.bouncycastle.org/repositories/bc-java


Node.js

Installer

git clone https://github.com/Rantanen/node-dtls.git
cd node-dtls/
npm install
cd example/

Modifier client.js


"use strict";

var dtls = require( '../' );
var fs = require( 'fs' );

var cpt=0;

dtls.setLogLevel( dtls.logLevel.FINE );

var client = dtls.connect( 4433, 'localhost', 'udp4', function() {
	console.log( 'Sending application data' );
    client.send( new Buffer( process.argv[2] +': cpt=' + (cpt++) +'\n' ) );
});

client.on( 'message', function( msg ) {
    console.log( 'Received application data' );
    console.log( msg.toString('utf8') );
    setTimeout(function() {
 		console.log( 'Sending application data' );
    	client.send( new Buffer( process.argv[2] +': cpt=' + (cpt++) +'\n' ) );
    }, 1000);
 });

Modifier server.js

"use strict";

var dtls = require( '../' );
var fs = require( 'fs' );

dtls.setLogLevel( dtls.logLevel.INFO );
var cert = fs.readFileSync( 'cert.pem' );
var key = fs.readFileSync( 'key.pem' );

var server = dtls.createServer({
    type: 'udp4',
    key: key,
    cert: cert
});
server.bind( 4433 );

server.on( 'secureConnection', function( socket ) {

    console.log( 'New connection from ' +
        [ socket.rinfo.address, socket.rinfo.port ].join(':') );

    socket.on( 'message', function( message ) {

        // Get the ascii encoded text content and trim whitespace at the end.
        var inText = message.toString( 'ascii' ).replace( /\s*$/, '' );
        var outText = '[ECHO]' + inText + '[/ECHO]';

        console.log( 'in:  ' + inText );
        console.log( 'out: ' + outText );
        socket.send( new Buffer( outText + '\n', 'ascii' ) );
    });
});


Générer un certificat en répondant aux questions

openssl req -newkey rsa:2048 -new -nodes -x509 -days 365 -keyout key.pem -out cert.pem

Exécuter dans un terminal 1

node server.js

Exécuter dans un terminal 2

node client.js CLIENT1


Exécuter dans un terminal 3

node client.js CLIENT2