֪ʶ: UDP¡¢RPC¡¢TCP£¬Êý×ÖÇ©ÃûºÍRSA¼ÓÃÜ (·Ö²¼Ê½ÏµÍ³¿Î³Ì) ÓïÑÔ:Java (IntelliJÈí¼þ)
´ËÏîÄ¿°üº¬5¸ö¶ÀÁ¢²»Í¬µÄÈÎÎñ¡£Ö÷ÒªÄÚÈÝÊÇÉè¼Æ·þÎñÆ÷(Server)À´´¦ÀíÒ»¸ö¿Í»§(Client)ÔÚÒ»¸ö ʱ¼äµÄrequest¡£¶àÏ̷߳þÎñÆ÷ͬʱ´¦Àí¼¸¸örequest²»ÊDZØÐèµÄ¡£Í¬Ê±ÎÒÃǶ¼¼ÙÉè·þÎñÆ÷ÔÚ¿Í»§ ¶ËÔËÐÐ֮ǰÔËÐС£Èç¹ûÕâЩҪÇó¶¼Ã»ÓÐÃ÷È·ÒªÇóij¸ö¹¦ÄÜ£¬Ôò²»ÐèÒªÉè¼ÆÕâЩ¹¦ÄÜ¡£
(1) ¶Ô(EchoServerUDP.javaºÍEchoClientUDP.javaÎļþ½øÐÐÒÔÏÂÐÞ¸Ä(ÎļþÁ´½ÓÈçÏÂ:) (http://www.andrew.cmu.edu/course/95-702/examples/sockets/)
(a) ¸Ä±ä¸Ã¿Í»§¶Ë(Client)µÄ¡° ARG [ 0]¡±£¬±ä³ÉÒ»¸öÓ²±àÂë³öÀ´µÄ¡±Localhost¡±
(b) ¶Ô¿Í»§¶ËºÍËùÊö·þÎñÆ÷(Server)½øÐмǼ¡£ÃèÊöÿһÐдúÂëµÄ¹¦ÄÜ
(c) ÔÚ¿Í»§¶Ë¶¥²¿Ìí¼ÓÒ»ÐУ¬ÒÔ±ãÔÚÆô¶¯Ê±Í¨¹ý´òÓ¡Ò»ÌõÏûÏ¢Ðû²¼¡°¿Í»§¶ËÕýÔÚÔËÐÐ(Client
Running)¡±
(d) ÔÚ·þÎñÆ÷¶¥²¿Ìí¼ÓÒ»ÐУ¬ÒÔ±ãÔÚÆô¶¯Ê±Í¨¹ý´òÓ¡Ò»ÌõÏûÏ¢Ðû²¼¡°·þÎñÆ÷ÕýÔÚÔËÐÐ(Server
Running)¡±
(e) ¶Ô·þÎñÆ÷´úÂë½øÐжîÍâµÄÐ޸ģ¬ÒԱ㽫ÇëÇó(request)Êý¾Ý¸´ÖƵ½¾ßÓÐÕýÈ·×Ö½ÚÊý(bytes)µÄ
Êý×é(array)ÖС£Ê¹ÓÃÕâ¸ö×Ö½ÚÊý×é(array)¹¹½¨ÕýÈ·´óСµÄ×Ö·û´®(String)¡£Èç¹û²»½øÐÐÕâ ЩÐ޸ģ¬Ôò¿ÉÄÜÔÚÿ´Î·ÃÎÊʱÏÔʾβËæµÄÁã×Ö½Ú(trailing zero bytes)¡£Ã¿´Î·ÃÎÊʱ£¬·þÎñ Æ÷½«ÏÔʾÀ´×Ô¿Í»§¶ËµÄÇëÇó(request)
(f) Èç¹û¿Í»§¶ËÊäÈëÃüÁî¡°quit(Í˳ö)!¡±£¬¿Í»§¶ËºÍ·þÎñÆ÷¶¼½«Í£Ö¹Ö´ÐС£µ±¿Í»§¶ËÊäÈë ¡°quit!¡±£¬Ëü·¢ËÍ¡°quit!¡±µÄÖ¸Áîµ½·þÎñÆ÷£¬µ«²»µÈ´ýÈκδð¸´
(g) ÔÚ¿Í»§¶ËÖÐÌí¼ÓÒ»ÐдúÂ룬ÒÔ±ãÔÚ¿Í»§Í˳öµÄʱºò·¢³ö֪ͨµÄÏûÏ¢
(h) ÔÚ·þÎñÆ÷ÖÐÌí¼ÓÒ»ÐУ¬ÒÔ±ãËü֪ͨºÎʱÍ˳ö¡£Ö»Óе±¿Í»§¶ËÒªÇó·þÎñÆ÷Í˳öʱ£¬·þÎñÆ÷²ÅÍ˳ö
(i) ÔÚʣϵÄÈÎÎñÖУ¬ÎÒÃDz»Ïò¿Í»§¶ËÌṩֹͣ·þÎñÆ÷µÄÄÜÁ¦¡£·þÎñÆ÷ÓÀÔ¶±£³ÖÔËÐÐ״̬¡£
(2) Ð޸ĺÍÖØÃüÃûEchoServerUDP¡£javaºÍEchoClientUDP.java¡£
(a) ·þÎñÆ÷½«³ÖÓÐÒ»¸öÕûÊýÖµ(ÇóºÍºóËùµÃ)£¬½«Æä³õʼ»¯Îª0£¬²¢½«½ÓÊÕÀ´×Ô¿Í»§¶ËµÄÇëÇó
(request)¡ªÃ¿¸öÇëÇ󶼰üº¬Ò»¸öÒªÌí¼Óµ½ÇóºÍ¼ÆËãÖеÄÖµ¡£¶ÔÓÚÿ¸öÇëÇó£¬×÷Ϊ¶Ô¿Í»§»ú µÄÏìÓ¦£¬·þÎñÆ÷½«·µ»ØеÄ×ܺ͡£ÔÚ·þÎñÆ÷¶Ë¿ØÖÆ̨(console)ÖУ¬Ã¿´Î¿Í»§¶Ë·ÃÎÊʱ£¬¶¼ »áÏÔʾеÄ×ܺ͡£
(b) ÔÚ¿Í»§¶Ë·ÖÀë¹Ø×¢µã(concerns)¡£ÔÚ¿Í»§¶ËÉÏ£¬ËùÓÐͨÐÅ´úÂ붼½«·ÅÔÚÃûΪ¡°add¡±µÄ·½·¨ (method)ÖС£»»¾ä»°Ëµ£¬¿Í»§¶ËµÄÖ÷·½·¨(main method)ûÓÐÓë·þÎñÆ÷½»»¥Ïà¹ØµÄ´úÂë¡£ Ïà·´£¬Ö÷Àý³Ì(main routine)½«¼òµ¥µØcallÒ»¸öÃûΪ¡°add¡±µÄ±¾µØ·½·¨¡£¡°add¡±·½·¨½«²» Ö´ÐÐÈκÎÌí¼Ó¼ÆË㣬Ïà·´£¬Ëü½«ÇëÇó·þÎñÆ÷Ö´ÐÐÌí¼ÓµÄÔËËã¡£¡°add¡±·½·¨½«·â×° (encapsulate)»òÒþ²Ø(hide)Óë·þÎñÆ÷µÄËùÓÐͨÐÅ¡£ÔÚ¡°add¡±·½·¨ÖУ¬ÎÒÃÇʵ¼ÊʹÓà socket¡£ÕâÊÇËùνµÄ¡°´úÀíÉè¼Æ¡±(proxy design)¡£¡°add¡±·½·¨ÓÃ×÷·þÎñÆ÷µÄ´úÀí (proxy)¡£
(c) ±àдһ¸ö¿Í»§»ú¶Ë£¬Ëü½«Ïò·þÎñÆ÷·¢ËÍ1000ÌõÏûÏ¢ÒÔ¼ÆËã1+2+3+..+1000µÄ×ܺ͡£ÓÉÓÚÎÒ ÃÇʹÓôúÀíÉè¼Æ£¬¿Í»§¶ËÖ÷Àý³Ì(main routine)½«callËüµÄ±¾µØ¡°add¡±·½·¨1000´Î¡£ ¡°add¡±·½·¨Êµ¼ÊÉϽ«ÏûÏ¢·¢Ë͵½·þÎñÆ÷¡£ÔÚ¿Í»§¶ËÏòÓû§ÏÔʾ×îÖÕ¼ÆËãµÄ½á¹û¡£²»ÐèÒªÔÚ¿Í »§¶ËÏÔʾ²¿·ÖµÄ×ܺ͡£Èç¹ûÄúÔÙ´ÎÔËÐпͻ§»ú£¬Ëü½«Ê¹ÓõÚÒ»¸ö¿Í»§¶ËÁôÔÚ·þÎñÆ÷ÉϵÄ×Ü ºÍ¡£Ò²¾ÍÊÇ˵£¬·þÎñÆ÷ÈÔÈ»ÊǻµÄ£¬¿ÉÒÔʹÓá£
(3) ÐÞ¸Ä(2)ÖеŤ×÷£¬ÒÔ±ã¿Í»§¶Ë¿ÉÒÔÇëÇó(request)·þÎñÆ÷Ö´ÐС°Ìí¼Ó(add)¡±»ò¡°¼õÈ¥ (substract)¡±»ò¡°²é¿´(view)¡±²Ù×÷¡£´ËÍ⣬ÿ¸öÇëÇ󶼽«´«µÝÒ»¸öÕûÊýID¡£Òò´Ë£¬¿Í»§¶Ë½«
ÐγÉÒ»¸ö°ü(packet)£¬ÆäÖаüº¬ÒÔÏÂÖµ:ID¡¢²Ù×÷(Ìí¼Ó»ò¼õÈ¥»ò²é¿´)ºÍ¼ÆËãÖµ(Èç¹û²Ù×÷²»ÊÇÊÓ Í¼)¡£·þÎñÆ÷½«ÔÚÿ¸öÇëÇóÖÐÕÒµ½µÄIDÖ´ÐÐÕýÈ·µÄ¼ÆËã(¼Ó£¬¼õ»ò²é¿´)¡£¿Í»§¶Ë½«Óɲ˵¥Çý¶¯£¬ ²¢½«·´¸´Ñ¯ÎÊÓû§Óû§ID¡¢²Ù×÷ºÍ¼ÆËãÖµ(Èç¹û²»ÊÇÊÓͼÇëÇó)¡£µ±²Ù×÷ÊÇ¡°ÊÓͼ¡±Ê±£¬½«·µ»Ø·þ ÎñÆ÷ÉϵÄÖµ¡£µ±²Ù×÷ÊÇ¡°¼Ó¡±»ò¡°¼õ¡±Ê±£¬·þÎñÆ÷Ö´ÐиòÙ×÷²¢¼òµ¥µØ·µ»Ø¡°OK¡±µÄÏûÏ¢¡£ÔÚ Ö´ÐÐÆڼ䣬¿Í»§»ú½«ÏòÓû§ÏÔʾ·þÎñÆ÷·µ»ØµÄÿ¸öÖµ¡£·µ»ØµÄֵҪôÊÇ¡°OK¡±£¬ÒªÃ´ÊÇÒ»¸öÖµ (Èç¹û·¢³öÁËÊÓͼÇëÇó)¡£Èç¹û·þÎñÆ÷½ÓÊÕµ½ÒÔǰûÓп´µ½¹ýµÄID£¬Ôò¸ÃID½«Ó롱½«0ÇóºÍ¡±Ïà ¹Ø¡£
×¢Òâ:ÔÚ·þÎñÆ÷ÉÏ£¬ÐèÒª½«Ã¿¸öIDÓ³Éä(map)µ½ºÍ(sum)µÄÖµ¡£¿ÉÒÔÌṩ²»Í¬µÄID£¬Ã¿¸öID¶¼ÓÐ×Ô¼º µÄºÍ¡£·þÎñÆ÷ÊÂÏȲ»ÖªµÀ¿Í»§»ú½«ÏòËü´«ÊäʲôID¡£¿ÉÒÔ¼ÙÉèIDÊÇÕýÕûÊý¡£¿Í»§¶Ë²Ëµ¥½«Ìṩһ¸öÑ¡ ÏîÀ´Í˳ö¿Í»§¶Ë¡£Õâ¶Ô·þÎñÆ÷ûÓÐÓ°Ï졣ʹÓôúÀíÉè¼ÆÀ´·â×°(encapsulate)ͨÐÅ´úÂë¡£
(4) Õ⼸ºõÓëÈÎÎñ3Ïàͬ¡£Î¨Ò»µÄÇø±ðÊÇÄú½«Ê¹ÓÃTCP¶ø²»ÊÇUDP¡£ÐÞ¸ÄEchoServerTCP.javaºÍ EchoClientTCP.javaÎļþ¡£
(ÎļþÔÚhttp://www.andrew.cmu.edu/course/95-702/examples/sockets/) ʹÓôúÀíÉè¼ÆÀ´·â×°(encapsulate)ͨÐÅ´úÂë¡£
(5)¶ÔTask 4ÖеŤ×÷½øÐÐÒÔÏÂÐÞ¸Ä:
(a) ÿ´Î¿Í»§¶ËÔËÐÐʱ£¬Ëü¶¼»á´´½¨ÐµÄRSA¹«Ô¿(public key)ºÍ˽Կ(private key)¡£¾ßÌåÄÚÈÝ Çë²ÎÕÕRSAExample.javaÎļþ¡£ÔÚ´´½¨ÕâЩÃÜÔ¿Ö®ºó£¬Ëü½«Óë·þÎñÆ÷½øÐн»»¥¡£
(http://www.andrew.cmu.edu/course/95702/examples/security/RSAExample.jav
a)
(b) ¿Í»§¶ËµÄID½«Í¨¹ý»ñÈ¡¿Í»§»ú¹«Ô¿µÄÉ¢ÁÐ(hash)ÖÐ×î²»ÖØÒªµÄ20¸ö×Ö½Ú(bytes)À´Ðγɡ£×¢
Òâ:RSA¹«Ô¿ÊÇeºÍn¶Ô¡£ÔÚ½øÐйþÏ£(hash)֮ǰ£¬Äú¿ÉÄÜ»á¾ö¶¨½«ÕâÁ½¸öÕûÊýºÏ²¢ÔÚÒ»Æð¡£Óë
(4)²»Í¬£¬ÎÒÃDz»ÔÙÌáʾÓû§ÊäÈëID¡ªÎÒÃǽ«IDÔÚ¿Í»§»ú´úÂëÖмÆËã¡£ËüÀ´×ÔÓÚ×Ô¹«Ô¿¡£
(c) ÓëÒÔÇ°Ò»Ñù£¬¿Í»§¶Ë½«Êǽ»»¥Ê½ºÍ²Ëµ¥Çý¶¯µÄ¡£Ëü½«Ïò·þÎñÆ÷·¢ËÍÌí¼Ó£¬¼õÈ¥»ò²é¿´ÇëÇó£¬ÒÔ
¼°ÔÚ(b)ÖмÆËãµÄIDºÍÍ˳öÑ¡ÏîµÄÐÅÏ¢¡£
(d) ¿Í»§¶Ë»¹½«ÔÚÿ¸öÇëÇóÖд«ÊäÆ乫Կ¡£Í¬Ñù£¬Çë×¢Òâ´Ë¼üÊÇeºÍnµÄ×éºÏ¡£ÕâЩֵ½«Ã÷ÎÄ´«Êä
(transmitted in the clear)£¬²¢ÓÉ·þÎñÆ÷ʹÓá£
(e) ×îºó£¬¿Í»§¶Ë½«Ç©Êðÿ¸öÇëÇó¡£Òò´Ë£¬Í¨¹ýʹÓÃËüµÄ˽Կ(dºÍn)£¬¿Í»§¶Ë½«¼ÓÃÜ·¢Ë͵½·þÎñÆ÷
µÄ¹þÏ£¼ÓÃܵÄÏûÏ¢¡£Ç©Ãû½«±»Ìí¼Óµ½Ã¿¸öÇëÇóÖС£ÖØÒªµÄÊÇ£¬Ê¹¹þϣɢÁÐ(Ç©Ãû֮ǰ)´´½¨µÄ´ó
ÕûÊý(big integer)±ØÐëÊÇÕýÊý¡£Ïê¼ûBabySignºÍBabyVerify¡£
(f) ·þÎñÆ÷½«ÔÚ·þÎñÈκοͻ§¶ËÇëÇó֮ǰ½øÐÐÁ½´Î¼ì²é¡£Ê×ÏÈ£¬¹«Ô¿(°üº¬ÔÚÿ¸öÇëÇóÖÐ)ÊÇ·ñÉ¢ÁÐ
(hash)µ½ID(Ò²°üº¬ÔÚÿ¸öÇëÇóÖÐ)?µÚ¶þ£¬ÇëÇóµÄÇ©ÃûÊÇ·ñÕýÈ·?Èç¹ûÕâÁ½¸öÖµ¶¼ÎªÕ棬ÔòÇëÇó ½«´ú±í¿Í»§¶ËÖ´ÐС£·þÎñÆ÷½«Ìí¼Ó¡¢¼õÈ¥»ò²é¿´¡£·ñÔò£¬·þÎñÆ÷·µ»ØÏûÏ¢¡°Error in request¡±¡£
(g) ¿´µ½BabyVerify.javaºÍBabySign.javaÎļþ¡£ÔÚ¼ÆËã³öÇ©Ãû(signature)֮ǰ£¬ÄúÐèÒªÀí½â ÕâЩ´úÂë¡£µ«ÊÇ£¬ÄúµÄ½â¾ö·½°¸²»»áʹÓÃÉÏÃæ¾ÙÀý˵Ã÷µÄ¶ÌÏûÏ¢·½·¨¡£ÎÒÃÇûÓÐʹÓÃÈκÎJava crypto API¡£
(h) ÎÒÃǽ«¶Ô¹þÏ£º¯Êýh()ʹÓÃSHA-256¡£½øÒ»²½³ÎÇå:
¿Í»§¶Ë½«·¢ËÍid: last20BytesOf(h(e+n))|¹«Ô¿:eºÍn in The clear | ²Ù×÷(Ìí¼Ó¡¢²é¿´»ò¼õÈ¥)| ²Ù ×÷Êý(operand)ºÍÇ©ÃûE (h(all prior tokens(ËùÓÐ֮ǰµÄtoken),d)¡£Òò´Ë£¬Ç©ÃûÊÇÒ»¸ö¼ÓÃܵÄÉ¢ÁÐ (hash)¡£ËüʹÓÃdºÍn¡ª¡ª¿Í»§¶ËµÄ˽Կ½øÐмÓÃÜ¡£E´ú±í±ê×¼µÄRSA¼ÓÃÜ¡£º¯Êýh(e+n)ÊÇeºÍnºÏ²¢ Á¬½ÓµÄÉ¢ÁÐ(hash)¡£ÔÚÒ»¸ö¿Í»§¶Ë»á»°Æڼ䣬ID×ÜÊÇÏàͬµÄ¡£Èç¹û¿Í»§¶ËÍ˳ö²¢ÖØÐÂÆô¶¯£¬Ëü½«ÓµÓÐ Ò»¸öеÄID²¢½øÐÐеÄÇóºÍ²Ù×÷¡£·þÎñÆ÷±£³ÖÔËÐв¢ÔÚ¿Í»§¶ËÖØÆôºó¼ÌÐøÔËÐС£×¢ÒâʹÓôúÀíÉè¼ÆÀ´ ·âװͨ