grpc加密TLS初体验(go、java版本)

晓阳 · · 12662 次点击 · · 开始浏览    
这是一个创建于 的文章,其中的信息可能已经有所发展或是发生改变。

grpc加密TLS初体验(gojava版本)

grpc-gojava的安装编译helloworld可以参考如下文章

http://my.oschina.net/ysh3940/blog/403591

 

openssl的安装、生成秘钥证书可以参考如下文章

http://my.oschina.net/ysh3940/blog/464208

 

示例代码go版本

服务端代码

package main

 

import (

    "fmt"

    "log"

    "net"

 

    pb "github.com/grpc/grpc-common/go/helloworld"

    "golang.org/x/net/context"

    "google.golang.org/grpc"

    "google.golang.org/grpc/credentials"

)

 

const (

    port = ":50051"

)

 

type server struct{}

 

func (s *server) SayHello(ctx context.Context, in *pb.HelloRequest) (*pb.HelloReply, error) {

    fmt.Println("--->>> request name = ", in.Name)

    return &pb.HelloReply{Message: "--->>> Hello " + in.Name}, nil

}

 

func main() {

    lis, err := net.Listen("tcp", port)

    if err != nil {

        log.Fatalf("failed to listen: %v", err)

    }

    fmt.Println(">>> server is starting in 127.0.0.1 and port " + port + " >>>")

    s := grpc.NewServer()

    pb.RegisterGreeterServer(s, &server{})

 

    creds, err := credentials.NewServerTLSFromFile("D:/BaiduYunDownload/server1.pem", "D:/BaiduYunDownload/server1.key")

    if err != nil {

        fmt.Println("Failed to generate credentials: ", err)

    }

    s.Serve(creds.NewListener(lis))

}

 

客户端代码

package main
 
import (
    "log"
    "os"
 
    pb "github.com/grpc/grpc-common/go/helloworld"
    "golang.org/x/net/context"
    "google.golang.org/grpc"
    "google.golang.org/grpc/credentials"
)
 
const (
    address     = "127.0.0.1:50051"
    defaultName = "world"
)
 
func main() {
    var opts []grpc.DialOption
    var creds credentials.TransportAuthenticator
    var err error
    creds, err = credentials.NewClientTLSFromFile("D:/BaiduYunDownload/ca.pem", "x.test.youtube.com")
    if err != nil {
        log.Fatalf("Failed to create TLS credentials %v", err)
    }
    opts = append(opts, grpc.WithTransportCredentials(creds))
    conn, err := grpc.Dial(address, opts...)
 
    if err != nil {
        log.Fatalf("did not connect: %v", err)
    }
    log.Printf(">>> connect success >>>")
    defer conn.Close()
    c := pb.NewGreeterClient(conn)
 
    name := defaultName
    if len(os.Args) > 1 {
        name = os.Args[1]
    }
    r, err := c.SayHello(context.Background(), &pb.HelloRequest{Name: name})
    if err != nil {
        log.Fatalf("could not greet: %v", err)
    }
    log.Printf("Greeting: %s", r.Message)
}

 

示例代码java版本

服务端代码:

package io.grpc.examples.helloworld;

 

import io.grpc.ServerImpl;

import io.grpc.stub.StreamObserver;

import io.grpc.transport.netty.NettyServerBuilder;

import io.netty.handler.ssl.SslContext;

 

import java.io.File;

import java.util.logging.Logger;

 

public class HelloWorldServer {

    private static final Logger logger = Logger

           .getLogger(HelloWorldServer.class.getName());

 

    private int port = 50051;

    private ServerImpl server;

 

    private void start() throws Exception {

       @SuppressWarnings("deprecation")

       SslContext sslContext = SslContext.newServerContext(new File(

              "D:/BaiduYunDownload/server3.pem"), new File(

              "D:/BaiduYunDownload/server3_pkcs8.key"));

       server = NettyServerBuilder.forPort(port).sslContext(sslContext)

              .addService(GreeterGrpc.bindService(new GreeterImpl())).build()

              .start();

       logger.info("Server started, listening on " + port);

       Runtime.getRuntime().addShutdownHook(new Thread() {

           @Override

           public void run() {

              System.err

                     .println("*** shutting down gRPC server since JVM is shutting down");

              HelloWorldServer.this.stop();

              System.err.println("*** server shut down");

           }

       });

    }

 

    private void stop() {

       if (server != null) {

           server.shutdown();

       }

    }

 

    public static void main(String[] args) throws Exception {

       final HelloWorldServer server = new HelloWorldServer();

       server.start();

    }

 

    private class GreeterImpl implements GreeterGrpc.Greeter {

 

       @Override

       public void sayHello(HelloRequest req,

              StreamObserver<HelloResponse> responseObserver) {

           System.out.println("--->>> name = " + req.getName());

           HelloResponse reply = HelloResponse.newBuilder()

                  .setMessage("Hello " + req.getName()).build();

           responseObserver.onValue(reply);

           responseObserver.onCompleted();

       }

    }

 

}

 

客户端代码:

package io.grpc.examples.helloworld;

 

import io.grpc.ChannelImpl;

import io.grpc.transport.netty.NegotiationType;

import io.grpc.transport.netty.NettyChannelBuilder;

import io.netty.handler.ssl.SslContext;

 

import java.io.File;

import java.security.NoSuchAlgorithmException;

import java.util.concurrent.TimeUnit;

import java.util.logging.Level;

import java.util.logging.Logger;

 

import javax.net.ssl.SSLException;

 

public class HelloWorldClient {

    private static final Logger logger = Logger

           .getLogger(HelloWorldClient.class.getName());

 

    private final ChannelImpl channel;

    private final GreeterGrpc.GreeterBlockingStub blockingStub;

 

    public HelloWorldClient(String host, int port) throws SSLException,

           NoSuchAlgorithmException {

       @SuppressWarnings("deprecation")

       // 这里要注意下由于java版本的没有提供像go那样的可以指定域名

       // java版本源代码中把host传入作为证书域名

       // 域名是在证书生成的过程中自己输入的

SslContext sslContext = SslContext.newClientContext(new File(

              "D:/BaiduYunDownload/ca3.pem"));

       channel = NettyChannelBuilder.forAddress(host, port)

              .sslContext(sslContext).negotiationType(NegotiationType.TLS)

              .build();

       blockingStub = GreeterGrpc.newBlockingStub(channel);

    }

 

    public void shutdown() throws InterruptedException {

       channel.shutdown().awaitTerminated(5, TimeUnit.SECONDS);

    }

 

    public void greet(String name) {

       try {

           logger.info("Will try to greet " + name);

           HelloRequest request = HelloRequest.newBuilder().setName(name)

                  .build();

           HelloResponse response = blockingStub.sayHello(request);

           logger.info("Greeting: " + response.getMessage());

       } catch (RuntimeException e) {

           logger.log(Level.WARNING, "RPC failed", e);

           return;

       }

    }

 

    public static void main(String[] args) throws Exception {

       HelloWorldClient client = new HelloWorldClient("localhost", 50051);

       try {

           String user = "world";

           if (args.length > 0) {

              user = args[0];

           }

           client.greet(user);

       } finally {

           client.shutdown();

       }

    }

}

 

示例代码下载

http://pan.baidu.com/s/1pJFpTKR

 

http://pan.baidu.com/s/1o6l5Q6u

 



有疑问加站长微信联系(非本文作者)

本文来自:开源中国博客

感谢作者:晓阳

查看原文:grpc加密TLS初体验(go、java版本)

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

12662 次点击  
加入收藏 微博
2 回复  |  直到 2018-02-28 14:09:52
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传