[网络协议]TLS/SSL通信基于NodeJS16

需求

基于node.js的客户端和服务端采用安全传输层进行通信，通信机制基于TLS/SSL，通信报文在传输层为密文传输，双方收发的消息为明文。

客户端发送消息(“hello world!”)给服务端，服务端显示客户端消息，客户端发送 "exit" 或者 "quit"时，服务端发送关闭状态消息(“ByeBye!”)给客户端，客户端收到关闭状态也关闭连接，并回应服务端已关闭(“Bye!”)，服务端收到关闭消息后关闭服务端连接（end），同时关闭服务器（close）。

服务端

// server.js
const tls = require('node:tls');
const fs = require('node:fs');

const options = {
  key: fs.readFileSync('server-key.pem'),//服务端私钥
  cert: fs.readFileSync('server-cert.pem'),//服务端自签名证书

  // This is necessary only if using client certificate authentication.
  requestCert: true,

  // This is necessary only if the client uses a self-signed certificate.
  ca: [ fs.readFileSync('client-cert.pem') ],//客户端自签名证书
};

const server = tls.createServer(options, (socket) => {
  console.log('server connected',
              socket.authorized ? 'authorized' : 'unauthorized');
  socket.write('welcome!\n');
  socket.setEncoding('utf8');
  socket.on('data',(data)=>{
    console.log(data);
    if(data === 'exit\r\n' || data === 'quit\r\n'){
      socket.write('ByeBye!');
    }
  })
  socket.on('error',(err)=>{
    console.log('inner error!\n',err);
  })
  socket.on('end',()=>{
    console.log('end');
    socket.end();
    server.close();
  })
  socket.pipe(socket);
});
server.listen(8000, () => {
  console.log('server bound');
});

客户端

// client.js
// Assumes an echo server that is listening on port 8000.
const tls = require('node:tls');
const fs = require('node:fs');

const options = {
  // Necessary only if the server requires client certificate authentication.
  key: fs.readFileSync('client-key.pem'),//客户端私钥
  cert: fs.readFileSync('client-cert.pem'),//客户端自签名证书

  // Necessary only if the server uses a self-signed certificate.
  ca: [ fs.readFileSync('server-cert.pem') ],//服务端自签名证书

  // Necessary only if the server's cert isn't for "localhost".
  checkServerIdentity: () => { return null; },
};

const socket = tls.connect(8000, options, () => {
  console.log('client connected',
              socket.authorized ? 'authorized' : 'unauthorized');
  process.stdin.pipe(socket);
  process.stdin.resume();
});
socket.setEncoding('utf8');
socket.on('data', (data) => {
  console.log(data);
  if(data==='ByeBye!'){
    socket.end('Bye!\n');
  }
});
socket.on('end', () => {
  console.log('server ends connection');
});
socket.on('error',(err)=>{
  console.log('server error!\n')
})

运行结果

服务端

客户端