是否可以使用 node-forge 从浏览器中创建 TLS 连接?我基本上是想测试/验证 TLS 握手并简单地在浏览器中输出有关它的信息。 Node-forge 看起来像是一个 javascript tls 实现,但不确定是否可以在浏览器中执行我想要的操作,因为主要看起来它与 Node 一起工作。
var socket = new net.Socket();
var client = forge.tls.createConnection({
server: false,
verify: function(connection, verified, depth, certs) {
// skip verification for testing
console.log('[tls] server certificate verified');
return true;
},
connected: function(connection) {
console.log('[tls] connected');
// prepare some data to send (note that the string is interpreted as
// 'binary' encoded, which works for HTTP which only uses ASCII, use
// forge.util.encodeUtf8(str) otherwise
client.prepare('GET / HTTP/1.0\r\n\r\n');
},
tlsDataReady: function(connection) {
// encrypted data is ready to be sent to the server
var data = connection.tlsData.getBytes();
socket.write(data, 'binary'); // encoding should be 'binary'
},
dataReady: function(connection) {
// clear data from the server is ready
var data = connection.data.getBytes();
console.log('[tls] data received from the server: ' + data);
},
closed: function() {
console.log('[tls] disconnected');
},
error: function(connection, error) {
console.log('[tls] error', error);
}
});
socket.on('connect', function() {
console.log('[socket] connected');
client.handshake();
});
socket.on('data', function(data) {
client.process(data.toString('binary')); // encoding should be 'binary'
});
socket.on('end', function() {
console.log('[socket] disconnected');
});
// connect to google.com
socket.connect(443, 'google.com');
// or connect to gmail's imap server (but don't send the HTTP header above)
//socket.connect(993, 'imap.gmail.com');
此示例片段使用 net.sockets,但这可以在浏览器中工作吗?
这个答案现在已经过时了,我发现自己面临着类似的需求,这里是使用面向 TLS 服务器的 websockify 提出的问题的答案
var Buffer = (your Browser buffer polyfill of choice, I used filer);
var Socket;
var client = forge.tls.createConnection({
server: false,
verify: function (connection, verified, depth, certs) {
// skip verification for testing
console.log("[tls] server certificate verified");
return true;
},
connected: function (connection) {
console.log("[tls] connected");
// prepare some data to send (note that the string is interpreted as
// 'binary' encoded, which works for HTTP which only uses ASCII, use
// forge.util.encodeUtf8(str) otherwise
client.prepare("GET / HTTP/1.0\r\n\r\n");
},
tlsDataReady: function (connection) {
// encrypted data is ready to be sent to the server
var data = connection.tlsData.getBytes();
socket.send(Buffer.from(data, "binary")); // encoding should be 'binary'
},
dataReady: function (connection) {
// clear data from the server is ready
var data = connection.data.getBytes();
console.log("[tls] data received from the server: " + data);
},
closed: function () {
console.log("[tls] disconnected");
},
error: function (connection, error) {
console.log("[tls] error", error);
},
});
socket = new WebSocket("ws://websockifyhost");
socket.onopen = function () {
console.log("[socket] connected");
client.handshake();
};
socket.onmessage = async function (event) {
const data = await event.data.arrayBuffer();
client.process(Buffer.from(data).toString("binary"));
};
socket.onclose = function () {
console.log("[socket] disconnected");
};