{"id":1327,"date":"2017-01-17T17:35:16","date_gmt":"2017-01-17T09:35:16","guid":{"rendered":"http:\/\/ykyi.net\/?p=1327"},"modified":"2017-01-17T17:35:16","modified_gmt":"2017-01-17T09:35:16","slug":"1327","status":"publish","type":"post","link":"https:\/\/ykyi.net\/?p=1327","title":{"rendered":""},"content":{"rendered":"<h2 align=\"center\"><span lang=\"EN-US\">1. <\/span>\u524d\u8a00\uff1a<\/h2>\n<p><span lang=\"EN-US\">\u00a0<\/span><span lang=\"EN-US\">\u00a0<\/span><span lang=\"EN-US\">ZeroMq aka zmq<\/span>\u662f\u6700\u77e5\u540d\u7684\u7f51\u7edc\u6d88\u606f\u4e2d\u95f4\u4ef6\u4e4b\u4e00\u3002\u4f7f\u6709<span lang=\"EN-US\">zmq<\/span>\u7684\u5f00\u6e90\u8f6f\u4ef6\u4e2d\u6700\u77e5\u540d\u7684\u83ab\u8fc7\u4e8e<span lang=\"EN-US\">Apache<\/span>\u57fa\u91d1\u4f1a\u4e0b\u7684<span lang=\"EN-US\">Storm<\/span>\u3002\u6211\u5382\u5185\u90e8\u4f7f\u7528<span lang=\"EN-US\">zmq<\/span>\u7684\u6709\u5373\u901a\u7684<span lang=\"EN-US\">yaaf<\/span>\u6846\u67b6\u3002<\/p>\n<p><span lang=\"EN-US\">\u00a0\u00a0 ZMQ<\/span>\u793e\u533a\u5728<span lang=\"EN-US\">2013<\/span>\u5e74<span lang=\"EN-US\">9<\/span>\u6708\u53d1\u5e03\u4e86<span lang=\"EN-US\">zmq4<\/span>\u3002<span lang=\"EN-US\">zmq4<\/span>\u6700\u5927\u7684\u65b0\u529f\u80fd\u5373\u63d0\u4f9b\u4e86\u4e00\u5957\u5b89\u5168\u673a\u5236\uff0c\u5176\u4e2d\u6709<span lang=\"EN-US\">IP<\/span>\u9ed1\u767d\u540d\u5355\uff0c\u7528\u6237\u540d<span lang=\"EN-US\">\/<\/span>\u5bc6\u7801\u9274\u6743\uff0c<span lang=\"EN-US\">ECC(Elliptic Curve Cryptography)<\/span>\u8bc1\u4e66\u9274\u6743\uff0c\u4ee5\u53ca\u901a\u8baf\u7684\u52a0\u5bc6<span lang=\"EN-US\">(<\/span>\u7c7b\u4f3c<span lang=\"EN-US\">TSL)<\/span>\u3002<\/p>\n<p><span lang=\"EN-US\">\u00a0\u00a0 <\/span>\u672c\u6587\u4e3b\u8981\u4ecb\u7ecd<span lang=\"EN-US\">zmq4.0<\/span>\u7684\u5b89\u5168\u673a\u5236\u3002<\/p>\n<h2 style=\"text-align: center;\"><span lang=\"EN-US\">2. <\/span><span lang=\"EN-US\">ECC<\/span>\u7684\u6545\u4e8b\uff1a<\/h2>\n<p><span lang=\"EN-US\">\u00a0 \u00a0<\/span>\u8fd9\u91cc\u7684<span lang=\"EN-US\">ECC<\/span>\u4e0d\u662f\u6211\u5382\u5386\u53f2\u4e0a\u7684\u7535\u5546\u4e8b\u4e1a\u7fa4\uff0c\u800c\u662f\u692d\u5706\u66f2\u7ebf\u52a0\u5bc6\u7b97\u6cd5\u3002<span lang=\"EN-US\">ECC<\/span>\u636e\u8bf4\u88ab<span lang=\"EN-US\">NSA(<\/span>\u7f8e\u56fd\u5b89\u5168\u5c40<span lang=\"EN-US\">)<\/span>\u64cd\u4f5c\uff0c\u5728\u7b97\u6cd5\u4e2d\u8bbe\u7f6e\u4e86\u540e\u95e8\u3002\u4e0d\u8fc7\u597d\u5728\u4e0d\u662f\u53ea\u6709\u4e00\u79cd\u692d\u5706\u66f2\u7ebf\uff0c\u800c\u662f\u6709\u65e0\u6570\u79cd\uff0c\u4e0d\u540c\u7684\u66f2\u7ebf\u6709\u4e0d\u540c\u7684\u4f18\u70b9\u548c\u7f3a\u70b9\uff0c\u53ea\u662f\u5176\u4e2d\u7531<span lang=\"EN-US\">NIST(<\/span>\u7f8e\u56fd\u6807\u51c6\u548c\u6280\u672f\u7814\u7a76\u7f72<span lang=\"EN-US\">)<\/span>\u63a8\u8350\u7684\u66f2\u7ebf\u88ab\u6000\u7591\u8bbe\u7f6e\u4e86\u540e\u95e8\u3002<\/p>\n<p><span lang=\"EN-US\">\u00a0\u00a0 ZMQ<\/span>\u4f7f\u7528\u7684\u692d\u5706\u66f2\u7ebf\u7b97\u6cd5\u662f<span lang=\"EN-US\"><a href=\"http:\/\/cr.yp.to\/ecdh.html\">Curve25519<\/a>\u00a0,<\/span>\u5b83\u6709\u5f00\u6e90\u5b9e\u73b0\u800c\u4e14\u6ca1\u6709\u4e13\u5229\u4fdd\u62a4\u3002<span lang=\"EN-US\">zmq<\/span>\u7528\u4e86\u957f\u5ea6\u4e3a<span lang=\"EN-US\">256bits<\/span>\u7684\u5bc6\u94a5\uff0c\u5f3a\u5ea6\u76f8\u5f53\u4e8e<span lang=\"EN-US\">RSA 3072<\/span>\u6bd4\u7279\u7684\u5bc6\u94a5\u957f\u5ea6\u3002<\/p>\n<p><span lang=\"EN-US\">\u00a0\u00a0 ECDH(Elliptic Curve Diffie-Hellman)<\/span>\u5219\u662f\u4e00\u4e2a\u5bc6\u94a5\u534f\u5546\u534f\u8bae\u3002\u975e\u5e38\u7b80\u5355\u5730\u8bb2\uff0c\u5f53<span lang=\"EN-US\">A<\/span>\u4e0e<span lang=\"EN-US\">B<\/span>\u5728\u4e00\u4e2a\u4e0d\u53d7\u4fe1\u4efb\u7684\u7f51\u7edc\u4e2d\u901a\u8baf\u524d\uff0c<span lang=\"EN-US\">A<\/span>\u548c<span lang=\"EN-US\">B<\/span>\u5148\u751f\u6210\u4e00\u5bf9\u516c\u79c1\u94a5\uff0c\u5e76\u4e14<span lang=\"EN-US\">A<\/span>\u548c<span lang=\"EN-US\">B<\/span>\u901a\u8fc7\u67d0\u4e2a\u5b8c\u5168\u7684\u6e20\u9053\u4e8b\u5148\u77e5\u9053\u5bf9\u65b9\u7684\u516c\u94a5\uff0c\u7136\u540e<span lang=\"EN-US\">A<\/span>\u548c<span lang=\"EN-US\">B<\/span>\u5728\u63e1\u624b\u9636\u6bb5\u534f\u5546\u51fa\u4e00\u4e2a\u53cc\u65b9\u516c\u77e5\u7684\u79c1\u94a5\u4f9b\u52a0\u5bc6\u63a5\u4e0b\u6765\u7684\u901a\u8baf\u3002<\/p>\n<p><span lang=\"EN-US\">\u00a0\u00a0\u00a0 <\/span>\u53ef\u4ee5\u7406\u89e3\u6210<span lang=\"EN-US\">zmq<\/span>\u8bbe\u8ba1\u4e86\u4e00\u4e2a\u4e13\u95e8\u4e3a\u81ea\u5df1\u5b9a\u5236\u7684\u7cbe\u7b80\u7684<span lang=\"EN-US\">TLS<\/span>\uff0c\u66f4\u591a\u7684\u7406\u8bba\u7ec6\u8282\u5728<span lang=\"EN-US\">http:\/\/curvezmq.org\/page:read-the-docs<\/span>\uff0c<\/p>\n<p>\u4f5c\u4e3a\u4e00\u4e2a\u7801\u519c\uff0c\u4e0b\u9762\u7528\u4ee3\u7801\u4ecb\u7ecd\u4f7f\u7528<span lang=\"EN-US\">zmq4<\/span>\u7684Curve\u5b89\u5168\u673a\u5236<\/p>\n<h2 style=\"text-align: center;\"><span lang=\"EN-US\">3. <\/span>\u8bc1\u4e66\u9274\u6743<span lang=\"EN-US\">,<\/span>\u901a\u8baf\u52a0\u5bc6<span lang=\"EN-US\">,<\/span><span lang=\"EN-US\">IP <\/span>\u767d\u540d\u5355<\/h2>\n<p>\u7f16\u8bd1<span lang=\"EN-US\">zmq4.x<\/span>\u4ee5\u540e\uff0c\u4f1a\u751f\u6210\u4e00\u4e2a\u540d\u53eb<span lang=\"EN-US\">curve_keygen<\/span>\u7684\u7a0b\u5e8f\uff0c\u7528\u5b83\u53ef\u4ee5\u751f\u6210<span lang=\"EN-US\">zmq <\/span>\u7684\u8bc1\u4e66\u3002\u8bc1\u4e66\u662f\u4e00\u4e2a\u4e00\u822c\u7684\u6587\u672c\u6587\u4ef6\uff0c\u5982\u4e0b\u662f\u4e00\u4e2a<span lang=\"EN-US\">curve_keygen<\/span>\u751f\u6210\u7684<span lang=\"EN-US\">zmq<\/span>\u8bc1\u4e66\u7684\u4f8b\u5b50\u3002<\/p>\n<div class=\"km_insert_code\">\n<pre class=\"brush:other\">#\u00a0\u00a0\u00a0****\u00a0\u00a0Generated\u00a0on\u00a02017-01-02\u00a014:24:20\u00a0by\u00a0CZMQ\u00a0\u00a0****\n#\u00a0\u00a0\u00a0ZeroMQ\u00a0CURVE\u00a0**Secret**\u00a0Certificate\n#\u00a0\u00a0\u00a0DO\u00a0NOT\u00a0PROVIDE\u00a0THIS\u00a0FILE\u00a0TO\u00a0OTHER\u00a0USERS\u00a0nor\u00a0change\u00a0its\u00a0permissions.\n\nmetadata\n\u00a0\u00a0\u00a0\u00a0email\u00a0=\u00a0\"kamuszhou@tencent.com\"\ncurve\n\u00a0\u00a0\u00a0\u00a0public-key\u00a0=\u00a0\"!Upjrn]2Dk)jQkYREsceBnpgoIL7koE{CVnV1j4D\"\n\u00a0\u00a0\u00a0\u00a0secret-key\u00a0=\u00a0\"ZPT#=l\/#Rtg:TeLbofh:uPi7#\/w(GDZq[0^qPZA1\"<\/pre>\n<p>&nbsp;<\/p>\n<\/div>\n<p>\u5b57\u6bb5\u5f88\u597d\u7406\u89e3\uff0c\u6700\u91cd\u8981\u7684\u662f<span lang=\"EN-US\">public-key<\/span>\u548c<span lang=\"EN-US\">secret-key<\/span>\u5b57\u6bb5\u3002<\/p>\n<p>\u4e0b\u9762\u662f\u4e00\u6bb5\u5ba2\u6237\u7aef\u7684\u76f8\u5173\u4ee3\u7801\u7247\u65ad<span lang=\"EN-US\">(<\/span>\u4f7f\u7528\u5b98\u65b9\u7684<span lang=\"EN-US\">czmq<\/span>\u5e93\uff0c<span lang=\"EN-US\">czmq<\/span>\u662f\u5b98\u65b9\u7ef4\u62a4\u7684<span lang=\"EN-US\">High-level C<\/span>\u5e93\u5c01\u88c5\u4e86\u5e95\u5c42\u7684<span lang=\"EN-US\">C API<\/span>\u63a5\u53e3<span lang=\"EN-US\">)<\/span>\uff1a<\/p>\n<div class=\"km_insert_code\">\n<pre class=\"brush:c\"> \/\/ \u521b\u5efa\u4e00\u4e2aDEALER\u7c7b\u578b\u7684zmq socket\n  zsock_t* dealer = zsock_new(ZMQ_DEALER);\n  assert (dealer_ != NULL)\n\n  \/\/ \u5047\u8bbe\u8def\u5f84~\/my.cert\u5b58\u4e86\u5ba2\u6237\u7aef\u7684\u8bc1\u4e66\uff0c\u8bc1\u4e66\u91cc\u9700\u8981\u65e2\u6709\u516c\u94a5\u53c8\u6709\u79c1\u94a5\uff0c\u8f7d\u5165\u8bc1\u4e66\u518d\u5e94\u7528\u8fd9\u4e2a\u8bc1\u4e66\u5230socket\u53e5\u67c4\u4e0a\u3002\u7136\u540e\u5c31\u53ef\u4ee5\u9500\u6bc1\u8bc1\u4e66\u53e5\u67c4\u4e86\n  zcert_t* my_cert = zcert_load(\"~\/my.cert\");\n  assert (my_cert != NULL);\n  zcert_apply(my_cert, dealer_);\n  zcert_destroy(&amp;my_cert);\n\n  \/\/ \u8bbe\u7f6e\u670d\u52a1\u5668\u7684\u516c\u94a5\n  zsock_set_curve_serverkey(dealer, \"I7[{YV4[}q[9a)]b&amp;d&gt;bisoT]UXa\/7b$Tp:6yoyq\");\n\n  \/\/ \u8fde\u63a5\u5728\u672c\u673a\u76d1\u542c8888\u7aef\u53e3\u7684\u670d\u52a1\u5668\n  zsock_connect(dealer, \"%s\", \"tcp:\/\/localhost:8888\");<\/pre>\n<p>\u4e0b\u9762\u662f\u670d\u52a1\u7aef\u7684\u76f8\u5173\u4ee3\u7801\u7247\u65ad\uff1a<\/p>\n<\/div>\n<div class=\"km_insert_code\">\n<pre class=\"brush:c\">\u00a0\u00a0 \/\/ \u521b\u5efa\u4e00\u4e2aROUTER zmq socket\n   zsock_t* router_sk = zsock_new(ZMQ_ROUTER);\n\u00a0\u00a0\u00a0assert(router_sk != NULL);\n\n\u00a0 \/* CZMQ4\u5e93\u5c01\u88c5\u4e86\u4e00\u4e2aactor\u670d\u52a1\u5668\u6a21\u578b,\u8be6\u7ec6\u7684\u5b98\u65b9\u63a5\u53e3\u8bf4\u660e\u5728http:\/\/api.zeromq.org\/CZMQ3-0:zactor \u5176\u4e2dzactor_new\u7528\u6765\u521b\u5efa\u4e00\u4e2aactor\uff0c\u56de\u8c03\u51fd\u6570\u586bzauth\u3002zauth\u662fCZMQ\u5b9a\u4e49\u597d\u7684\u4e00\u4e2a\u56de\u8c03\u51fd\u6570\uff0c\u91cc\u9762\u505a\u4e86\u5f88\u591a\u9274\u6743\u7684\u51c6\u5907\u5de5\u4f5c\u3002\u7167\u6284\u5c31\u884c\u3002\u901a\u8fc7\u5411actor\u901a\u8baf\u8bbe\u7f6e\u5982\u4f55\u9274\u6743\u3002*\/\n\u00a0\u00a0 zactor_t* auth = zactor_new(zauth, NULL);\n\n\u00a0\u00a0\u00a0\/\/ \u6253\u5370\u8be6\u7ec6\u7684\u9274\u6743\u76f8\u5173\u65e5\u5fd7\n   zstr_send(auth, \"VERBOSE\");\n   \/\/ \u5fc5\u987b\u8c03\u7528\u8fd9\u4e2a\u51fd\u6570\u4e0eactor\u540c\u6b65\u3002\u4e0b\u540c\n\u00a0\u00a0\u00a0zsock_wait(auth);\n\n\u00a0  \/\/ \u8fd9\u91cc\u5f00\u542f\u767d\u540d\u5355\uff0c\u5141\u8bb8\u201d127.0.0.1\u201d\u548c\"127.0.0.2\"\u8bbf\u95ee\u672c\u670d\u52a1\u3002\u5982\u679c\u7528\u9ed1\u540d\u5355\u4e5f\u7c7b\u4f3c\uff0c\u4f46\u7b2c\u4e8c\u4e2a\u53c2\u6570\u8bbe\u4e3a\u201dDENY\u201d\n\u00a0\u00a0\u00a0zstr_sendx(auth, \"ALLOW\", \"127.0.0.1\", \"127.0.0.2\", NULL);\n\u00a0\u00a0\u00a0zsock_wait(auth);\n\n   \/* \u5047\u8bbe ~\/cert\u76ee\u5f55\u5939\u4e0b\u9762\u5b58\u653e\u4e86\u5ba2\u6237\u7aef\u7684\u8bc1\u4e66(\u53ea\u6709\u516c\u94a5) \u4e0b\u9762\u7684\u4ee3\u7801\u8ba9\u53ea\u6709\u62e5\u6709\u8bc1\u4e66\u7684\u5ba2\u6237\u7aef\u624d\u80fd\u8fde\u63a5\u670d\u52a1*\/\n\u00a0\u00a0\u00a0zstr_sendx(auth, \"CURVE\", \"~\/cert\", NULL);\n\u00a0\u00a0\u00a0zsock_wait(auth);\n\n   \/\/ router_sk \u8fd9\u4e2azmq\u5957\u63a5\u5b57\u662f\u4f5c\u4e3a\u670d\u52a1\u7aef\u4f7f\u7528\u7684\n\u00a0\u00a0\u00a0zsock_set_curve_server(router_sk, 1);\n\n  \/\/ \u52a0\u8f7d\u670d\u52a1\u7aef\u81ea\u5df1\u7684\u8bc1\u4e66\uff0c\u8fd9\u4e2a\u8bc1\u4e66\u6587\u4ef6\u91cc\u9700\u8981\u65e2\u6709\u516c\u94a5\u4e5f\u6709\u79c1\u94a5\n\u00a0\u00a0\u00a0zcert_t* my_cert = zcert_load(\"~\/server.cert\");\n\u00a0\u00a0\u00a0assert(my_cert != NULL);\n\u00a0\u00a0\u00a0zcert_apply(my_cert, router_sk);\n   zcert_destroy(&amp;my_cert);\n\n\u00a0\u00a0 \/\/ router\u5957\u63a5\u5b57\u76d1\u542c8888\u7aef\u53e3\n\u00a0\u00a0\u00a0int ret = zsock_bind(router_sk, \"%s\", \"tcp:\/\/localhost:8888\");\n\u00a0\u00a0\u00a0assert(ret != -1);<\/pre>\n<\/div>\n<p><span lang=\"EN-US\">\u00a0<\/span>\u81f3\u6b64\uff0c\u670d\u52a1\u7aef\u53ea\u63a5\u53d7\u6765\u81ea<span lang=\"EN-US\">127.0.0.1<\/span>\u5e76\u4e14\u62e5\u6709\u6b63\u786e\u8bc1\u4e66\u7684\u5ba2\u6237\u7aef\u7684\u8fde\u63a5\uff0c\u800c\u4e14\u901a\u8baf\u901a\u9053\u88ab\u52a0\u5bc6\u3002<\/p>\n<h2 style=\"text-align: center;\"><span lang=\"EN-US\">4. <\/span><span lang=\"EN-US\">Notice &amp; Bug<\/span><\/h2>\n<p><span lang=\"EN-US\">a. <\/span>\u5728\u5b9e\u6218\u8fc7\u7a0b\u4e2d\uff0c\u53d1\u73b0\u4e00\u4e2a<span lang=\"EN-US\">czmq4<\/span>\u5e93\u7684<span lang=\"EN-US\">bug<\/span>\uff0c\u5982\u679c\u4e00\u4e2a<span lang=\"EN-US\">zmq socket<\/span>\u4f5c\u4e3a<span lang=\"EN-US\">server<\/span>\u7aef\u5e76\u4f7f\u7528<span lang=\"EN-US\">curve<\/span>\u9274\u6743\uff0c\u5c31\u5fc5\u987b\u8c03\u7528<span lang=\"EN-US\">bind()<\/span>\uff0c\u800c\u4e0d\u80fd\u8c03<span lang=\"EN-US\">connect()<\/span>\uff0c\u5426\u5219\u8fdb\u7a0b\u4f1a\u5d29\u6e83\u3002\u4f46\u662f\u5728<span lang=\"EN-US\">zmq<\/span>\u7684\u4e16\u754c\u4e2d\uff0c<span lang=\"EN-US\">server<\/span>\u7aef\u7684<span lang=\"EN-US\">socket<\/span>\u4e5f\u662f\u53ef\u4ee5\u8c03<span lang=\"EN-US\">connect<\/span>\u7684\u3002\u5728<span lang=\"EN-US\">czmq4<\/span>\u7684\u5b98\u65b9<span lang=\"EN-US\">github<\/span>\u9875\u9762\u4e0a\u627e\u5230\u6709\u4eba\u5df2\u7ecf\u62a5\u544a\u4e86\u8fd9\u4e2a<span lang=\"EN-US\">bug<\/span>\uff0c\u53ef\u80fd\u4e0b\u4e2a\u7248\u672c\u4f1a\u4fee\u590d\u5427\u3002<\/p>\n<p><span lang=\"EN-US\">https:\/\/github.com\/zeromq\/czmq\/issues\/1470<\/span><\/p>\n<p><span lang=\"EN-US\">b. czmq4<\/span>\u5b9e\u73b0\u7684<span lang=\"EN-US\">reactor<\/span>\u6a21\u578b\u4e0d\u652f\u6301\u76d1\u63a7<span lang=\"EN-US\">zactor<\/span>\u5bf9\u8c61<span lang=\"EN-US\">.<\/span><\/p>\n<p><span lang=\"EN-US\">c. czmq4<\/span>\u6709\u5f88\u591a\u51fd\u6570\u7684\u53c2\u6570\u4e2a\u6570\u662f\u4e0d\u786e\u5b9a\u7684\uff0c\u8fd9\u4e9b\u51fd\u6570\u7684\u6700\u540e\u4e00\u4e2a\u53c2\u6570\u5e76\u987b\u586b<span lang=\"EN-US\">NULL<\/span>\uff0c\u5426\u5219\u7f16\u8bd1\u671f\u68c0\u67e5\u4e0d\u5230\u9519\u8bef\u5728\u8fd0\u884c\u671f\u4f1a\u5d29\u6e83\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>1. \u524d\u8a00\uff1a \u00a0\u00a0ZeroMq aka zmq\u662f\u6700\u77e5\u540d\u7684\u7f51\u7edc\u6d88\u606f\u4e2d\u95f4\u4ef6\u4e4b\u4e00\u3002\u4f7f\u6709zmq\u7684\u5f00\u6e90\u8f6f\u4ef6\u4e2d\u6700\u77e5\u540d\u7684\u83ab\u8fc7\u4e8eApache\u57fa\u91d1\u4f1a\u4e0b\u7684Storm\u3002\u6211\u5382\u5185\u90e8\u4f7f\u7528zmq\u7684\u6709\u5373\u901a\u7684yaaf\u6846\u67b6\u3002 \u00a0\u00a0 ZMQ\u793e\u533a\u57282013\u5e749\u6708\u53d1\u5e03\u4e86zmq4\u3002zmq4\u6700\u5927\u7684\u65b0\u529f\u80fd\u5373\u63d0\u4f9b\u4e86\u4e00\u5957\u5b89\u5168\u673a\u5236\uff0c\u5176\u4e2d\u6709IP\u9ed1\u767d\u540d\u5355\uff0c\u7528\u6237\u540d\/\u5bc6\u7801\u9274\u6743\uff0cECC(Elliptic Curve Cryptography)\u8bc1\u4e66\u9274\u6743\uff0c\u4ee5\u53ca\u901a\u8baf\u7684\u52a0\u5bc6(\u7c7b\u4f3cTSL)\u3002 \u00a0\u00a0 \u672c\u6587\u4e3b\u8981\u4ecb\u7ecdzmq4.0\u7684\u5b89\u5168\u673a\u5236\u3002 2. ECC\u7684\u6545\u4e8b\uff1a \u00a0 \u00a0\u8fd9\u91cc\u7684ECC\u4e0d\u662f\u6211\u5382\u5386\u53f2\u4e0a\u7684\u7535\u5546\u4e8b\u4e1a\u7fa4\uff0c\u800c\u662f\u692d\u5706\u66f2\u7ebf\u52a0\u5bc6\u7b97\u6cd5\u3002ECC\u636e\u8bf4\u88abNSA(\u7f8e\u56fd\u5b89\u5168\u5c40)\u64cd\u4f5c\uff0c\u5728\u7b97\u6cd5\u4e2d\u8bbe\u7f6e\u4e86\u540e\u95e8\u3002\u4e0d\u8fc7\u597d\u5728\u4e0d\u662f\u53ea\u6709\u4e00\u79cd\u692d\u5706\u66f2\u7ebf\uff0c\u800c\u662f\u6709\u65e0\u6570\u79cd\uff0c\u4e0d\u540c\u7684\u66f2\u7ebf\u6709\u4e0d\u540c\u7684\u4f18\u70b9\u548c\u7f3a\u70b9\uff0c\u53ea\u662f\u5176\u4e2d\u7531NIST(\u7f8e\u56fd\u6807\u51c6\u548c\u6280\u672f\u7814\u7a76\u7f72)\u63a8\u8350\u7684\u66f2\u7ebf\u88ab\u6000\u7591\u8bbe\u7f6e\u4e86\u540e\u95e8\u3002 \u00a0\u00a0 ZMQ\u4f7f\u7528\u7684\u692d\u5706\u66f2\u7ebf\u7b97\u6cd5\u662fCurve25519\u00a0,\u5b83\u6709\u5f00\u6e90\u5b9e\u73b0\u800c\u4e14\u6ca1\u6709\u4e13\u5229\u4fdd\u62a4\u3002zmq\u7528\u4e86\u957f\u5ea6\u4e3a256bits\u7684\u5bc6\u94a5\uff0c\u5f3a\u5ea6\u76f8\u5f53\u4e8eRSA 3072\u6bd4\u7279\u7684\u5bc6\u94a5\u957f\u5ea6\u3002 \u00a0\u00a0 ECDH(Elliptic Curve Diffie-Hellman)\u5219\u662f\u4e00\u4e2a\u5bc6\u94a5\u534f\u5546\u534f\u8bae\u3002\u975e\u5e38\u7b80\u5355\u5730\u8bb2\uff0c\u5f53A\u4e0eB\u5728\u4e00\u4e2a\u4e0d\u53d7\u4fe1\u4efb\u7684\u7f51\u7edc\u4e2d\u901a\u8baf\u524d\uff0cA\u548cB\u5148\u751f\u6210\u4e00\u5bf9\u516c\u79c1\u94a5\uff0c\u5e76\u4e14A\u548cB\u901a\u8fc7\u67d0\u4e2a\u5b8c\u5168\u7684\u6e20\u9053\u4e8b\u5148\u77e5\u9053\u5bf9\u65b9\u7684\u516c\u94a5\uff0c\u7136\u540eA\u548cB\u5728\u63e1\u624b\u9636\u6bb5\u534f\u5546\u51fa\u4e00\u4e2a\u53cc\u65b9\u516c\u77e5\u7684\u79c1\u94a5\u4f9b\u52a0\u5bc6\u63a5\u4e0b\u6765\u7684\u901a\u8baf\u3002 \u00a0\u00a0\u00a0 \u53ef\u4ee5\u7406\u89e3\u6210zmq\u8bbe\u8ba1\u4e86\u4e00\u4e2a\u4e13\u95e8\u4e3a\u81ea\u5df1\u5b9a\u5236\u7684\u7cbe\u7b80\u7684TLS\uff0c\u66f4\u591a\u7684\u7406\u8bba\u7ec6\u8282\u5728http:\/\/curvezmq.org\/page:read-the-docs\uff0c \u4f5c\u4e3a\u4e00\u4e2a\u7801\u519c\uff0c\u4e0b\u9762\u7528\u4ee3\u7801\u4ecb\u7ecd\u4f7f\u7528zmq4\u7684Curve\u5b89\u5168\u673a\u5236 3. \u8bc1\u4e66\u9274\u6743,\u901a\u8baf\u52a0\u5bc6,IP \u767d\u540d\u5355 \u7f16\u8bd1zmq4.x\u4ee5\u540e\uff0c\u4f1a\u751f\u6210\u4e00\u4e2a\u540d\u53ebcurve_keygen\u7684\u7a0b\u5e8f\uff0c\u7528\u5b83\u53ef\u4ee5\u751f\u6210zmq \u7684\u8bc1\u4e66\u3002\u8bc1\u4e66\u662f\u4e00\u4e2a\u4e00\u822c\u7684\u6587\u672c\u6587\u4ef6\uff0c\u5982\u4e0b\u662f\u4e00\u4e2acurve_keygen\u751f\u6210\u7684zmq\u8bc1\u4e66\u7684\u4f8b\u5b50\u3002 #\u00a0\u00a0\u00a0****\u00a0\u00a0Generated\u00a0on\u00a02017-01-02\u00a014:24:20\u00a0by\u00a0CZMQ\u00a0\u00a0**** #\u00a0\u00a0\u00a0ZeroMQ\u00a0CURVE\u00a0**Secret**\u00a0Certificate #\u00a0\u00a0\u00a0DO\u00a0NOT\u00a0PROVIDE\u00a0THIS\u00a0FILE\u00a0TO\u00a0OTHER\u00a0USERS\u00a0nor\u00a0change\u00a0its\u00a0permissions. metadata \u00a0\u00a0\u00a0\u00a0email\u00a0=\u00a0&#8220;kamuszhou@tencent.com&#8221; curve \u00a0\u00a0\u00a0\u00a0public-key\u00a0=\u00a0&#8220;!Upjrn]2Dk)jQkYREsceBnpgoIL7koE{CVnV1j4D&#8221; \u00a0\u00a0\u00a0\u00a0secret-key\u00a0=\u00a0&#8220;ZPT#=l\/#Rtg:TeLbofh:uPi7#\/w(GDZq[0^qPZA1&#8221; &nbsp; \u5b57\u6bb5\u5f88\u597d\u7406\u89e3\uff0c\u6700\u91cd\u8981\u7684\u662fpublic-key\u548csecret-key\u5b57\u6bb5\u3002 \u4e0b\u9762\u662f\u4e00\u6bb5\u5ba2\u6237\u7aef\u7684\u76f8\u5173\u4ee3\u7801\u7247\u65ad(\u4f7f\u7528\u5b98\u65b9\u7684czmq\u5e93\uff0cczmq\u662f\u5b98\u65b9\u7ef4\u62a4\u7684High-level C\u5e93\u5c01\u88c5\u4e86\u5e95\u5c42\u7684C API\u63a5\u53e3)\uff1a \/\/ \u521b\u5efa\u4e00\u4e2aDEALER\u7c7b\u578b\u7684zmq socket zsock_t* dealer = zsock_new(ZMQ_DEALER); assert (dealer_ != NULL) \/\/ &hellip; <a href=\"https:\/\/ykyi.net\/?p=1327\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,5,6],"tags":[89],"class_list":["post-1327","post","type-post","status-publish","format-standard","hentry","category-network","category-security","category-tech_articles","tag-zmq"],"_links":{"self":[{"href":"https:\/\/ykyi.net\/index.php?rest_route=\/wp\/v2\/posts\/1327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ykyi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ykyi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ykyi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ykyi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1327"}],"version-history":[{"count":0,"href":"https:\/\/ykyi.net\/index.php?rest_route=\/wp\/v2\/posts\/1327\/revisions"}],"wp:attachment":[{"href":"https:\/\/ykyi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ykyi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ykyi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}