Thursday, March 24, 2016

SSL enable Server and Client side code, KeyStore, KeyManagerFactory, SSLContext, SSLServerSocketFactory, easy example of Java SSL code, getting start with SSL, What is SSL, Wha is the use of SSL, keytool command, SSL Client java code, How to write SSL enable client side code


SSL (Secure Sockets Layer) provides a secure connection between internet browsers and websites, allowing you to transmit private data online. 

Server used to have private and public key (key OR certificate). Server creator either can take certificate from some well known Certificate Authority (CA) or generate their own certificate using java keytool command. When client wants to connect server, server send public key to client and handshake happens between both.

Using server's public key, all data which go from client to server are encrypted by server's public key and at server side using private key, server can decrypted those client data. But instead always using public and private key, after handshake both client and server use one symmetric key for their encryption and decryption.

How to generate your own key using JDK keytool command.
keytool -genkey -keystore demokeystore -keyalg RSA
I use "password" as password while generating this keystore.


SSLServerDemo.java

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyStore;

public class SSLServerDemo {
    public static void main(String[] arstring) {
    SSLContext sslContext;
    System.out.println("** Servlet start with inbuild SSL **");
        try {
       
         InputStream kis = new FileInputStream("demokeystore");
         KeyStore keyStore = KeyStore.getInstance("jks");
         keyStore.load(kis, "password".toCharArray());
         KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
         keyManagerFactory.init(keyStore, "password".toCharArray());
             
         sslContext = SSLContext.getInstance("TLS");
         sslContext.init(keyManagerFactory.getKeyManagers(), null, null);
            
         SSLServerSocketFactory sslserversocketfactory = sslContext.getServerSocketFactory();
         SSLServerSocket sslserversocket = (SSLServerSocket) sslserversocketfactory.createServerSocket(9000);
         SSLSocket sslsocket = (SSLSocket) sslserversocket.accept();

         InputStream inputstream = sslsocket.getInputStream();
         InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
         BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

         String string = null;
         while ((string = bufferedreader.readLine()) != null) {
                System.out.println("From SSL Server :"+string);
                System.out.flush();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}


SSLClientDemo.java

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

import java.io.*;
import java.security.KeyStore;

public class SSLClientDemo {
    public static void main(String[] arstring) {
    SSLContext sslContext;
        try {
       
          InputStream kis = new FileInputStream("demokeystore");
            KeyStore trustStore = KeyStore.getInstance("jks");
            trustStore.load(kis, "password".toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore);
                     
            sslContext = SSLContext.getInstance("TLS");
            sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
            
             SSLSocketFactory sslsocketfactory = sslContext.getSocketFactory();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket("localhost", 9000);

            InputStream inputstream = System.in;
            InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
            BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

            OutputStream outputstream = sslsocket.getOutputStream();
            OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
            BufferedWriter bufferedwriter = new BufferedWriter(outputstreamwriter);

            String string = null;
            while ((string = bufferedreader.readLine()) != null) {
                bufferedwriter.write(string + '\n');
                bufferedwriter.flush();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

Compile both java file and run both. Now if you type any message in client side, it will send to server side code.




No comments:

Post a Comment

You can put your comments here (Either feedback or your Question related to blog)