Published on

Java Security - Part 9: Java Secure Socket Extension (JSSE) for secure network communication

Authors

Yarrr, set sail, matey! We be headed for the Java Secure Socket Extension (JSSE), a land where we secure the communication between the vessels of our application!

Java Secure Socket Extension (JSSE) enables secure communication between client and server in a network. It's like having yer own private line in the sea of public networks! Even if the scurvy pirates of the internet intercept yer messages, all they'll get is jumbled jargon without the right decryption key!

Let's see how to set up an SSLServerSocket and SSLSocket for secure communication:

import javax.net.ssl.*;

public class SslSocketCommunication {
    public static void main(String[] args) throws Exception {
        // Set the key store to use for validating SSL certificates
        System.setProperty("javax.net.ssl.keyStore", "keystore.jks");
        System.setProperty("javax.net.ssl.keyStorePassword", "password");

        SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(9999);

        // Wait for a connection
        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();

        // Read data from the client
        java.io.InputStream is = sslSocket.getInputStream();
        java.io.InputStreamReader isr = new java.io.InputStreamReader(is);
        java.io.BufferedReader br = new java.io.BufferedReader(isr);

        String string = null;
        while ((string = br.readLine()) != null) {
            System.out.println(string);
            System.out.flush();
        }

        sslSocket.close();
    }
}

This be just the server side of the story. You'd need a similar setup on the client side, using an SSLSocket to connect to the server. And remember to import the server's certificate into your client's truststore to create a secure communication channel. Always keep your certificates safe, like a treasure chest!

To establish a secure connection with our SSL-enabled server, our client needs to use an SSLSocket. Let's whip up some client-side code:

import javax.net.ssl.*;

public class SslSocketClient {
    public static void main(String[] args) throws Exception {
        // Set the trust store to use for validating SSL certificates
        System.setProperty("javax.net.ssl.trustStore", "truststore.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "password");

        SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket("localhost", 9999);

        // Send data to the server
        java.io.OutputStream os = sslSocket.getOutputStream();
        java.io.OutputStreamWriter osr = new java.io.OutputStreamWriter(os);
        java.io.BufferedWriter bw = new java.io.BufferedWriter(osr);

        bw.write("Ahoy, server! This be secure communication!");
        bw.flush();

        sslSocket.close();
    }
}

Note: Before running the above code, you'll need to have a keystore.jks file with the server's private key and public certificate. You can create this using the keytool command that comes with the Java Development Kit (JDK).

Stay tuned for our next chapter, where we'll sail into the waters of SSL/TLS protocols and secure socket programming in Java! Yarrr!