9

I want to create commnicate between two systems via TLS v1.2. The information it contains is confidential. I want to avoid an https web service call and diectly want to perform message exchange at the TCP layer.

Can you suggest how to implement this where I can securely transfer data via TLS v1.2.

EDIT:

I have written the following code after reading the below answers

SSLServer

        System.setProperty("javax.net.ssl.keyStore", "/home/user/.keystore");
        System.setProperty("javax.net.ssl.keyStorePassword", "changeit");

        SSLServerSocketFactory ssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        ServerSocket ss = ssf.createServerSocket(8362);
        while (true) {
            System.out.println("awaiting to accept..");
          Socket s = ss.accept();
          SSLSession session = ((SSLSocket) s).getSession();
          Certificate[] cchain2 = session.getLocalCertificates();
          for (int i = 0; i < cchain2.length; i++) {
            System.out.println(((X509Certificate) cchain2[i]).getSubjectDN());
          }
          System.out.println("Peer host is " + session.getPeerHost());
          System.out.println("Cipher is " + session.getCipherSuite());
          System.out.println("Protocol is " + session.getProtocol());
          System.out.println("ID is " + new BigInteger(session.getId()));
          System.out.println("Session created in " + session.getCreationTime());
          System.out.println("Session accessed in " + session.getLastAccessedTime());


          PrintStream out = new PrintStream(s.getOutputStream());

          /*BufferedReader in = new BufferedReader(new InputStreamReader(
                    s.getInputStream()));*/
          boolean isChatOver = false;
          System.out.println("\n\n*******************Type Below********************");
          System.out.println("To End Chat Type 'Bye'!");

          BufferedReader br = new BufferedReader(new InputStreamReader(System.in));

          while(!isChatOver) {
              String nextChat = br.readLine();
              out.println(nextChat);
              if("bye".equalsIgnoreCase(nextChat.trim())) {
                  isChatOver = true;
              }
          }

          out.close();
          s.close();
        }

SSLClient

    System.setProperty("javax.net.ssl.trustStore", "/home/user/.truststore");
    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

    SSLSocketFactory ssf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    Socket s = ssf.createSocket("127.0.0.1", 8362);

    SSLSession session = ((SSLSocket) s).getSession();
    Certificate[] cchain = session.getPeerCertificates();
    System.out.println("The Certificates used by peer");
    for (int i = 0; i < cchain.length; i++) {
        System.out.println(((X509Certificate) cchain[i]).getSubjectDN());
    }
    System.out.println("Peer host is " + session.getPeerHost());
    System.out.println("Cipher is " + session.getCipherSuite());
    System.out.println("Protocol is " + session.getProtocol());
    System.out.println("ID is " + new BigInteger(session.getId()));
    System.out.println("Session created in " + session.getCreationTime());
    System.out.println("Session accessed in "
            + session.getLastAccessedTime());

    BufferedReader in = new BufferedReader(new InputStreamReader(
            s.getInputStream()));
    boolean isChatOver = false;
    while(!isChatOver) {
        if(in.ready()) {
            Thread.sleep(5000);
        }
        String nextChat = in.readLine();
        System.out.println("server says : " + nextChat);
        if("bye".equalsIgnoreCase(nextChat.trim())) {
            System.out.println("**************************************Closing Session.*********************************************");
            isChatOver = true;
        }
    }
    in.close();

In the above code, is my code directly passing message to TCP Layer after encryption using TLS 1.2 ? I hope it does not call an https internally because I want to avoid application layer at all cost.

Kindly let me know in case of any queries in the question.

Thanks cheers :))

Argho Chatterjee
  • 579
  • 2
  • 9
  • 26
  • Which Java version are you using? JDK 8 uses v1.2 by default – Boris Pavlović Jan 14 '16 at 15:47
  • Take a look at [`SSLSocket`](https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLSocket.html). – Andrea Bergia Jan 14 '16 at 15:51
  • Hi @Boris, I am using jdk 1.8. Can you post an example of a client server communication using sslsocket classes for reference. I am assuming that if I use sslSocket classes, then I will directly be encrypting using SSL/TLS and sending the encrypted message via the TCP layer, and avoiding the use of HTTPS to do it for me. Is my understanding correct? – Argho Chatterjee Jan 15 '16 at 06:53
  • Take a look at the JSSE Reference Guide. Too broad. – user207421 Jan 15 '16 at 09:18
  • What makes you think the HTTPS layer can possibly get involved in your code? You're not using it => it isn't there. – user207421 Jan 15 '16 at 12:25
  • Hey @EJP, ya that is what even I think, but I asked to just make sure my understanding is correct.. – Argho Chatterjee Jan 15 '16 at 12:37
  • 2
    And you've already implemented I what you're asking for Unclear what you're asking. – user207421 Sep 06 '19 at 03:49

0 Answers0