1

are there some APIs in java that equals to OpenSSL APIs such as ssl_accept(),SSL_connect,ssl_read(),ssl_write() and so on ?

thanks.

Balanivash
  • 6,709
  • 9
  • 32
  • 48
sodarfish
  • 135
  • 1
  • 1
  • 6
  • 1
    See also [Is it possible to change plain socket to SSLSocket?](http://stackoverflow.com/questions/6559859/is-it-possible-to-change-plain-socket-to-sslsocket). (sodarfish knows this already, this is more for later visitors.) – Paŭlo Ebermann Jul 03 '11 at 17:35

2 Answers2

1

Are you looking for javax.net.ssl.SSLSocket?

Mac
  • 1,632
  • 9
  • 15
  • no.. ssl_accept() api of openssl can bind an ssl context on an existed plain socket, so i want to know how to do that with java ? thanks. – sodarfish Jul 03 '11 at 06:32
  • @solarfish - why don't you just do it the Java way? – Stephen C Jul 03 '11 at 06:36
  • 1
    @sodarfish The **See Also:** section of the JavaDoc is your friend ;) [SSLSocketFactory](http://download.oracle.com/javase/6/docs/api/javax/net/ssl/SSLSocketFactory.html) – Mac Jul 03 '11 at 06:38
  • actually, i want to handle ssl and non-ssl connections on the same port, but SSLServerSocket can only handle ssl connections. OpenSSL can do that ,so i wonder if java can do that ? – sodarfish Jul 03 '11 at 07:08
  • 1
    What I was pointing you to was the SSLSocketFactory, which has a method to convert an existing, non-SSL socket to SSL. You might find it helpful to go through the [Java Networking Tutorial](http://download.oracle.com/javase/tutorial/networking/index.html) to get a feel for how Java handles socket programming in general. – Mac Jul 03 '11 at 07:18
  • thansk for your relply. I'v tried the createSocket method out, but its used to create a client side ssl socket , what i want is to change an existing socket which is created by server.accept() method to an SSLSocket. is that possible ? – sodarfish Jul 03 '11 at 08:20
  • @sodarfish yes, see Bruno's reply. – user207421 Jul 05 '11 at 00:00
1

This is more or less the same answer as the one I posted to your other question.

If you turn a Socket into an SSLSocket using SSLSocketFactory.createSocket(Socket, String, int, boolean), you can still turn it into a server-side SSLSocket using SSLSocket.setUseClientMode(false), as long as you haven't started to read/write using the I/O streams of the SSLSocket (this would trigger the handshake at you can't change the mode after that).

Alternatively, you can use SSLEngine. To be honest, it tends to be harder to use. You may find examples in the SSL implementations of Simple, Grizzly and Jetty (in NIO mode).

Community
  • 1
  • 1
Bruno
  • 119,590
  • 31
  • 270
  • 376