How to implement (SSL/TLS) secure communication through normal Java Sockets

4.4k Views Asked by At

How can I secure ordinary socket communication? I wrote a Jabber client that can only connect to dedicated SSL ports(5223) (using SSLSocket). The normal way is to connect to Jabber standard port 5222 and request starttls. How can I achieve that?

2

There are 2 best solutions below

3
On

I'm not completely sure what you are asking, but you can layer a secure socket on an existing normal (non-secure) socket by using the SSLSocketFactory.createSocket() method. This is one way to "upgrade" a socket using something like starttls. But this is doing things the hard way. Almost certainly your XMPP library will provide high-level access to this kind of functionality.

0
On

Expectation Management: I haven't tried this with Jabber. But it works with GMail's SMTP server, so maybe...

Here's how to upgrade a socket to an SSL socket, where socket is the original (non-TLS) connection:

SSLSocket sslSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(
                       socket, 
                       socket.getInetAddress().getHostAddress(), 
                       socket.getPort(), 
                       true);
InputStream inputStream = sslSocket.getInputStream();
OutputStream outputStream = sslSocket.getOutputStream();
// reads from the socket
Scanner scanner = new Scanner(inputStream);
// writes to the socket
OutputStream outputStream = new BufferedOutputStream(outputStream);