Lab 11: Secure Socket Layer (SSL) in Java

Goals

Credits

Most of the materials of SSL from this lab is adapted from http://stilius.net/java/java_ssl.php and copy-righted by Tomas Vilda. Here is the original copy-right note.

Copyright
This document is copyrighted to Tomas Vilda. You can use it in all ways, but don't change this section and always include it.

Introduction

So far we have written and experimented with client/server programs in various application settings using the programming language C. The socket interface we used in our program is not secure. The information sent over the network using Linux socket is not encrypted, nor is the integrity of the data checked. The CRC lab we did last week allows us at least to validate the integrity of the data to a certain level. This week's lab we will learn the APIs for SSL which will enable the data to be encrypted when traveling through the network.

The SSL programming API is very similar to those of regular socket, the calls to create socket, to bind an address, to connect to a remote server, and to accept a connecting request from a client are all very similar to those in the regular sockets. The extra pieces of work one has to do in order to use SSL is the creation of SSL keys. These keys are used to encrypt and decrypt messages and to authenticate the communicating partners.

The general process is the following.

It turns out that the C interface to SSL is a bit complicated and confusing, especially the key generation process. For this reason, we are using Java in this lab. Thought the APIs for SSL from the two languages are very different, the concept is very similar.

In this lab, we will try out a very simple Java SSL program to gain an appreciation how SSL works.

Your Assignment

Most of the materials of SSL from this lab is adapted from http://stilius.net/java/java_ssl.php and copy-righted by Tomas Vilda.

Before programming SSL in Java, please take some time and read the web site

http://stilius.net/java/java_ssl.php.

Now do the following.

  1. Create a local directory, e.g., lab11 in your course work directory.
  2. Copy all files from ~cs363/Spring13/student/labs/lab11/. You should see a set of seven files.
  3. Read the three shell script files, keygen, execute-java-ssl-server, and execute-java-ssl-client and make sure you understand what these shell scripts are doing.
  4. Run keygen to generate the key(s) needed for SSL. The Java tool keytool invoked by the script will ask a number of questions. You can provide any answers that are appropriate. These answers don't really affect the behaviors of our programs.
  5. Compile the two Java programs, EchoServer.java and EchoClient.java using the command

    javac *.java

  6. Start the server program first by running the script

    ./execute-java-ssl-server

  7. Then running the client program in a different terminal window, but on the same computer.

    ./execute-java-ssl-client

  8. You can run the client program for a few times to see how it works.
  9. Assume you have compiled all Java programs. Run the ConsoleTest Java program by

    java ConsoleTest

  10. Run the DateTest Java program by

    java DateTest

Rewrite the EchoServer.java and EchoClient.java to conform with the following behavior.

Instead of the client sending a message to the server and the server echos back what it receives, the server will respond to two types of client request. One is that the server will send back a string representing the date in a calendar format; the other is that the server will send back a string representing the date in a simple format of "mm/dd/yyyy", that is, two digits for the month, two digits for the day, and four digits for the year. In order for a user to user the service, the client program generates a random number that is displayed on the screen, the user must enter the number correctly without seeing the echo when typing the input. If the number entered doesn't match the random number the program generated, the client program must repeat the same process until the user enters a correct value. See the copied program ConsoleTest.java for the use of Java random numbers.

Consult the programs DateTest.java and ConsoleTest.java for the program behaviors.

When you finish the lab, clean up the directory, submit all files to Gitlab.

Congratulations! You just finished this lab, and for the semester!!!!