Most of the materials of SSL from this lab is adapted from http://stilius.net/java/java_ssl.php and copy-righted by Tomas Vilda. Here is the original copy-right note.
Copyright
This document is copyrighted to Tomas Vilda. You can use it in all ways, but don't change this section and always include it.
So far we have written and experimented with client/server programs in various application settings using the programming language C. The socket interface we used in our program is not secure. The information sent over the network using Linux socket is not encrypted, nor is the integrity of the data checked. The CRC lab we did last week allows us at least to validate the integrity of the data to a certain level. This week's lab we will learn the APIs for SSL which will enable the data to be encrypted when traveling through the network.
The SSL programming API is very similar to those of regular socket, the calls to create socket, to bind an address, to connect to a remote server, and to accept a connecting request from a client are all very similar to those in the regular sockets. The extra pieces of work one has to do in order to use SSL is the creation of SSL keys. These keys are used to encrypt and decrypt messages and to authenticate the communicating partners.
The general process is the following.
It turns out that the C interface to SSL is a bit complicated and confusing, especially the key generation process. For this reason, we are using Java in this lab. Thought the APIs for SSL from the two languages are very different, the concept is very similar.
In this lab, we will try out a very simple Java SSL program to gain an appreciation how SSL works.
Most of the materials of SSL from this lab is adapted from http://stilius.net/java/java_ssl.php and copy-righted by Tomas Vilda.
Before programming SSL in Java, please take some time and read the web site
http://stilius.net/java/java_ssl.php.
Now do the following.
lab11
in your course work directory.~cs363/Spring13/student/labs/lab11/
. You should see a set of seven files.keygen, execute-java-ssl-server
, and execute-java-ssl-client
and make sure you understand what these shell scripts are doing.keygen
to generate the key(s) needed for SSL. The Java tool keytool
invoked by the script will ask a number of questions. You can provide any answers that are appropriate. These answers don't really affect the behaviors of our programs.EchoServer.java
and EchoClient.java
using the commandjavac *.java
./execute-java-ssl-server
./execute-java-ssl-client
ConsoleTest
Java program byjava ConsoleTest
DateTest
Java program byjava DateTest
Rewrite the EchoServer.java
and EchoClient.java
to conform with the following behavior.
Instead of the client sending a message to the server and the server echos back what it receives, the server will respond to two types of client request. One is that the server will send back a string representing the date in a calendar format; the other is that the server will send back a string representing the date in a simple format of "mm/dd/yyyy", that is, two digits for the month, two digits for the day, and four digits for the year. In order for a user to user the service, the client program generates a random number that is displayed on the screen, the user must enter the number correctly without seeing the echo when typing the input. If the number entered doesn't match the random number the program generated, the client program must repeat the same process until the user enters a correct value. See the copied program ConsoleTest.java
for the use of Java random numbers.
Consult the programs DateTest.java
and ConsoleTest.java
for the program behaviors.
When you finish the lab, clean up the directory, submit all files to Gitlab.
Congratulations! You just finished this lab, and for the semester!!!!