Java Programming: SSL Server Client Model binded with data encryption
General Description
1. Create a server that can process remote communication request from clients
2. Create clients (multiple client objects can be instantiated from the same client class) that
can send request network communication to remote server
3. During the communication, clients are supposed to send job object which has job ID (has
a confidential requirement while in transmission) and a secret, OPNumber (confidential
in transmission, in memory, and in storage).
4. As the programmer, you should first make sure the communication will be secure during
the transmission. For example, ssl through https, but only ensure the confidentiality
during the transmission.
5. Then, you should have your secret OPNumber needs to be encrypted before transmission
so when it will be encrypted after it received.
shots of the execution of the program.
Samples of encryption and ssl sample programs
1. Java ssl: http://www.javaworld.com/article/2075291/learn-java/build-secure-network-
applications-with-ssl-and-the-jsse-api.html
2. Java Encryption: http://mrbool.com/encrypting-and-decrypting-content-with-java/24843
Sample Database Design & Implementation
The database used for project can be Mysql, which is free for download and easy for installation.
6. To test it, you may decrypt the secret OPNumber after server received the job.
7. Your delivery: , source code, and report with a few screen
A schema, sslusers, for this project, can be created. In this schema, a table called userinfo, can be
created to store the user details who can access the application. User details like user id, user
name, user password, can be added
User should be able login into the database by following steps:
With MySql database installed, user can click Start->All Programs->MySQL->MySQL
Workbench 5.2 CE
Then goto database->querydatabase you will see a screen like below:
Now click Ok. Now you will see a screen like below asking for password
Now enter the password. So that user can be able to connect to database.
Created a new schema:
To left panel, you can see existing schemas. Right click on that and select the option new
schema. You can locate the below screen:
You can give the schema name and click apply. This will create a new schema in which
you can create tables.
Created a table:
User can right clicked on table of the schema and clicked on create tabl
Front End Implementation
User Authentication
Not all the users should be able to access the application for security concerns. So restrict access
to specific users, a screen with username and user password should be created. All the clients
who have to enter the application should enter their username and password. This will be
validated by the application to see if the username and password are present in the database.
Only if that particular username, password found in the database user could be able to enter the
next screen that is main screen where they could enter job id, OPN number.
If valid client access the system
On click of button submit, the user can view the below screen where he can enter jobid and
OPNNum
On entering job id, OPNum and clicking submit the below client screen connects to the server as
shown:
Here we can notice that User JobId, UserOPNum(encrypted) are obtained.
On click of ‘Decrypt’ we can view the UserOPNum entered by the client
On click of ‘Encrypt’ again the OP Num gets encrypted as seen below:
How other cases are handled (which ensures proper user authentication):
Case 1: when Client whose username, user password not present in the database tries to access
the data.
The above user is not given access to the system, a warning message should be generated and the
next client screen will not be presented.
Case 2: When both username and user password fields are NULL, a warning message that ‘User
is invalid’ should be given and the next client screen will not be presented.
Ensuring A SSL Connection is Established between a client and server
Steps and generating certificates:
Creating private/public key pair:
keytool -genkey -alias cooldragon -keyalg RSA -keypass privatepassword -keystore
identity.jks -storepass password ( create a key pair )
keytool -export -alias cooldragon -file root.cer -keystore identity.jks ( export the certificate
from identity keystore into a file, say root.cer)
keytool -import -alias cooldragon -trustcacerts -file root.cer -keystore trust.jks ( import the
certificate you exported into trust.jks )
Now lets view the file that was exported from the identity.jks ( i.e root.cer )
keytool -printcert -file root.cer
To list the contents of trust.jks use the following command :
keytool -list -v -keystore trust.jks -storepass password
Server Side Implementation
Step 1: In server side we have to mention Key Store File absolute path ("C:\\My
class\\keystore.jks").
final static String keystoreFile = "C:\\My class\\keystore.jks";
final static String password = "xxxxxxxxxx"; (xxxx represents any password)
Note: final variables are not modify by another programs so we have to put final there.
Step 2: we have set the system properties with the help of system class.
System.setProperty("javax.net.ssl.keyStore", keystoreFile);
System.setProperty("javax.net.ssl.keyStorePassword", password);
For debugging purpose
if (debug) {System.setProperty("javax.net.debug", "all"); }
Step 3: //creating a SSLsocket factory
SSLServerSocketFactory sslfact = (SSLServerSocketFactory)
SSLServerSocketFactory.getDefault();
Server Running on the port number : 8088
setverSocket = (SSLServerSocket) sslfact.createServerSocket(8088);
Waiting For Client: SSLSocket sslsocket = (SSLSocket) setverSocket.accept();
For providing hand shaking. sslsocket.startHandshake();