SSONET - Secure TCP-IP Connections Library

Overview

The library can be used to establish secure TCP-IP connections between two partners, client and server. Therefore a socket interface similar to the standard Java socket interface is used. It only differs from that in the socket constructor, which needs an additional SSONETContext-object as a parameter. The SSONETContext contains a security configuration for the socket and it registers callback-methods, which are needed during the connection establishment protocol.

Connection establishment protocol

Connection establishment includes the following steps:
  1. The client opens a TCP-IP connection to the server, either directly, if no client-anonymity is required, or through a (anonymizing) proxy, if client anonymity is required.
  2. Negotiation about the security goals, which client and server want to enforce.
  3. Exchange of clients and servers (pseudonymous) certificates.
  4. Negotiation about security mechanisms to use and their parameters (key length, ...)
  5. Initialization of the security mechanisms and key exchange.
Here you can see a diagram of the connection establishment protocol:



For further details please refer to the source documentation and the sourcecode itself.

How to implement client and server

Please look at the documentation and the sourcecode of the example in org.ssonet.examples.net. The classes testClient and testServer implement the minimal requirements of a client and server using SSONET.