Create and Configure a Custom Socket

This example shows how an implementation of SSL can create an instance of SSLSocket, configure it, and then return it. The MySSLSocketFactory class implements SybSocketFactory and extends javax.net.ssl.SSLSocketFactory to implement SSL. It contains two createSocket methods—one for SSLSocketFactory and one for SybSocketFactory—that:

• Create an SSL socket

• Invoke SSLSocket.setEnableCipherSuites to specify the cipher suites available for encryption

• Return the socket to be used by jConnect

public class MySSLSocketFactory extends SSLSocketFactory
   implements SybSocketFactory
 {
 /**
 * Create a socket, set the cipher suites it can use, return 
 * the socket.
 * Demonstrates how cither suites could be hard-coded into the
 * implementation.
 *
 * See javax.net.SSLSocketFactory#createSocket
 */

public Socket createSocket(String host, int port)
   throws IOException, UnknownHostException
 {
   // Prepare an array containing the cipher suites that are to 
   // be enabled.
   String enableThese[] =
   {
       "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
       "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
       "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
   }
   ;
   Socket s =
       SSLSocketFactory.getDefault().createSocket(host, port);
   ((SSLSocket)s).setEnabledCipherSuites(enableThese);
   return s;
 }

/**
 * Return an SSLSocket.
 * Demonstrates how to set cipher suites based on connection
 * properties like:
 * Properties _props = new Properties();
 * Set other url, password, etc. properties.
 * _props.put(("CIPHER_SUITES_1",
 *    "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA");
 * _props.put("CIPHER_SUITES_2",
 *    "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5");
 * _props.put("CIPHER_SUITES_3",
 *     "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA");
 * _conn = _driver.getConnection(url, _props);
 *
 * See com.sybase.jdbcx.SybSocketFactory#createSocket
 */

public Socket createSocket(String host, int port, 
   Properties props)
   throws IOException, UnknownHostException
 {
   // check to see if cipher suites are set in the connection
   // properites
   Vector cipherSuites = new Vector();
   String cipherSuiteVal = null;
   int cipherIndex = 1;
   do
   {
       if((cipherSuiteVal = props.getProperty("CIPHER_SUITES_"
           + cipherIndex++)) == null)
       {
           if(cipherIndex <= 2)
           {
               // No cipher suites available
               // return what the object considers its default
               // SSLSocket, with cipher suites enabled.
               return createSocket(host, port);
           }
           else
           {
               // we have at least one cipher suite to enable
               // per request on the connection
               break;
           }
           else
           }
               // add to the cipher suit Vector, so that
               // we may enable them together
               cipherSuites.addElement(cipherSuiteVal);
           }
       }
       while(true);

      // lets you create a String[] out of the created vector
       String enableThese[] = new String[cipherSuites.size()];
       cipherSuites.copyInto(enableThese);

       Socket s =
           SSLSocketFactory.getDefault().createSocket
             (host, port);
       // enable the cipher suites
       ((SSLSocket)s).setEnabledCipherSuites(enableThese);

      // return the SSLSocket
       return s;
   }

  // other methods
 }

For additional information, see:

• EncryptASE.java – located in the sample2 subdirectory of your jConnect installation, this sample shows how to use the SybSocketFactory interface with jConnect applications.

• MySSLSocketFactoryASE.java – also located in the sample2 subdirectory of your jConnect installation, this is a sample implementation of the SybSocketFactory interface that you can plug in to your application and use.