javaudpjssedtls

Is there a DTLS implementation in JSSE


I want to implement a DTLS 1.0 client in Java and after googling a bit I found that the JSSERefGuide says the following:

The JSSE API is capable of supporting SSL versions 2.0 and 3.0 and TLS version 1.0. These security protocols encapsulate a normal bidirectional stream socket, and the JSSE API adds transparent support for authentication, encryption, and integrity protection. The JSSE implementation shipped with the JDK supports SSL 3.0, TLS (1.0, 1.1, and 1.2) and DTLS (version 1.0 and 1.2). It does not implement SSL 2.0.

So I thought I could implement it in pure Java without using any library (e.g. BouncyCastle)

But when I try running (and a few other, like DTLSv1.2, DTLSv1...):

final SSLContext sslContext = SSLContext.getInstance("DTLSv1.0", "SunJSSE");

It throws:

Exception in thread "main" java.security.NoSuchAlgorithmException: no such algorithm: DTLSv1.0 for provider SunJSSE
at sun.security.jca.GetInstance.getService(GetInstance.java:87)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:199)

while for example the following works:

final SSLContext sslContext = SSLContext.getInstance("TLSv1.2", "SunJSSE");

Listing all Security Providers I find no DTLS stuff at all.

So is there actually a DTLS implementation? And if so how are you supposed to use it?


Solution

  • The doc is right and you get an Exception because there is no DTLS protocol : https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#SSLContext

    Choosing DTLS comes at the moment of creating the socket, as it will be one of TCP or datagram types. As beginning, it will look like :

    DatagramSocket s = new DatagramSocket();
    ...
    
    final SSLContext sslContext = SSLContext.getInstance("TLSv1.0", "SunJSSE");
    sslContext.init(null, yourSSLTrustManager, null);
    
    SSLSocketFactory factory = (SSLSocketFactory)sslContext.getSocketFactory();
    SSLSocket daSocket = (SSLSocket) factory.createSocket(s, host, port, false);