Android SSL TLS connection to XMPP server

Question

I am trying to connect to an XMPP server requiring "Encryption (SSL or TLS)". I cannot use Smack or other third-party libraries (school project)

Here is my Java code to initialize an SSL socket :

KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
TrustManagerFactory trustManagerFactory=TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
socket = sslContext.getSocketFactory().createSocket(HOST, PORT);
socket.setKeepAlive(true);

If I try to open the stream on the socket:

socket.getOutputStream()

I get this error :

javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x76cb46a0: Failure in SSL library, usually a protocol error

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (external/openssl/ssl/s23_clnt.c:766 0x72fb3d74:0x00000000)

at com.android.org.conscrypt.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:448)

Does anyone know where is the issue from ?

Answer 1

From having a short look at the XMPP core specification it does not look like you can simple use a socket and upgrade it immediately to TLS. Instead you have to first use some kind of STARTTLS command and only after that you can upgrade to TLS. This is similar to explicit TLS in SMTP, IMAP etc.

For more details please see the specification . Some shorter information you will find here .