Java: How to abstract between "regular" TCP Socket and SSLSocket

Question

Edit: Removed startHandshake(); as it's irrelevant to the question and rarely needed (for example, not in my case)

I have a rather specific and rare client-server protocol (over TCP).
I've implemented it using SSLSocket.
Now, I foresee that I might need to use the same protocol over an un-encrypted connection.

My problem is that the class implementing the protocol has a field: public SSLSocket currentSocket;
(and then the methods in my client class do all sorts of .read(), .write(), flush()... )

I thought about changing the field type, like so: public Socket currentSocket;
However, then, the problem is that my connection procedure is incompatible:

public static void connect () {
currentSocket = SslUtils.getSSLsocket(host, port, keystoreFile, keystorePass, pkPass);
...

• java.net.Socket 's default constructor obviously doesn't accept keystore stuff

I don't want to re-implement my whole client just for this difference...

• One thought I have is, when I need a plaintext Socket, to create an SSLSocket with no encryption.
  I don't know if that's a professional way of doing it or if it will even work (the server will expect a plaintext client socket in the new use case)

• My other idea is to define two fields, one for plaintext socket, one for SSL socket and then use logic to link the in/out streams to the correct field, as needed. However, that will result in a "hanging" field. If you use SSL, there will be a redundant field Socket plaintextSocket and vice-versa...

Is there a way to make my currentSocket field more abstract, so that I can define it in the same client, then instruct a slightly different client code path depending on a known variable (something like needSSLsocket=true ) for the instantiation and connection?

Answer 1

SSLSocket extends Socket , so you can assign an SSLSocket object to a Socket variable. You are right to change your currentSocket field to a Socket . Simply use another variable to handle the SSLSocket when needed, eg:

public static void connect () {
    if (needSSLsocket) {
        SSLSocket ssl = SslUtils.getSSLsocket(host, port, keystoreFile, keystorePass, pkPass);
        ssl.startHandshake();
        ...
        currentSocket = ssl;

        /* or:
        currentSocket = SslUtils.getSSLsocket(host, port, keystoreFile, keystorePass, pkPass);
        ((SSLSocket) currentSocket).startHandshake();
        ...
        */
    } else {
        currentSocket = new Socket(host, port);
    }
    ...
}