BouncyCastle implementation with X509Certificate signing, KeyStore generation, and Socket creation

The following is a (somewhat messy) implementation of the BouncyCastle cryptography library. I create a self-signed certificate (hopefully correctly), store it in a Java KeyStore, and use it to create an SSL (TLSv1.2) socket session. I am not concerned about efficiency, as this was mainly a proof of concept code to familiarize myself with the library and handle data cryptography in Java.

I mainly want this code to be reviewed from a security standpoint, and whether I am making safe habits or not. If there are any major errors in either security or code usage, feedback would be appreciated.

Main (Used for testing)

//Copyright (C) Leejae Karinja 2016 

import java.net.Inet4Address;

public class Main {

    public static void main(String[] args) {
        new Thread() {

            public void run() {
                Server s = new Server(13579);
                s.start();
                s.sendData("Hello, World!".getBytes());
                s.stop();
            }
        }.start();
        new Thread() {

            public void run() {
                try {
                    Client c = new Client(Inet4Address.getLocalHost().getHostAddress(), 13579);
                    c.start();
                    System.out.println(new String(c.receiveData()));
                    c.stop();
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        }.start();
        return;
    }
}

Server

```
//Copyright (C) Leejae Karinja 2016

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.X509Certificate;
import ja

• In general just using printStackTrace to handle exceptions is not

good practice. If you don't care about handling it, just don't catch
it.

• return at the end of a method is unnecessary.

• For string data using plain getBytes/the plain String constructor

instead of specifying e.g. UTF-8 as the encoding seems more risky for
no benefit. I guess the platform default is useful in some
circumstances, but sending data over the network is not one of them.

• The port number should be a constant.

• The default empty constructor that doesn't set the port number seems

not useful.

• Streams' close methods should be called no matter what, that is, use

try/finally to ensure closing resources.

Sending the data as a sequence terminated by -1 will break immediately
once you send a general purpose file, instead send the length first or
escape the offending pattern in all sent data.

Also it would be good to use a shared class for the shared methods.

Unfortunately without a deep look into the documentation I can't say
anything about the crypto part. You might want to ask on the
Information Security site as well.
In any case, if you really want to implement this yourself maybe try to
run each of the client and server against a second implementation using
an established library and compare.

StackExchange Code Review Q#117944, answer score: 2