[openssl-users] Android javax.net.ssl and FIPS compliance openSSL. (In Application vs Android Stack).
Nitz Malikarjun
nithin.cs.coorg at gmail.com
Mon Aug 1 07:51:20 UTC 2016
Hi folks,
AFAIK Android javax.net.ssl classes uses openSSL/BoringSSL library at C/Low
level for any SSL/TLS.
https://developer.android.com/reference/javax/net/ssl/package-summary.html.
/**
- Provides the Java side of our JNI glue for OpenSSL. */
https://android.googlesource.com/platform/external/conscrypt/+/f087968/src/main/java/org/conscrypt/OpenSSLSocketImpl.java
https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/java/org/conscrypt/NativeCrypto.java
https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/java/org/conscrypt
C++
https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/native/org_conscrypt_NativeCrypto.cpp
org_conscrypt_NativeCrypto.cpp
https://android.googlesource.com/platform/external/conscrypt/+/master/Android.mk
(Build OpenSSL or BoringSSL).
Intention: Load FIPS compliance openSSL libaray in my application and make
javax.net.ssl(okhttp) classes use the that library hence my application
become fips complaince.
https://wiki.openssl.org/index.php/FIPS_Library_and_Android
http://square.github.io/okhttp/
Simlilar to WolfSSL provider but its at firrware level or aosp, also its
not JSSE compatible.
http://www.linuxjournal.com/article/10896
is this feasible to load FIPS openSSL .OS and link it , what are
configuration at android java level ?
Thanks
Nithin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160801/5102fa77/attachment.html>
More information about the openssl-users
mailing list