It depends. The default SSLSocket implementation uses OpenSSL for all communication, so any AES used within that context will be from OpenSSL. However, if you are just using a Cipher for AES, that currently is just done with bouncycastle. Mostly alternative OpenSSL implementations have done where warranted for system use such as MessageDigests (md5/sha1/etc) and for RSA signature verification (but not signing, which means its not a full Signature implementation). I was a bit surprised the Cipher's weren't done in OpenSSL, but then a survey of the source tree showed why, there wasn't really any usage to motivate it.
-bri On Thu, Oct 27, 2011 at 7:51 AM, Pandit <[email protected]> wrote: > Does Dalvik VM on Android actually (or eventually) use OpenSSL > implementation or some thing else? For an example, the implementation > of AES? > > Thank you, > - Pandit > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
