On Fri, Mar 16, 2012 at 8:23 PM, Brian Carlstrom <[email protected]> wrote: > if by "android provider" the java.security.Provider, it doesn't have DTLS > support. I thought the D stood for datagram, what API would you use? not > SSLSocket. SSLEngine? that isn't wired up to OpenSSL. I'm not sure what would be used for DTLS in OpenSSL (and I'm too lazy to browse the sources at the moment). I still remember all the problems with IPSec and UDP, and I'm not looking forward to key exchange using fire-and-forget datagrams.
Jeff > On Fri, Mar 16, 2012 at 5:19 PM, Jeffrey Walton <[email protected]> wrote: >> >> On Fri, Mar 16, 2012 at 10:44 AM, Echelon <[email protected]> wrote: >> > First of all thanks for the quick reply. >> > >> > I am trying to proceed by steps: >> > Since by default the OpenSSL provider is included among the android >> > security >> > providers, and SSL/TLS is enabled as well, I would use this protocol >> > before >> > doing what suggested. >> The default provider might not have DTLS, and if it does, it is might >> be defective. http://www.openssl.org/news/secadv_20120104.txt. >> >> > The problem is that I couldn't find a way to do it, using from the >> > android >> > app (Java) the OpenSSL implementation of SSL/TLS, that I know happens >> > via a >> > JNI call. >> Probably does not have DTLS support. >> >> nm -D --extern-only --defined-only <openssl library>. will let you >> know what the library is exporting. Pipe it through grep(1) and look >> for the DTLS gear. >> >> Jeff >> >> > On Friday, 16 March 2012 15:18:51 UTC+1, Jeffrey Walton wrote: >> >> >> >> > Hi, >> >> > I am trying to figure out how can I create a client/server >> >> > application >> >> > using >> >> > DTLS from either OpenSSL or CyaSSL, or even BouncyCastle >> >> > (SpongyCastle) >> >> > modifying the sources but I am encountering difficulties in loading >> >> > the >> >> > context and specifying the DTLS method in a datagram socket. >> >> > Anyone has experience or link to guidelines? >> >> DTLS is in OpenSSL. Fetch the sources from HEAD, and build similar to >> >> >> >> >> >> https://github.com/fries/android-external-openssl/blob/master/README.android. >> >> -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
