An update on where I am so far with this. The implementations of the
SSLSocket, SSLSession, SSLContext and their related classes are
complete. The tests for these classes all pass for me now with my latest
set of changes. I've started removing a lot of the classes that have
been replaced by calling to OpenSSL. There are a few left, but these
still have references from the SSLEngine implementation so I won't
remove them until SSLEngineImpl is working. I think the SSLEngine
implementation is the last piece of work required to have a full set of
APIs, and I'm going to tackle that next.
I think these classes would benefit from more tests, but I'll turn my
attention to that one the implementation is complete.
Regards,
Oliver
On 19/07/2010 17:15, Oliver Deakin wrote:
Hi all,
I'm currently investigating the possibility of implementing a JSSE
provider wrapping OpenSSL. This has a couple of obvious advantages:
- The onus of code maintenance and bug fixing in a security sensitive
area is moved outside of Harmony.
- New protocols can be integrated into the Harmony provider with
minimal effort (updating dependencies rather than implementing them
ourselves).
Really I'm sending this mail as a heads up, but would be interested to
know if anyone has any experience/opinions in this area. In
particular, I'd be interested in ideas on:
- the best way to setup OpenSSL as a dependency - precompile the
libraries and make them available for download or compile them at
build time on the user's machine.
- how to tie in the Java x-net APIs to the OpenSSL APIs.
Any comments/suggestions welcome.
Regards,
Oliver
--
Oliver Deakin
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
