I looked at this a while back, ultimately decided to go with a pure java implementation (BouncyCastle, iirc) since it was sufficient for my needs.
Anyway, you can use JNI to create a binding between the OpenSSL library and Java. This is a C layer and your main hassle will be ensuring that you have the memory management down cold. On the java side, you should find a copy of Java Security (O'Reilly) or comparable text and implement the full SPI so you can use the standard java classes. (You'll need to list yourself as a crypto service provider in the runtime configuration file -- see the book for details.) In J2SE you'll want to look at the javax.crypto.*Spi classes, I'm not sure if they're the same in J2ME. You could implement your own interface, of course, but that would prevent you from using third party libraries written to the standard interfaces. I think it's also much more risky from a project management perspective - how stable will your interface be, how will changes propagate through the rest of the software, how long will it take new staff to come up to speed, etc. Bear Chris Gray wrote: > Hello all, > > I'm looking for ways to use OpenSLL from Java on an embedded platform (J2ME > CDC), in order to be able to take advantage of the hardware crypto > acceleration which is available on that platform. Does anyone out there have > experience of this? Google comes up with a number of projects: > - JavaSSL: link (from http://www.openssl.org/related/apps.html) is broken. > - ITISSL: server http://sponsor.iti.informatik.tu-darmstadt.de/itissl/ is > not > reachable. > - SSLava (from Phaos): but does this useOpenSSL? Looks like not. > - PureTLS + GoNative: looks hopeful, but is it maintained? The web page > mentions a serious problem with SHA-1 which "will be fixed in the next > version" ... > > BTW what is GSS-API (RFC 2853), which also turned up in my searches? I know > it > stands for Generic Security Service, but where does it fit into the puzzle? > > TIA, > > Chris > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
