This content has been marked as final. Show 13 replies
The general purpose security, for example for the return channel, is provided by the Transport Layer Security protocol (TLS). At a minimum it will provide RSA, SHA-1, and DES.
I have seen the package - org.dvb.net.ssl - in the MHP but I have not used it so can't give much information here. But this package enables applications to provide keys and certificates for SSL/TLS connections.
MHP and OCAP/tru2way supports HTTP. But your applicaion needs permissions to use any of the transport communication APIs.
If you want to use secure http connection in Java environment,
you can refer and try JSSE (Java Secure Socket Extension).
I once have tried the reference implementation from Sun, and it worked but was little bit disappointing in performance.
However it was a few years ago when I used it. I hope there is much improvement in RI, and even there are
lot of commercial solutions for JSSE.
I think you can use javax.net to create SSLSocketFactory. Maybe I'm wrong but that little piece of javax.net is implemented. I can't tell you for sure, I upgraded some apis from my STB, so maybe is not in yours. But, please, give it a try and tell us (or me ;) ) if you can or you get some classnotfound exception.
I am trzing to use the JSSE. My STB doesent have the the full implementation of the JSSE, mainly the classes concerning about Hhttps connection like the HttpsUrlConnection. So, i am trying to import the jsse implementation to my project. But the problem is that in the lower layers of the https implementations there are some classes that exists in my STB and in the jsse. So when this classes are called, it always instanciates the classses in the STB, aand it doesnt work, cause a exception saying "Export restriction: SunJSSE only" is trown.
Are there any way to set the JVM to search first the classes in my project?
I am not sure if this helps you. But FYI, what I did when I used Sun's reference implementation...
Register the JSSE provider (com.sun.net.ssl.internal.ssl.Provider)
-> Modify $JAVA_HOME/jre/lib/security/java.security so it contains something like:
Any STB will work with JSSE, all of them are based on Java PersonalProfile (or CDC/CDLC) so forgot about using JSSE in the STB.
Just give a try to the javax.net.sslsocketfactory, in a standar STB it doesn't throw any ClassNotFound exception, it may work. I've tested it on an ADB STB and it creates correctly the object.
Edited by: Zuarko on Jan 29, 2009 1:48 PM
I could make it work. There is just one problem in the class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl, becouse it throws an exception due the lines below:
It happens because in the STB there is also a class SSLSocketImpl, but not with the same package. So the class instanciated is always the class in the STB.
Class localClass = SSLSocketFactoryImpl.c = class$("com.sun.net.ssl.internal.ssl.SSLSocketImpl"); System.out.println("SSLSocket:"+paramSSLSocket.getClass().getName()); if (paramSSLSocket.getClass() != localClass) throw new RuntimeException("Export restriction: SunJSSE only");
You should stick to the given STB virtual machine instead of trying to move it to a greater implementation. You can finally make non-compatible and non-standard applications (Maybe they don't work on other STBs) Maybe it's a virtual machine limitation to its own implementation (I really don't know)
What's the size of the final application? Have you tried the own STB classes?
Anyway, re-reading one of your first posts in this thread you say that your STB doesn't have a full JSSE implementation. STBs don't implement JSSE, they work with a reduced version that is not JSSE, you STB should be well implemented with the STBs own implementation.