EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Custom httpsclient with SecureBlackBox on Android

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#31241
Posted: 11/01/2014 09:45:42
by Lemon Yang (Standard support level)
Joined: 11/24/2009
Posts: 48

we're looking for custom httpsclient on android solution with SecureBlackBox, it must support certificate and RSA keypairs stored in the external smartcard device.

My questions are:

1. does the SecureBlackBox support PKCS11 library on Android ?

2. or does SecureBlackBox support custom client validation and key exchange with external device?

3. are there any samples for httpsclient or SSLSocket for Android?

thank you very much.
#31242
Posted: 11/03/2014 01:25:41
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Quote
1. does the SecureBlackBox support PKCS11 library on Android ?

Yes it does via JNI.

Quote
2. or does SecureBlackBox support custom client validation and key exchange with external device?

Please describe this part in more details, so we'll be able to give your more detailed answer.

Quote
3. are there any samples for httpsclient or SSLSocket for Android?

We have extensive desktop samples, but code will be the same for Android.
#31243
Posted: 11/03/2014 02:23:06
by Eugene Mayevski (EldoS Corp.)

To add to Vsevolod's answer,

Quote
Lemon Yang wrote:
2. or does SecureBlackBox support custom client validation and key exchange with external device?


potentially you can create your own cryptoprovider which will deal with the keys and certificates (this is the way PKCS#11 works). Creating such cryptoprovider requires having the source code and looking into it for examples, but this is doable.


Sincerely yours
Eugene Mayevski
#31245
Posted: 11/03/2014 03:30:28
by Lemon Yang (Standard support level)
Joined: 11/24/2009
Posts: 48

thanks for your quick answer.

we're looking for the SecureBlackBox solution to realize httpsclient on the android, which will do the handshake with the keypair and certificate inside the external device. is it possible to implement such solution with SecureBlackBox ? is there any sample?
thank you very much.
#31246
Posted: 11/03/2014 03:41:39
by Eugene Mayevski (EldoS Corp.)

Yes, it is possible (complexity depends on whether your device supports PKCS#11 interface). No, there are no samples available.


Sincerely yours
Eugene Mayevski
#31247
Posted: 11/03/2014 03:42:06
by Vsevolod Ievgiienko (EldoS Corp.)

You can use our TElHTTPSClient class. See \secbboxjava\Samples\HTTPBlackbox\Client folder for samples.

Client certificates should be loaded to an instance of TElMemoryCertStorage and assigned to TElHTTPSClient.ClientCertStorage property: https://www.eldos.com/documentation/sb...orage.html

To load certificates from PKCS#11 device you should use TElPKCS11CertStorage class. The sample can be found in \secbboxjava\Samples\PKIBlackbox\PKCS11\CryptoTokenDemo folder.
#31248
Posted: 11/03/2014 03:59:19
by Lemon Yang (Standard support level)
Joined: 11/24/2009
Posts: 48

can you give me a trial license of secureblackbox for testing?
#31249
Posted: 11/03/2014 04:14:01
by Lemon Yang (Standard support level)
Joined: 11/24/2009
Posts: 48

thank you, I've found the license key file, sorry.

did you test the android code with pkcs11 so?
#31250
Posted: 11/03/2014 04:20:17
by Lemon Yang (Standard support level)
Joined: 11/24/2009
Posts: 48

and can you provide a SSLClient sample on Android?
#31251
Posted: 11/03/2014 04:23:15
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
did you test the android code with pkcs11 so?

Unfortunatelly we had not a chance to test PKCS#11 on Android, but we tested the same code on different Linux systems, so it should work as expected.

Quote
and can you provide a SSLClient sample on Android?

Currently we don't have samples for Android. As I wrote above you can use desktop samples as the code is the same for both targets.
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 1410 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!