jessie-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jessie-discuss] Running GNU-Classpath-SSL with Sun-JDK1.5


From: Casey Marshall
Subject: Re: [Jessie-discuss] Running GNU-Classpath-SSL with Sun-JDK1.5
Date: Fri, 23 Mar 2007 19:10:59 -0700

On Mar 23, 2007, at 6:21 PM, chinmaya wrote:

Casey,

Great !!! :) got it working .. .

I am planning to export (use) the Master secret from the SSL Sessions inside my application.

So I plan to change the jessie's code and put some hooks
so that my application can extract master-key from every session and
use it for a key derivation.

Also I would want to put hooks in to provider code so that my application
get some info on Client/Server hello and alert messages.

Do you think this is achievable ? Do you foresee any problem with this.


This should be fine. For master secrets, you probably want to hack the SessionImpl class. There is some support for "pluggable" session stores through the class AbstractSessionContext, but it exports master secrets as SealedObjects, which likely won't do what you want.

Would Sun JDK put any security restrictions to application code accessing
provider code directly?


I doubt it does.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]