Android SSL JNI structure?

Question

Hello,

I have been looking at Android's javax.net.ssl package, but am still confused as to how it works with the underlying JNI glue in place.

From what I see, all of the classes under the javax.net.ssl package (/libcore/x-net/src/main/java/javax/net/ssl) are abstract and do not directly implement functionality.

All of the functionality of the above is implemented in the org.apache.harmony.xnet.provider.jsse folder (/libcore/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse), and this implementation makes calls to the underlying JNI C code.

Would anyone be able to tell me how the provider is linked to the abstract classes, given that the user calls the abstract classes directly from their code. I thought that usually the user would call the subclass, but in this case it seems to be the opposite.

Thanks,
Chris

Answer 1

Ok, after some research, I think I've got my head wrapped around this. It looks like Apache Harmony is acting as a Java Security Provider for the javax.net.ssl package.

Because OpenSSL is being used under the hood, JNI must be used to allow Java to talk with the C code of OpenSSL.

The provider is defined in a file called "java.security", and a good overview of adding a provider to Java can be found at this link: http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html