Need Conscrypt library Sample Code for use in Android

[harman...@daimler.com]

Hi Conscrypt Team,

 

We have come to a conclusion that Conscrypt library provided you is a suitable library for our use case of connecting a TCP socket server using TLS. We have been trying to use the library as provided, but we are facing some issues while integrating it. Predominantly we require some guide or a demo project that could help us understanding the library at large. Hence it would be of great help from your side if you could help us in this regard.

 

Just to let you know we use Certificate based PSK communication for our Socket Server.

 

Thanks & Regards,

Kirti Singh

If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support.

[Kenny Root]

You'd probably have to present more information about the protocol running over the socket if you want better guidance. For instance if you're making a new protocol, I'd recommend looking at gRPC-Java (https://github.com/grpc/grpc-java) which uses Conscrypt under the hood. Otherwise any example using SSLEngine or SSLSocket should work with Conscrypt installed.

If it's SSLEngine that is giving you problems, you aren't alone in your frustration with the difficult-to-use-API. I haven't tried other projects that try to make SSLEngine more easy to use, but this looks promising: https://github.com/marianobarrios/tls-channel

[kirtis...@gmail.com]

Hi Kenny,

Thanks for responding.

We are using Conscrypt library for establishing PSK(pre shared key) based communication to TCPs server. For Read/Write we added TLSClient which is based on sslEngine and the sslContext is initialised from pskKeyManagers provided from Conscrypt. During API response which has large data payload, we are getting error.

I have mentioned the full description of error on stackOverflow

https://stackoverflow.com/questions/58302837/android-nio-not-able-to-read-large-data-from-socketchannel-error-buffer-under

Since we are using SocketChannel which is based on NIO, and therefor using Conscrypt which is based on Boring SSL.

So, i think its possible to use Conscrypt for Write/Read data from TCPs SocketChannel but we are not getting any sample code for using the Conscrypt  for TLS communication (Certificate and PSK based). Please guide us on this.

Thanks & Regards,
Kirti Singh