Yes: http://trac.pjsip.org/repos/wiki/FAQ#tls

On Sun, Jan 18, 2009 at 12:51, mohamed hassan e-mohhassan@hotmail.com wrote:

--
Perry Ismangil

Thanks, is this support in symbian? and TLS one way authentication or two way?

News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx

It was a discussion we was doing last week, regarding TLS support.

There are several opportunities, one is to use some cross-platform SSL
library that till require Symbian OS porting.

The other one is to create a wrapper around current OpenSSL
implementation in order to make it working with Symbian OS standard
CSecureSock SSL/TLS implementation:
http://wiki.forum.nokia.com/index.php/CSecureSocket_example
http://www.symbian.com/developer/techlib/v9.1docs/doc_source/reference/reference-cpp/N102AA/CSecureSocketClass.html

Current PJSIP implementation is based on OpenSSL that, as a library,
works on:

• Windows
• Windows Mobile (http://www.it.uc3m.es/pervasive/wce_lite_compat/ &
  http://www.mail-archive.com/openssl-users@openssl.org/msg54834.html &
  http://marc.info/?l=openssl-dev&m=122536319510494&w=2 )
• Mac OS X
• Linux/Unix

It lacks Symbian, because OpenSSL does not work on that platform, so
another implementation (not openssl) or the operating system one
(CSecureSocket) has to be implemented and integrated.

Imho the goal of PJSIP should be to use the platform provided SSL/TLS
implementation in order to let the operating system manage:

• the trusted root CA list
• the CRL checking
• the import/export of digital certificates with pkcs#12
• the import/export of public keys in DER/PEM formats
• the keychain support for dynamically unlocking operating system keychain

So imho the SSL/TLS should be implemented using the operating system
SSL/TLS stack where possible, for Symbian for sure we can't use OpenSSL :(

Mohamed, are you going to implement a wrapper for Symbian CSecureSocket
support on PJSIP platform?

Fabio

mohamed hassan wrote:

Just to add:

Symbian has released Open C/C++ plugins for S60 3rd Edition SDK which includes 2 libs based on OpenSSL for cryptography operations.
http://www.forum.nokia.com/info/sw.nokia.com/id/91d89929-fb8c-4d66-bea0-227e42df9053/Open_C_SDK_Plug-In.html
http://www.forum.nokia.com/info/sw.nokia.com/id/8271db20-cf52-4bb9-91ad-5ff5338f485f/Open_C_Developer_Productivity_v1_2_en.pdf.html

Based on the datasheet mentioned in the link above, around 80% features of OpenSSL are covered in Open C libs. I guess we can use these libs.

Benny, any comments???

Also from 60 3rd Edition SDK Feature Pack 2, Nokia is planning to harden the runtime of these plugins also into the OS image. So, we will save upon app size as well.

-----Original Message-----
From: pjsip-bounces@lists.pjsip.org [mailto:pjsip-bounces@lists.pjsip.org] On Behalf Of Fabio Pietrosanti (naif)
Sent: Monday, January 19, 2009 3:22 PM
To: pjsip list
Subject: Re: [pjsip] TLS support

It was a discussion we was doing last week, regarding TLS support.

There are several opportunities, one is to use some cross-platform SSL
library that till require Symbian OS porting.

The other one is to create a wrapper around current OpenSSL
implementation in order to make it working with Symbian OS standard
CSecureSock SSL/TLS implementation:
http://wiki.forum.nokia.com/index.php/CSecureSocket_example
http://www.symbian.com/developer/techlib/v9.1docs/doc_source/reference/reference-cpp/N102AA/CSecureSocketClass.html

Current PJSIP implementation is based on OpenSSL that, as a library,
works on:

• Windows
• Windows Mobile (http://www.it.uc3m.es/pervasive/wce_lite_compat/ &
  http://www.mail-archive.com/openssl-users@openssl.org/msg54834.html &
  http://marc.info/?l=openssl-dev&m=122536319510494&w=2 )
• Mac OS X
• Linux/Unix

It lacks Symbian, because OpenSSL does not work on that platform, so
another implementation (not openssl) or the operating system one
(CSecureSocket) has to be implemented and integrated.

Imho the goal of PJSIP should be to use the platform provided SSL/TLS
implementation in order to let the operating system manage:

• the trusted root CA list
• the CRL checking
• the import/export of digital certificates with pkcs#12
• the import/export of public keys in DER/PEM formats
• the keychain support for dynamically unlocking operating system keychain

So imho the SSL/TLS should be implemented using the operating system
SSL/TLS stack where possible, for Symbian for sure we can't use OpenSSL :(

Mohamed, are you going to implement a wrapper for Symbian CSecureSocket
support on PJSIP platform?

Fabio

mohamed hassan wrote:

Visit our blog: http://blog.pjsip.org

pjsip mailing list
pjsip@lists.pjsip.org
http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org

**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely
for the use of the addressee(s). If you are not the intended recipient, please
notify the sender by e-mail and delete the original message. Further, you are not
to copy, disclose, or distribute this e-mail or its contents to any other person and
any such actions are unlawful. This e-mail may contain viruses. Infosys has taken
every reasonable precaution to minimize this risk, but is not liable for any damage
you may sustain as a result of any virus in this e-mail. You should carry out your
own virus checks before opening the e-mail or attachment. Infosys reserves the
right to monitor and review the content of all messages sent to or from this e-mail
address. Messages sent to or from this e-mail address may be stored on the
Infosys e-mail system.
INFOSYS***** End of Disclaimer *****INFOSYS

in my opinion using CSecureSocket will be better choise, since pjlib used
all Symbian C++ library.

atik

On Mon, Jan 19, 2009 at 6:34 PM, girish_kumar girish_kumar@infosys.comwrote:

Thanks for all, I'm trying suggestions.

Date: Mon, 19 Jan 2009 19:07:45 +0800
From: atik.khan@gmail.com
To: pjsip@lists.pjsip.org
Subject: Re: [pjsip] TLS support

in my opinion using CSecureSocket will be better choise, since pjlib used all Symbian C++ library.

atik

On Mon, Jan 19, 2009 at 6:34 PM, girish_kumar girish_kumar@infosys.com wrote:

Just to add:

Symbian has released Open C/C++ plugins for S60 3rd Edition SDK which includes 2 libs based on OpenSSL for cryptography operations.

http://www.forum.nokia.com/info/sw.nokia.com/id/91d89929-fb8c-4d66-bea0-227e42df9053/Open_C_SDK_Plug-In.html

http://www.forum.nokia.com/info/sw.nokia.com/id/8271db20-cf52-4bb9-91ad-5ff5338f485f/Open_C_Developer_Productivity_v1_2_en.pdf.html

Based on the datasheet mentioned in the link above, around 80% features of OpenSSL are covered in Open C libs. I guess we can use these libs.

Benny, any comments???

Also from 60 3rd Edition SDK Feature Pack 2, Nokia is planning to harden the runtime of these plugins also into the OS image. So, we will save upon app size as well.

-----Original Message-----

From: pjsip-bounces@lists.pjsip.org [mailto:pjsip-bounces@lists.pjsip.org] On Behalf Of Fabio Pietrosanti (naif)

Sent: Monday, January 19, 2009 3:22 PM

To: pjsip list

Subject: Re: [pjsip] TLS support

It was a discussion we was doing last week, regarding TLS support.

There are several opportunities, one is to use some cross-platform SSL

library that till require Symbian OS porting.

The other one is to create a wrapper around current OpenSSL

implementation in order to make it working with Symbian OS standard

CSecureSock SSL/TLS implementation:

http://wiki.forum.nokia.com/index.php/CSecureSocket_example

http://www.symbian.com/developer/techlib/v9.1docs/doc_source/reference/reference-cpp/N102AA/CSecureSocketClass.html

Current PJSIP implementation is based on OpenSSL that, as a library,

works on:

• Windows

• Windows Mobile (http://www.it.uc3m.es/pervasive/wce_lite_compat/ &

http://www.mail-archive.com/openssl-users@openssl.org/msg54834.html &

http://marc.info/?l=openssl-dev&m=122536319510494&w=2 )

• Mac OS X

• Linux/Unix

It lacks Symbian, because OpenSSL does not work on that platform, so

another implementation (not openssl) or the operating system one

(CSecureSocket) has to be implemented and integrated.

Imho the goal of PJSIP should be to use the platform provided SSL/TLS

implementation in order to let the operating system manage:

• the trusted root CA list

• the CRL checking

• the import/export of digital certificates with pkcs#12

• the import/export of public keys in DER/PEM formats

• the keychain support for dynamically unlocking operating system keychain

So imho the SSL/TLS should be implemented using the operating system

SSL/TLS stack where possible, for Symbian for sure we can't use OpenSSL :(

Mohamed, are you going to implement a wrapper for Symbian CSecureSocket

support on PJSIP platform?

Fabio

mohamed hassan wrote:

Visit our blog: http://blog.pjsip.org

pjsip mailing list

pjsip@lists.pjsip.org

http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org

**************** CAUTION - Disclaimer *****************

This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely

for the use of the addressee(s). If you are not the intended recipient, please

notify the sender by e-mail and delete the original message. Further, you are not

to copy, disclose, or distribute this e-mail or its contents to any other person and

any such actions are unlawful. This e-mail may contain viruses. Infosys has taken

every reasonable precaution to minimize this risk, but is not liable for any damage

you may sustain as a result of any virus in this e-mail. You should carry out your

own virus checks before opening the e-mail or attachment. Infosys reserves the

right to monitor and review the content of all messages sent to or from this e-mail

address. Messages sent to or from this e-mail address may be stored on the

Infosys e-mail system.

INFOSYS***** End of Disclaimer *****INFOSYS

Visit our blog: http://blog.pjsip.org

pjsip mailing list

pjsip@lists.pjsip.org

http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org

Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy!
http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us

Mohamed, are you going to implement it?

If so, please share in advance design decision and suggestion as long as
your code could be used for a reference implementation.

Fabio

mohamed hassan wrote:

there is some problem between CActive-Object and thread (in OpenC) by
synchronisation.

But POSIX-Standard OpenC makes the porting of application to Symbian much
easier.

Regards

Pai

On Mon, Jan 19, 2009 at 12:07 PM, atik atik.khan@gmail.com wrote: