I want to create Java server which can communicate securely with C client over network. I choose to use GnuTLS for cryptographic library. The problem is that GnuTLS is written in C.
I have two questions:
1. Is it possible to use Java with GnuTLS using JNI?
2. Is it possible to use the internal Java cryptographic package for the server side and GnuTLS and C for the client side? Will they be compatible?
I want to create Java server which can communicate securely with C client over
Share
TLS 1.0, 1.1 and 1.2 are IETF standards, which are specifically designed so that their implementations can inter-operate (in practice, most SSL/TLS libraries will also include support for SSLv3 at least). This happens all the time when you connect to a webserver (for example, running Apache backed by OpenSSL) from a browser which tend not to share their SSL/TLS stacks (e.g. IE, Firefox and Safari use different SSL/TLS libraries).
It might be possible to use GnuTLS with JNI from Java, but I’m not sure it’s worth the effort. Java already has the JSSE.
What may cause a problem are the version of TLS you’re planning to use and the support for cipher suites.
The Oracle JRE uses the Sun Provider. What’s supported is documented in the SunJSSE provider documentation for Java 6 and for Java 7 (in particular, TLS 1.1 and 1.2 are not supported in Java 6). There are also tables showing what is supported by various implementations on Wikipedia, but you may also have to look at the documentation for the specific version you want to use for accurate data.
For example, it’s possible to connect to a Java server (e.g. Jetty) running on a Java 6 JRE from
cURLcompiled against GnuTLS.