Has anyone tried plugging one of the Java TLS libraries into Kawa? There are at least two options: * Bouncy Castle <https://bouncycastle.org> * Java Secure Socket Extension (JSSE) <https://en.wikipedia.org/wiki/Java_Secure_Socket_Extension>
Plugging in the sense of writing a wrapper with more idiomatic scheme api,
or just using? If it's the later and you want to see how to get some
specific usecase working, I could play around with it in the evening and
see what I get.
2020-09-28, pr, 13:45 Lassi Kortela <lassi@lassi.io> rašė:
> Has anyone tried plugging one of the Java TLS libraries into Kawa?
>
> There are at least two options:
>
> * Bouncy Castle
> <https://bouncycastle.org>
>
> * Java Secure Socket Extension (JSSE)
> <https://en.wikipedia.org/wiki/Java_Secure_Socket_Extension>
>
> Plugging in the sense of writing a wrapper with more idiomatic scheme > api, or just using? Eventually a nice wrapper, but getting it working at all would be a good start :) > If it's the later and you want to see how to get > some specific usecase working, I could play around with it in the > evening and see what I get. Great, thanks! That would be awesome. TLS support in Scheme implementations is uneven and doesn't have a standard interface. To that end, I'd like to write a "TLS pipe" SRFI that provides the same API on all supported Schemes, irrespective of which backend library is used as the TLS implementation. The SRFI should be written so that it works on JVM schemes as well, instead of assuming that all the world is C and OpenSSL. A working Kawa implementation would be a good way to ensure portability.
I made an example of an ssl server socket, which prints to the console what it receives https://github.com/arvyy/kawa-ssl-socket-example (instructions included in repo) 2020-09-28, pr, 15:08 Lassi Kortela <lassi@lassi.io> rašė: > > Plugging in the sense of writing a wrapper with more idiomatic scheme > > api, or just using? > > Eventually a nice wrapper, but getting it working at all would be a good > start :) > > > If it's the later and you want to see how to get > > some specific usecase working, I could play around with it in the > > evening and see what I get. > > Great, thanks! That would be awesome. > > TLS support in Scheme implementations is uneven and doesn't have a > standard interface. To that end, I'd like to write a "TLS pipe" SRFI > that provides the same API on all supported Schemes, irrespective of > which backend library is used as the TLS implementation. The SRFI should > be written so that it works on JVM schemes as well, instead of assuming > that all the world is C and OpenSSL. A working Kawa implementation would > be a good way to ensure portability. >
> I made an example of an ssl server socket, which prints to the console
> what it receives https://github.com/arvyy/kawa-ssl-socket-example
> (instructions included in repo)
Thank you very much! I tested the server and it works fine on my computer.
Do you know off the cuff how to make a matching Kawa TLS client?