ISSL over ISOCKET | developer.brewmp.com ISSL over ISOCKET | developer.brewmp.com

Developer

ISSL over ISOCKET

Forums:

Hi,

In my app i was using ISocket and now i have to conenct to a https server and hence the ned to make it SSL. Before i give up and change my code to use IWB i actually tried to use ISSL over ISOCKET by

once i connect to the desired server i call ISSL_SetSocket().
My webopts are
WEBOPT_SSL_TRUST_MODE;
(void*)SSL_TRUST_MODE_IGNORE;

WEBOPT_X509_OVERRIDE;
(void *)&pTrustOverride = (0, X509CHAIN_OVERRIDE_ALL);

With these settings iam able to connect to https://www.qualcomm.com, i send a dummy request and it sends me a server not available error.

But when i try to connect to say verisign or sourceforge it gives me a 2567 (SSL_ERROR_HANDSHAKE)

What are the appropriate weboptions if this is possible at all?
Or do i have to switch to IWEB

Thanks in adv

I too am having the exact same problem. Anyone out there also encounter this?
I cannot use the IWEB interface because it does not release the Data channel quickly enough, making the phone uninterruptable for phone calls. I've built GET/POST over TCP and am trying to convert to SSL. Everything seems to be done correctly. I'm about to dig in deeper to the error (using IGNORE and analyzing the results), but wanted to see if anyone else has some hint about what might be going on. This error is not listed in any of the files, so I don't understand what has happened.
Andy

I too am having the exact same problem. Anyone out there also encounter this?
I cannot use the IWEB interface because it does not release the Data channel quickly enough, making the phone uninterruptable for phone calls. I've built GET/POST over TCP and am trying to convert to SSL. Everything seems to be done correctly. I'm about to dig in deeper to the error (using IGNORE and analyzing the results), but wanted to see if anyone else has some hint about what might be going on. This error is not listed in any of the files, so I don't understand what has happened.
Andy

OK, the problem was not changing from port 80 to port 443. No more 2567; everything works great in the emulator. If I don't post again, assume it works on the phone, too. I'm testing with Motorola phones (RAZR), BREW 2 & 3, and Verisign SSL certificate (no chaining -- needed by HttpsConnection in Java version).
Code snippet below. Pretty simple, once you look at. Just one more callback in between connect and write/read.
Cheers,
Andy
WebOpt ssl_opts[] = {
{ WEBOPT_SSL_TRUST_MODE, (void*)SSL_TRUST_MODE_FAIL },
{ WEBOPT_SSL_ALLOWED_VERSIONS, (void*)SSL_VERSION_30 },
{ WEBOPT_SSL_ALLOWED_VERSIONS, (void*)SSL_VERSION_TLS10 },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_RC4_128_MD5 },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_RC4_128_SHA },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_DES_CBC_SHA },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_3DES_EDE_CBC_SHA },
{ WEBOPT_X509_HOST, (void*) net->host },
{ WEBOPT_END } };
if (SUCCESS != ISHELL_CreateInstance(shl, AEECLSID_SSL, (void **)&net->ssl)) goto error;
if (SUCCESS != ISHELL_CreateInstance(shl, AEECLSID_SSLROOTCERTS, (void **)&net->opt)) goto error;
if (SUCCESS != IWEBOPTS_AddOpt(net->opt, ssl_opts)) goto error;
ISSL_SetSocket(net->ssl, net->soktcp);
CALLBACK_Init(&net->cbssl, &ssl_cb, net);
ISSL_Negotiate(net->ssl, (net->ssl, &net->sslx, (void*)0, &net->cbssl, WEBOPT_DEFAULTS, net->opt, WEBOPT_END));

OK, the problem was not changing from port 80 to port 443. No more 2567; everything works great in the emulator. If I don't post again, assume it works on the phone, too. I'm testing with Motorola phones (RAZR), BREW 2 & 3, and Verisign SSL certificate (no chaining -- needed by HttpsConnection in Java version).
Code snippet below. Pretty simple, once you look at. Just one more callback in between connect and write/read.
Cheers,
Andy
WebOpt ssl_opts[] = {
{ WEBOPT_SSL_TRUST_MODE, (void*)SSL_TRUST_MODE_FAIL },
{ WEBOPT_SSL_ALLOWED_VERSIONS, (void*)SSL_VERSION_30 },
{ WEBOPT_SSL_ALLOWED_VERSIONS, (void*)SSL_VERSION_TLS10 },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_RC4_128_MD5 },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_RC4_128_SHA },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_DES_CBC_SHA },
{ WEBOPT_SSL_ALLOWED_CIPHER_SUITES, (void*)SSL_CSUITE_RSA_WITH_3DES_EDE_CBC_SHA },
{ WEBOPT_X509_HOST, (void*) net->host },
{ WEBOPT_END } };
if (SUCCESS != ISHELL_CreateInstance(shl, AEECLSID_SSL, (void **)&net->ssl)) goto error;
if (SUCCESS != ISHELL_CreateInstance(shl, AEECLSID_SSLROOTCERTS, (void **)&net->opt)) goto error;
if (SUCCESS != IWEBOPTS_AddOpt(net->opt, ssl_opts)) goto error;
ISSL_SetSocket(net->ssl, net->soktcp);
CALLBACK_Init(&net->cbssl, &ssl_cb, net);
ISSL_Negotiate(net->ssl, (net->ssl, &net->sslx, (void*)0, &net->cbssl, WEBOPT_DEFAULTS, net->opt, WEBOPT_END));