SDL Security is a TLS based security library built to interact with sdl_java_suite and provide TLS certificate authentication and encryption / decryption.
This library can be used to allow TLS authentication on a specific RPC service, for example the RPC or Video service.
This library is primarily for automotive OEMs to base their own proprietary library on. The OEM may change the URL to retrieve a certificate, and may want to provide additional protection to this library. Otherwise, it will be quite easy for an attacker to take the certificate and defeat the TLS protection.
The OEM must also rename this library and classes for the reasons seen below.
To use this library, the developer will pass the name of the class into the SdlManager's builder' method:
List<Class<? extends SdlSecurityBase>> secList = new ArrayList<>();
secList.add(SdlSecurity.class);
builder.setSdlSecurity(secList, null);
They must also pass in the name of the Vehicle 'Makes' that library is used for, for example, a Ford library may be used for ["Ford", "Lincoln"]. This must match what is passed through the register app interface RPC response. For more information on how to setup the library, please check the resources folder.
If you would like to rebuild the native code for OpenSSL or tlsEngine, please check the instructions here.
Anyone implementing this library should take care to add additional protections as this library is not cryptographically secure out-of-the box.