SSL is a protocol designed to encrypt TCP/IP connections by combining various cryptographic algorithms. As such, SSL is more complex than the implementation of a simple cryptographic operation.
Many companies have built applications on the NonStop server which make use of TCP/IP as a means to communicate with other systems. Those applications have been implemented using the TCP/IP sockets API provided as part of the NonStop operating system. Adding an SSL encryption layer to those applications can be a daunting task. Open source libraries such as OpenSSL do not easily fit the Guardian "Nowait" IO paradigm. Even with portable libraries a proper SSL implementation must be based on a thorough understanding of the intricacies of SSL. Furthermore, optimizing the performance of SSL encryption for the NonStop platform can present a serious challenge.
SecurLib/SSL brings the power of comForte's proven SSL implementation to your self-written TCP/IP applications. SecurLib/SSL hides the SSL implementation complexities so that SSL encryption can be added by changing just a few lines of your source code.
NEW: SecurLib/SSL-AT (Application Transparent) adds SSL encryption to atm traffic or application data transparently.
| Features | Benefits |
|---|---|
| NEW: SecurLib/SSL-AT | No changes to application or configuration required. |
| Takes advantage of comForte's proven SSL implementations | SecurLib/SSL shares code with comForte's proven SSL products such as SecurCS. As such it provides a full-featured SSL implementation built specifically for the NonStop server platform. |
| Easy integration with your existing source code | SecurLib/SSL replaces the TCP/IP socket API (i.e. a call to send_nw is simply replaced by calling SSL_send_nw) and therefore requires very few changes to your source code. |
| Hides complexity of SSL and Guardian IO | Even with SSL libraries such as openssl, it is not trivial to implement SSL and to integrate it with the NonStop server Guardian "Nowait" IO paradigm. SecurLib/SSL hides all that complexity from you. |
| Tight integration of SSL into your application | Other than with a proxy-based solution, SecurLib SSL gives your application full access to the remote application retaining the IP address and port number of the remote application. |
SecurLib/SSL Requirements
To use SecurLib/SSL, the following requirements have to be met:
- you need to have full source code of your application
- the application can be written in TAL, C, C++ or Cobol
- OSS is not required
- As of now, SecurLib supports native compilers only
- SecurLib is delivered as a static library to be bound together with your application with a header file