Expand Minimize Picture-in-picture Power Device Status Voice Recognition Skip Back Skip Forward Minus Plus Play Search
Internet Explorer alert
This browser is not recommended for use with smartdevicelink.com, and may not function properly. Upgrade to a different browser to guarantee support of all features.
close alert
US
JP
US
JP
To Top Created with Sketch. To Top
To Bottom Created with Sketch. To Bottom
SDL Core Guides
Security Manager

Security Manager Guide

What is the Security Manager?

Secure communication in SDL Core is provided by the Security Manager interface, implemented in Core as the SecurityManagerImpl.

Under the hood the Security Manager uses OpenSSL to complete handshakes and encrypt/decrypt data. All OpenSSL operations are abstracted away by the Crypto Manager - which provides a factory for SSL Context objects, the ability to update certificates from Certificate Authorities and SSL error reporting. The SSL Context objects created by the Crypto Manager can be used to establish SSL connections, as well as to encrypt or decrypt data. Events within the Security Manager will be propagated to any Security Manager Listeners that register with the Security Manager. The Protocol Handler implementation in Core implements the SecurityManagerListener interface in order to send protocol layer responses to handshakes.

What events are generated?

OnHandshakeDone

When a handshake has been completed, the OnHandshakeDone is called on each registered SecurityManagerListener. This function is called with two parameters: the connection key, and a HandshakeResult enum value (one of Fail, Success, CertExpired, etc.)

OnCertificateUpdateRequired

When a handshake is initiated and the connection does not have a valid certificate, OnCertificateUpdateRequired will be called on each registered SecurityManagerListener. This could be either because no certificate was supplied for the connection or because the certificate is expired.

OnGetSystemTimeFailed

If the Security Manager fails to get the system time from the HMI, OnGetSystemTimeFailed will be called on each registered SecurityManagerListener.

OnCertDecryptFailed

If the Security Manager fails to decrypt a certificate, OnCertDecryptFailed will be called on each registered SecurityManagerListener.

OnPTUFailed

If a PTU fails, each registered SecurityManagerListener is notified with the OnPTUFailed event.

Sequence Diagrams

Security Manager Component Hierarchy

To further understand the relationship between the components of the security manager, please take a look at this UML diagram.

Sequence Diagram

Security Manager UML

View Diagram

Security Manager Initialization

To understand how the security manager is initialized, please take a look at this flow diagram.

Sequence Diagram

Security Manager Initialization

View Diagram

Security Manager Add Encrypted Service

To understand what the security manager does to start an encrypted service after it has been initialized, please take a look at this flow diagram.

Sequence Diagram

Security Manager Add Encrypted Service

View Diagram

Security Manager Decrypt

To understand how the Security Manager decrypts data, please take a look at this flow diagram.

Sequence Diagram

Security Manager Decryption

View Diagram

Security Manager Encrypt

To understand how the Security Manager encrypts data, please take a look at this flow diagram.

Sequence Diagram

Security Manager Encryption

View Diagram
View on GitHub.com
Previous Section Next Section