JCE : Java Glossary

Java Cryptographic Extension API spec from SUN. The implementation for USA is from SUN. The JCE comes bundled with JDK 1.4+.

Sun’s JDK Technote Guide on JCE : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Protocols Supported	Books
Implementations	Learning More
Discovering Installed Providers	Links
Where to Find the Classes

Protocols Supported

The default SUN JCE supports among other things:

AES
Blowfish
CBC
DES
DES3
DESede
Diffie-Hellman(DH)
DSA
ECB
IDEA
MD5
RC2
RC4
RC5
RSA (signature and encryption)
SHA-0: 160 bit, obsolete
SHA-1: 160 bit
SHA-256
SHA-384
SHA-512
SSL
TLS
Twofish

Note that PGP and SSH are not on the list.

Implementations

JCE is designed as a plug-in to be replaced by a third party provider with additional protocols. For example, BouncyCastle.org add PGP support.

Americans had a silly law that code written in the USA that does strong encryption cannot be exported outside the USA and Canada, even though the algorithms are published. This has had the effect of stimulating European and Australians to provide such software which is immune to the restriction, taking business away from American companies. It was repealed circa 2000, but various other countries have restrictions on importing full strength encryption. The JCE that comes with the JDK is crippled. To get full strength encryption, you need to download and install the full strength extension.

You can avoid this hassle. BouncyCastle.org is located in Australia.

The ABA (Australian Business Access) provided a clean room implementation of JCE 1.2, including a cryptographic service provider, for international use. ABA seems to have disappeared.

BouncyCastle, another Australian group, has a free cleanroom implementation of JCE 1.2.1.

An Austrian university foundation with the unlikely name of SIC IAIK TUG (which stands for Stiftung Secure Information and Communication Technologies Institute for Applied Information Processing and Communications) has produced a large commercial JCE implementation that includes SSL and AES.

Discovering Installed Providers

Here is how to discover which providers are installed and what services they offer.

Here in the output of that program when run on Java 1.6 JCE on Windows:

Where to Find the Classes

You don’t usually use the vendor classes directly. You get at them using standard interfaces and String specifiers much the way you get at JDBC drivers. However, the class files live in J:\Program Files\java\jdk1.6.0_17\jre\lib\jce.jar. You could put the jar on your IDE’s library path to use the classes directly.

Books

recommend book⇒Beginning Cryptography with Java

paperback

ISBN13:

978-0-7645-9633-9

publisher:

Wrox

published:

2005-08-19

by:

David Hook

Covers JCA, symmetric and asymmetric key encryption in Java, message authentication codes, padding, ASN.1, certificate revocation, CMS, SSL, and S/MIME and the BouncyCastle provider. Unlike many books on the subject, this one is rich with sample code.

	abe books.co.uk	abe books.ca
	amazon.co.uk	amazon.ca
	abe books.de	chapters.indigo.ca
	amazon.de	abe books.com
	abe books.fr	amazon.com
	amazon.fr	barnes and noble.com
	abe books.it	powells.com
	iberlibro.com	sony e-books
	abe books anz

recommend book⇒Java Cryptography

paperback

ISBN13:

978-1-56592-402-4

publisher:

O’Reilly

published:

1998-05-01

by:

Jonathan Knudsen

JCE has evolved considerably since this book was published. It teaches you how to write secure programs using Java’s cryptographic tools. It includes the java.security package and the Java Cryptography Extensions (JCE). It discusses authentication, key management, public and private key encryption. How to implement ciphers, keys, and other data-obscuring techniques in Java. Includes source for a provider of the ElGamal algorithm.

	abe books.co.uk	abe books.ca
	amazon.co.uk	amazon.ca
	abe books.de	chapters.indigo.ca
	amazon.de	abe books.com
	abe books.fr	amazon.com
	amazon.fr	barnes and noble.com
	abe books.it	powells.com
	iberlibro.com	sony e-books
	abe books anz	o’reilly safari

Learning More

Sun’s JDK Technote Guide on AlgorithmParameterGenerator names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on CertificateFactory names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on CertPathBuilder Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on CertPathEncodings names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on CertPathValidator names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on CertStore Type names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on Cipher Blocking Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on Cipher Padding Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on KeyAgreement Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on KeyFactory Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on KeyGenerator Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on KeyPairGenerator Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on KeyStore Type names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on Mac Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on MessageDigest Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on Signature Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on XMLSignature Algorithm names : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

Sun’s JDK Technote Guide on Other JCE : available:

on the web at java.sun.com
in the current JDK 1.6.0_17 on your local Windows J: drive.

AES
Apache Fulucrum
BeeJCE
block cipher modes: ECB vs CBC etc
BouncyCastle
certificate
Cipher
cryptography
digest
digital signatures
ecommerce
encryption
IPsec
JCA
JCE unlimited strength encryption extension
JSSE
JSSE: Java Secure Socket Extension
MD5
Michael Schnell’s cryptography links
PCI DSS: credit card security
registration key
SHA-1
SSH
SSL
where to find jars

	You can get the freshest copy of this page from:	or possibly from your local J: drive (Java virtual drive/mindprod.com website mirror)
	http://mindprod.com/jgloss/jce.html	J:\mindprod\jgloss\jce.html
	Please email your feedback for publication, errors, omissions, typos, formatting errors, ambiguities, unclear wording, broken/redirected link reports, suggestions to improve this page or comments to Roedy Green :
	Canadian Mind Products
	mindprod.com IP:[65.110.21.43]
view Blog	Your face IP:[38.107.191.108]
Feedback	You are visitor number 19,232.