Java Cryptography Extension

The Java Cryptography Extension (JCE ) is an interface of the Java programming language and framework for cryptographic tasks like encryption, communication authentication and key management. Since JDK 1.4, it is part of the Java Platform, Standard Edition, before that she was available as an optional package ( JDK 1.2).

The Java Cryptography Extension is based on the same architecture as the Java Cryptography Architecture (JCA ) and is seen as part of the JCA. The division into JCA and JCE was necessary because the U.S. earlier restricted the export of cryptographic systems. The JCA contains only hash functions, key generators, etc. and could be freely exported. For strong encryption algorithms, this did not apply; therefore you stored it into the JCE. Implementations had to be sourced from elsewhere.

As the classes of JCA are those of the JCE today in the java.security package and javax.crypto.

Functionality

The Java Cryptography Extension is based on so-called cryptographic providers, which are implementations of various abstracted by the JCE cryptographic concepts. New concepts can be easily added.

The Java Cryptography Extension provides the following functionality:

  • Cipher - Cryptographic algorithms ( symmetric and asymmetric ) to encrypt, block and stream ciphers
  • Key Management - The classes KeyGenerator for key generation, KeyAgreement for safe negotiation of keys and SecretKeyFactory for the decomposition of keys in their shares
  • Message Authentication Codes - for the calculation of authentication for communications
  • Secure objects and digital signatures

The Java Cryptography Extension (as well as the Java Cryptography Architecture ) from the implementation of specific algorithms independently. About a Service Provider Interface (SPI ) different implementations can be integrated from different manufacturers at the same time in the Java runtime environment. Java is shipped from version 1.4 with a JCE and JCA implementation, other implementations may simply but both statically and be loaded dynamically. Among the best known implementations of the JCE IAIK JCE provider is part of the Institute for Applied Information Processing and Communications ( IAIK ) of the Graz University of Technology.

Example

The following example shows the encryption and decryption of a string using blowfish algorithm:

...    / / Create key    SecretKey SecretKey = KeyGenerator.getInstance ( " Blowfish " ) generateKey ().;       Cipher cipher = Cipher.getInstance ( " Blowfish ");    cipher.init ( Cipher.ENCRYPT_MODE, SecretKey );       / / Convert the strings to bytes based on UTF- 8    byte [ ] utf8Bytes = " Encodable string" getBytes ( " UTF8 ").;       / / Encryption    byte [ ] encryptedBytes = cipher.doFinal ( utf8Bytes );       / / Base64 encoding to get back a string   . = New String encryptedString sun.misc.BASE64Encoder () encode ( encryptedBytes );       / / Prepare Cipher for decryption    cipher.init ( Cipher.DECRYPT_MODE, SecretKey );       / / Conversion back to byte array    encryptedBytes = new sun.misc.BASE64Decoder () decodeBuffer ( encryptedString ). ;       / / Decryption    utf8Bytes = cipher.doFinal ( encryptedBytes );       / / Re-conversion to a string    return new String ( utf8Bytes, " UTF8 ");    ... literature

  • Rich Helton, Helton Johennie: Java Security Solutions. Wiley, September 5, 2002, ISBN 978-0764549281.
  • David Hook: Beginning Cryptography with Java. John Wiley & Sons, August 19, 2005, ISBN 978-0764596339.
Software framework Java Development Kit Public-key cryptography
432204
de