This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

java JCE version compatibility

 
mike vas
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys,

Apologies if my question is a bit naive, but I'm new to encryption and I have many queries....

If I encrypt a message using a keystore with RSA and provider SunJCE in java version 6, could someone who's using java version 1.3 and the same keystore etc. decrypt the message?
Is JCE 6 backward compatible with other versions and vice versa?


Many thanks in advance,

Mike
 
greg stark
Ranch Hand
Posts: 220
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
mike vas wrote:Hi guys,

If I encrypt a message using a keystore with RSA and provider SunJCE in java version 6, could someone who's using java version 1.3 and the same keystore etc. decrypt the message?
Mike


No, because direct encryption of data with RSA is not supported in versions prior to ... 1.5 I think, certainly not before 1.4.2

Is JCE 6 backward compatible with other versions and vice versa?


Yes, but that doesn't mean what I suspect you want it to mean. The JCE is a set of classes, for example the Cipher class, as well as a set of abstract service provider classes. What is not part of the JCE are the service provider implementation classes. These classes provide the actual Cipher, Signature, MessageDigest, etc. algorithms implementations. You get an instance of one these implementations through the various getInstance() methods. The default Java runtimes for various versions include different Sun providers. Over time these providers implement more and newer algorithms, so these algorithms will not be available in earlier versions. But a robust bit of code like


should work in any version in the sense that you will either get the algorithm you asked for or get an exception that the algorithm is not available, but there are early providers that do not have AES.

 
mike vas
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks greg stark...

You've saved me from loads of trouble...
After a small research I decided to use the Bouncy Castle provider...
It seems to be much more flexible for use in heterogeneous java versions (if you use it in both ends)...
Hopefully this one will work the way I think it will...

kind regards,

Mike
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic