[JuiCE] New ciphers, key factories, key pair generators avaliable - additional info

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[JuiCE] New ciphers, key factories, key pair generators avaliable - additional info

Werner Dittmann
I forgot something:

The AES, DES, and DESede cipher also support the OFB and CFB
modes. If the OpenSSL library supports it also CFB1 and CFB8
is available (CFB1 has a problem in BouncyCastle - it procuces
a divide by zero exception).

Regards,
Werner

All,

in the last few days I implemented some more features and functions
in JuiCE. It's getting more to a full blown JCE now. In addition to
the new features the error handling was improved, in particular for
the native library. It now uses exception to signal errors/problems
to the Java code.

Here is a full list of supported algorithms:

Ciphers

- AES (all key sizes), DES, DESEDE in ECB and CBC mode,
  available paddings are: none, PKCS5/PKCS7, ISO10126, ZEROBYTE

- RSA RAW, RSA PKCS1padding, RSA OAEP padding

- RC2 with key sizes up to 128, ECB and CBC mode

- RC4 stream cipher with key sizes up to 128


Password based (PBE) ciphers

- PBEwithSHAand128bitAES-CBC-BC, PBEwithSHAand192bitAES-CBC-BC,
  PBEwithSHAand256bitAES-CBC-BC

- PBEwithMD5and128bitAES-CBC-OPENSSL, BEwithMD5and192bitAES-CBC-OPENSSL,
  PBEwithMD5and256bitAES-CBC-OPENSSL

- PBEwithMD5andDES, PBEwithSHA1andDES, PBEwithSHAand3-KeyTripleDES-CBC

- PBEwithMD5andRC2, PBEwithSHA1andRC2 - these use RC2 with 64bit key
  PBEwithSHAand128bitRC2, PBEwithSHAand40bitRC2-CBC

- PBEwithSHAand128bitRC4, PBEwithSHAand40bitRC4

NOTE: all the PBE ciphers require that you use the associated secret key
factories. This also requires that the BouncyCastle library is on your
classpath (see note below). These PBE cipher algorithms are compatible
with the implementations available in the BouncyCastle library. Please
refer to the test cases to see how these are used.


Digests

- MD2, MD4, MD5, SHA1, SHA256, SHA512 (the latter two only if the
  installed OpenSSL library supports them), RIPEMD160


Signatures

- MD5WithRSAEncryption, SHA1WithRSAEncryption (also with SHA256
  and SHA512 if supported by openSSL, see remark for digests)

- standard DSA with SHA1


MACs

- HMAC (Hashed MACs) with MD{2,4,5}, SHA1 (also SHA256 and SHA512 if
  supported by openSSL, see remark for digests), RIPEMD160

- Cipher based MAC for DES (64-bit key) and DESEDE (192-bit Key)


Secret Key Factories

- DES, DESede

- PBEwithSHAand128bitAES-CBC-BC, PBEwithSHAand192bitAES-CBC-BC,
  PBEwithSHAand256bitAES-CBC-BC

- PBEwithMD5and128bitAES-CBC-OPENSSL,PBEwithMD5and192bitAES-CBC-OPENSSL,
  PBEwithMD5and256bitAES-CBC-OPENSSL

- PBEwithMD5andDES, PBEwithSHA1andDES, PBEwithSHAand3-KeyTripleDES-CBC

- PBEwithMD5andRC2, PBEwithSHA1andRC2 - these use RC2 with 64bit key
  PBEwithSHAand128bitRC2, PBEwithSHAand40bitRC2-CBC

- PBEwithSHAand128bitRC4, PBEwithSHAand40bitRC4

NOTE: if you use the Secret Key Factories you  must have the
BouncyCastle library on your classpath. While the key generation and
the actual ciphers use OpenSSL functions to get more speed the BC
library is responsible to handle all the ASN.1/PKCS format related
stuff.


Key Pair Generators

- RSA

- DSA

NOTE: Refer to the note on secret key factories - the same applies to
the key pair generators.

Unit tests for all implemented algorithms are available. Please refer
to them to see how to use JuiCE.

Have fun.

Regards,
Werner



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...