Some general Java cryptography resources, which you may, or may not, find helpful. If you have an article, book, or project you would like to see added below send a message to firstname.lastname@example.org
EJBCA is a fully functional Certificate Authority using J2EE technology. EJBCA builds on the J2EE platform to create a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in any J2EE app.
This package provides the following pure Java extensions to the Bouncy Castle framework and has been made freely available by www.novosec.com:
- OCSP (RFC 2560) server and client
- CMP (RFC 2510, RFC 2511) generator and parser.
A JSP tag library with cryptographic funtions and X.509 certificate generation based on BouncyCastle JCE. There is also a refactoring of JCE taglib CryptoLib on the main JCE taglib project page. CryptoLib can also be used with non-JSP projects.
Portecle is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.
Jasypt - Java Simplified Encryption
Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort. It offers transparent integration with Hibernate, an open API for use with any JCE provider, and is suitable for integration into Spring-based applications and ACEGI. Instructions on using it with Bouncy Castle can be found at: http://www.jasypt.org/bouncy-castle.html.
KeyTool is a free user friendly GUI application for creating, managing keys and keystores as an alternative to the JDK's KeyTool command.
A basic free Certification Authority. Can be used to generate keys for Secure email, VPN access and client/server SSL authentication.
A set of tools for generating signed PDF documents, as well as certificates.
If you are reporting a bug, or would simply like to suggest something to add to the library let us know at email@example.com and your request will be dealt with, if you need something else read on.
The Legion of the Bouncy Castle is a strictly non-profit, no financial interest organisation, however we do get requests for commercial support or project work from time to time. To deal with this and help fund further work on the APIs we have set up Crypto Workshop If you need a support agreement or have an issue that might need a solution requiring consulting, mentoring, or education, please contact us firstname.lastname@example.org
EnglishIncludes a simple example program using the lightweight API.
MIDP Application Security 3: Authentication in MIDP
Examples of using the lightweight API, brief discussion about obfuscation.
MIDP Application Security 4: Encryption in MIDP
More examples of using the lightweight API.
Data security in mobile Java applications
Michael Juntao Yuan
Includes examples of the lighweight API as well as general discussion of other alternatives.
Securing your J2ME/MIDP apps
Michael Juntao Yuan
Includes examples of the lighweight API used for XML signatures.
Master the basics of Java Cryptography Extension (JCE)
A discussion on installing the Sun JCE, the same instructions apply to BC, useful especially if you are dealing with pre-JDK 1.4.
Cryptographie avec Bouncy Castle
Ce tutoriel constitue une première approche pour l'utilisation de la bibliothèque Bouncy Castle.
Utiliser PGP avec Java et Bouncy Castle
Graham Jenkins (Traduction française par Simon Depiets, relecture de la traduction française par Joëlle Cornavin).
In association with amazon.com. Any proceeds received from this are used to support the running of this web site.
Beginning Cryptography with Java
David Hook - Wrox
Written by a Bouncy Castle APIs committer, the book covers recent features introduced in the JCA/JCE cryptography APIs in JDK 1.5 and is fully up to date with the cryptography APIs in J2SE 5.01, including Elliptic Curve cryptography, as well as dealing with earlier versions of the JCE/JCA in earlier JDKs. The book also deals with provider installation, X.509 certificate generation, CRL generation, and the creation and processing of PKCS #10 certification requests using the JCA and the Bouncy Castle APIs, in addition it covers certificate validation and certificate path processing with both CRLs and OCSP. Finally, it also covers using PKCS #12, processing CMS and S/MIME messages using the BC APIs, SSL using the JSSE, and gives an introduction as to how to use the Bouncy Castle ASN.1 library.
1 Mind you, you would probably have to read it first to be aware of this... ;-)
Niels Ferguson, Bruce Schneier - John Wiley & Sons
Not so much a book about algorithms either, but a book about how to use them in a general sense. If you are looking at implementing a secure system, rather than just implementing basic cryptography this is a great book to read.
Java Cryptography Extensions : Practical Guide for Programmers
Jason Weiss - Morgan Kaufmann
Covers the JCE and some parts of the JCA as seen in JDK 1.4.
Wireless Java: Developing with Java 2, Micro Edition
Jonathan Knudsen - Apress
Includes a section on developing with the Bouncy Castle Lightweight APIs.
J2EE Security for Servlets, EJBs, and Web Services
Pankaj Kumar - Prentice Hall PTR
Includes sections on the JCE, JCA and implementing PKI systems with Java and a discussion of what goes on under the covers when you install the Bouncy Castle provider.
Applied Cryptography: Protocols, Algorithms, and Source Code in C (Second Edition)
Bruce Schneier - John Wiley & Sons
A general introduction to Cryptography, if you are new to this area it is well worth the effort to read a copy to gain some understanding of how cryptographic algorithms work.
Handbook of Applied Cryptography
Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone - CRC Press
Considerably more academic than Bruce Schneier's book, really intended for people with a good background in mathematics and computer science. Very solid, covering both algorithms and basic number theory. Chapters for this book are also available on the web at http://www.cacr.math.uwaterloo.ca/hac/ with some restrictions.
Free monthly e-mail newsletter on computer security and cryptography from Bruce Schneier.
Unofficial Java Web Start/JNLP FAQ
If you are having trouble using cryptographic providers in conjunction with Java Web Start, this is the place to look first.
RSA Lab's Cryptography FAQ
Frequently asked questions about today's cryptography from RSA Laboratories.
The Object Identifier Registry
Online registry of ASN.1 Object Identifiers and what they are.
The X.509 Style Guide
Peter Gutmann's implementation notes for developers of X.509 certificates. Humourous as well as very useful, also contains references to other introductory material covering PKI and cryptography.