Java Cryptography by Jonathan Knudsen

The examples in this book run with the Java Developer’s Kit (JDK) 1.2 and the Java Cryptography Extension (JCE) 1.2. The examples in the book were tested with JDK 1.2beta3 and JCE 1.2ea2. Some of the topics covered are applicable to JDK 1.1, especially the Identity-based key management discussed in Chapter 5 and the MessageDigest and Signature classes in Chapter 6. However, anything involving encryption requires the JCE. The only supported version of the JCE is 1.2, and it only runs with JDK 1.2. (Although the JCE had a 1.1 release, it never progressed beyond the early access stage. It is not supported by Sun and not available from their web site any longer.)

The signed applets in Chapter 8 work with HotJava 1.1, Netscape Navigator 4.0, and Internet Explorer 4.0.

This book assumes you are comfortable programming in Java and familiar with the concepts of packages and CLASSPATH. The source code for examples in this book should be saved in files based on the class name. For example, consider the following code:

import java.applet.*;
import java.awt.*;

public class PrivilegedRenegade extends Applet {

  ...

}

This file describes the PrivilegedRenegade class; therefore, you should save it in a file named PrivilegedRenegade.java.

Other classes belong to particular packages. For example, here is the beginning of one of the classes from Chapter 9:

package oreilly.jonathan.security;

import java.math.BigInteger;
import java.security.*;

public class ElGamalKeyPairGenerator
    extends KeyPairGenerator {

  ...

}

This should be saved in oreilly/jonathan/security/ElGamalKeyPairGenerator.java.

Throughout the book, I define classes in the oreilly.jonathan.* package hierarchy. Some of them are used in other examples in the book. For these examples to work correctly, you’ll need to make sure that the directory containing the oreilly directory is in your CLASSPATH. On my computer, for example, the oreilly directory lives in c:\ Jonathan\ classes. So my CLASSPATH contains c:\ Jonathan\ classes ; this makes the classes in the oreilly.jonathan.* hierarchy accessible to all Java applications.

Several examples in this book consist of classes spread across multiple files. In these cases, I don’t explicitly import files that are part of the same example. For these files to compile, then, you need to have the current directory as part of your classpath. My classpath, for example, includes the current directory and the Java Cryptography Extension (JCE—see Chapter 3). On my Windows 95 system, I set the CLASSPATH in autoexec.bat as follows:

set classpath=.
set classpath=%classpath%;c:\jdk1.2beta3\jce12-ea2-dom\jce12-ea2-dom.jar

The examples in this book are presented in my own coding style, which is an amalgam of conventions from a grab bag of platforms.

I follow standard Java coding practices with respect to capitalization. All member variables of a class are prefixed with a small m, like so:

protected int mPlainBlockSize;

This makes it easy to distinguish between member variables and local variables. Static members are prefixed with a small s, like this:

protected static SecureRandom sRandom = null;

And final static member variables are prefixed with a small k (it stands for constant, believe it or not):

protected static final String kBanner = "SafeTalk v1.0";

Array types are always written with the square brackets immediately following the array type. This keeps all the type information for a variable in one place:

byte[] ciphertext;

Most of the examples from this book can be downloaded from ftp://ftp.oreilly.com/pub/examples/java/crypto/. Some of the examples, however, cannot legally be posted online. The U. S. government considers some forms of encryption software to be weapons, and the export of such software or its source code is tightly controlled. Anything we put on our web server can be downloaded from any location in the world. Thus, we are unable to provide the source code for some of the examples online. The book itself, however, is protected under the first amendment to the U. S. Constitution and may be freely exported.