Wrox Programmer Forums
|
BOOK: Beginning Cryptography with Java
This is the forum to discuss the Wrox book Beginning Cryptography with Java by David Hook; ISBN: 9780764596339
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Cryptography with Java section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 30th, 2008, 03:02 AM
Authorized User
 
Join Date: Apr 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default Appendix C, Using BC API For EC


Hi again, and thanks for that Appendix C.

From what I understand from that appendix we can use ECC by directly interacting with BC classes instead of going through JCE/SPI interfaces.

Now I've got a situation where bouncy castle library is included inside another library, but the included version of bc is limited and does not support ECDH/ECDSA (among other things), which I want to use. And that limited BC is already registered as jce provider, so I can not register full version of BC myself by Security.addProvider(bcprov).

What is the best thing to do in this situation :

1) Is it feasible / advised to get source files for ECC from Bouncy Castle and include in my own project, and then follow Appendix C to do ECC ?
2) Or is there any way to add a "capability" to already registered providers engine (like adding "ECDSA" for KeyPairGenerator) ?

Also I got concerns about ECDSA, is it widely spread/accepted as a standart? does for example office and pdf signing tools accept it as a valid signature algorithms ?

any help would be greatly appreciated

Sincerely
Ray

P.S : small typo on page 115, the text refers to Appendix B , it should be Appendix C (for named curves supported and for description on how to do ECC prior to JDK 1.5)

 
Old April 30th, 2008, 04:36 AM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

ECDSA is very widely accepted - I'm not sure what the situation with office and pdf signing tools is, but use of EC is quite widespread now.

If all you are trying to do is use EC for signing, you can actually implement your own provider - you only need a signing certificate for providers that do encryption. You'll have to be careful to avoid name clashes with the other version of BC, so you might need to rename a few packages. Strictly speaking they should upgrade - it's very rare that people have problems doing so, and with few exceptions upgrades fix more problems than they cause (especially given the age of the provider - EC has been in Bouncy Castle for a long time!).

Thanks for the typo.

Regards,

David

 
Old April 30th, 2008, 04:44 AM
Authorized User
 
Join Date: Apr 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default


Hi ,

Yes as a matter of fact I need only signing (at least for now), and I frankly did not know that only providers doing encryption need signing so thanks for that info too.

So what you say is that I need to implement my own provider . call it myBC, using the source code from BC , is it legal to do so (in terms of BC) ?

And that provider that I write should implement KeyPairGenerator (for ECDSA ), Signature (ECDSA), anything else ?

Thanks alot for help again

Sincerely
Ray

 
Old April 30th, 2008, 06:22 AM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

That's pretty much it. Yes it is legal to do so, just acknowledge where you got the code from (which is basically all the license requires). As long as your provider passes the org.bouncycastle.jce.provider.test.ECDSA5Test class you'll know you've covered all the bases for JDK 1.5, org.bouncycastle.jce.provider.test.DSATest will tell you if you're working alright for the BC specific API if you have to use an earlier JDK.

Regards,

David

 
Old April 30th, 2008, 07:15 AM
Authorized User
 
Join Date: Apr 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default


Is there a way to "isolate" the classes responsible for ECDSA from bouncy castle ? right now I am doing it by following the dependency imports by looking at the errors in eclipse.

Sincerely
Ray

 
Old April 30th, 2008, 10:41 PM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

That's probably about the best way to do it. Actually signature and key production covers a number of the BC packages.

Regards,

David






Similar Threads
Thread Thread Starter Forum Replies Last Post
A New Appendix B DanM BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 12 August 14th, 2010 04:53 AM
Appendix Example SQLScott BOOK: Professional WCF Programming: .NET Dev with Windows Communication Found ISBN: 9780470089842 11 January 30th, 2010 06:39 PM
Appendix A john_tempest BOOK: Professional C# 2005 with .NET 3.0 ISBN: 978-0-470-12472-7 1 August 27th, 2007 06:43 AM
Appendix B pkara2006 ASP.NET 2.0 Basics 0 August 20th, 2006 09:38 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.