BouncyCastle in J2ME??

anyone tried to use bouncycastle api for J2ME??? Since the package is large ,so it makes the midlet become large as well. Anyone know what to make it smaller?
Is is possible to just copy the neccessary .java file to my application?
Please help

Sign the BouncyCastle mailing list, or search it:
http://www.bouncycastle.org/mailing_lists.html
http://www.bouncycastle.org/devmailarchive/index.html
Usually when using J2ME, before you package your app, you must run some utility that determines the minimum subset of classes that are used by your application. For instance, if you will need to use DES only, you do not need to include RSA support.
Probably you have read this article about J2ME and BouncyCastle:
http://www.javaworld.com/javaworld/jw-12-2002/jw-1220-wireless.html

Similar Messages

  • BouncyCastle+Verify Signature

    Hi all,
    I am currently developing an application for a mobile phone that needs to check a signature received in an xml message. The problem is that I'm using bouncycastle to check that signature, but I am not using bouncycastle for signing the message (I'm just using the security packages that come with J2SE 1.4.2).
    Are there any differences in the way the signatures are processed by J2SE and BouncyCastle for J2ME?
    I am using SHA-1 to create a digest of the message and then sign it using an RSA key!
    Thanks in advance,
    Joao!

    Hi Joao!,
    Bouncycastle is created according specific rfc's. These rfc's describe how things should be used. If your other product uses the same rfc's you may say they do the same thing. If not, i wouldn/'t be so sure. Look at http://www.bouncycastle.org/docs/mdocs1.4/index.html. It say's bouncycastle they use rfc 3369 (formely 2630). Check your other product if they are using the same rfc.
    Good luck,
    Remy de Boer
    Oh, i've read somwhere that rfc 3369 is compatible with rfc 2630. If somebody say's otherwise please respond.

  • Verify certificate using Bouncycastle (J2ME)

    Good evening. I have a problem.. I'm trying to verify certificate but signatures doesn't match!!!
    byte[] cert_decoded = Base64.decode(pem_cert);
    ASN1InputStream ais = new ASN1InputStream(cert_decoded);
    DERObject obj = ais.readObject();
    ASN1Sequence seq = (ASN1Sequence)obj;
    ais.close();
    X509CertificateStructure cert = new X509CertificateStructure(seq);
    // getting certificate signature
    byte[] signature = cert.getSignature().getBytes();
    // trying to get "to be signed" structure
    TBSCertificateStructure tbs = cert.getTBSCertificate();
    // is it correct? trying to get bytes array of TBS..
    byte[] tbs_byte = tbs.getEncoded();
    RSAEngine engine = new RSAEngine();
    // Is it correct? Cert uses "RSAwithSHA1"..
    SHA1Digest digest = new SHA1Digest();
    // Public key i'v got before from signing CA cert...
    PSSSigner signer = new PSSSigner(engine, digest, 0);
    signer.init(false, pub);
    signer.update(tbs_byte, 0, tbs_byte.length);
    boolean istrue = signer.verifySignature(signature);
    In all cases i'm getting FALSE 8( what's wrong, please help! 8(
    I tried to sign TBS data using CA's private key but signatures doesn't match anyway...

    I found example code here: http://www-128.ibm.com/developerworks/library/j-midpds.html
    Below is that code pieced together with some minor fixes (seems they
    had outdated calls to verifySignature() and generateSignature()).
    This program runs and returns true for me. Maybe this can
    help you figure out what's going on with your code...
    import java.math.BigInteger;
    import java.security.SecureRandom;
    import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
    import org.bouncycastle.crypto.digests.SHA1Digest;
    import org.bouncycastle.crypto.engines.RSAEngine;
    import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
    import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
    import org.bouncycastle.crypto.params.RSAKeyParameters;
    import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
    import org.bouncycastle.crypto.signers.PSSSigner;
    import org.bouncycastle.util.encoders.Base64;
    public class RSASigBCLW {
        private static BigInteger pubExp = new BigInteger("11", 16);
        private static RSAPrivateCrtKeyParameters privKey;
        private static RSAKeyParameters pubKey;
        public static void main(String[] args) {
            try {
                _main(args);
            } catch (Exception e) {
                System.out.println("ERROR: " + e.getMessage());
         * @param args
        public static void _main(String[] args) throws Exception {
            SecureRandom sr = new SecureRandom();
            RSAKeyGenerationParameters RSAKeyGenPara = new RSAKeyGenerationParameters(
                    pubExp, sr, 1024, 80);
            RSAKeyPairGenerator RSAKeyPairGen = new RSAKeyPairGenerator();
            RSAKeyPairGen.init(RSAKeyGenPara);
            AsymmetricCipherKeyPair keyPair = RSAKeyPairGen.generateKeyPair();
            privKey = (RSAPrivateCrtKeyParameters) keyPair.getPrivate();
            pubKey = (RSAKeyParameters) keyPair.getPublic();
            String message = "this is a test message.";
            String signature = getSignature(message);
            boolean b = verify(message, signature, getMod(), getPubExp());
            System.out.println("verify? =" + b);
        // Public key specific parameter.
        public static String getMod() throws Exception {
            return (new String(Base64.encode(pubKey.getModulus().toByteArray())));
        // General key parameter. pubExp is the same as pubKey.getExponent()
        public static String getPubExp() throws Exception {
            return (new String(Base64.encode(pubExp.toByteArray())));
        static public String getSignature(String mesg) throws Exception {
            SHA1Digest digEng = new SHA1Digest();
            RSAEngine rsaEng = new RSAEngine();
            PSSSigner signer = new PSSSigner(rsaEng, digEng, 64);
            signer.init(true, privKey);
            byte[] mbytes = mesg.getBytes();
            signer.update(mbytes, 0, mbytes.length);
            byte[] sig = signer.generateSignature();
            String result = new String(Base64.encode(sig));
            return result;
        static public boolean verify(String mesg, String signature, String mod, String pubExp) {
            BigInteger modulus = new BigInteger(Base64.decode(mod));
            BigInteger exponent = new BigInteger(Base64.decode(pubExp));
            SHA1Digest digEng = new SHA1Digest();
            RSAEngine rsaEng = new RSAEngine();
            RSAKeyParameters pubKey = new RSAKeyParameters(false, modulus, exponent);
            PSSSigner signer = new PSSSigner(rsaEng, digEng, 64);
            signer.init(false, pubKey);
            byte[] mbytes = mesg.getBytes();
            signer.update(mbytes, 0, mbytes.length);
            boolean res = signer.verifySignature(Base64.decode(signature));
            return res;
    }

  • Hi Freinds......How to Encrypt/Decrypt Text file in j2me

    Hello friendz.,,
    I m having problem with textfile exncryption decryption in j2me..
    Can abybode tell me how to encrypt/decrypt Text file using J2ME API's.......
    PLZ help me .......
    Thanx in advance
    regards,
    Parag

    http://www.mobilefish.com/developer/bouncycastle/bouncycastle.html
    http://www-128.ibm.com/developerworks/library/j-midpds.html

  • BouncyCastle Files not found at Runtime

    I am trying to do encryption/decryption using
    bouncycastle. At compile time, there is no
    problem but when I run the J2ME emulator, I get
    the error:
    java.lang.NoClassDefFoundError: org/bouncycastle/asn1/ASN1InputStream: Cannot create class in system package
    Line of code:
              InputStream in = getClass().getResourceAsStream("/public.key");
              ASN1InputStream aIn = new ASN1InputStream(in);
    I created a directory called lib under my J2ME project root directory
    and I included the files cldc_classes.jar and cldc_crypto.jar
    and those classes are in my build path. I am using Java 5 and WTK 2.5
    with proguard 4.4 and Eclipse GANYMEDE as IDE.
    Any help will be greatly appreciated.
    Thanks.
    Taji

    Okay, I finally figured out the solution to this problem. The bouncy castle jars contain some classes in the java.* package like BigInterger, SecureRandom, etc and these classes are being confused with the regular java.* system packages. So what I did was rename the java.* packages in the bouncy castle files to my own package like simpaq.* and everything worked just fine. I hope this helps someone.
    Taji

  • Encryption of folder object in J2ME

    hello, is there an API that i can use to encrypt/decrypt the folder object (not the files inside the folder) using J2ME (currently using bouncycastle)?

    prasad_at_sun wrote:
    Thanks for your reply. In my case we have the application server setup at client side only (third party is testing our application and according to their need we have to handover the things in their hands) where i am deploying jar/war files. I am still without solution..What don't you understand about "You can't do it." ?
    It's very simple really - whatever the language it makes no sense to encrypt the 'code' since to execute the code the execution engine needs to decrypt the 'code' before it can execute it so it has to have access to the decryption key. If the execution engine has access to the key so does anyone who has access to the execution engine.

  • Elliptic curve encryption with J2ME

    hi there.
    i'm using the bouncycastle apis to encrypt a small amount of data (e.g. 20 chars) using ECIES. All the documentation seems to point to ECC as being faster/requiring shorter keys/less power-hungry etc than RSA, however, with the example code I have, the encryption time on a high end mobile is ridiculous.
    I'm thinking that the example G, n, a, b, and Q are for larger key sizes. Does anyone know how I can generate these values for a 160b ECC key, or a good bouncycastle/j2me ECC tutorial/sample code?
    Thanks in advance.
    caid

    No Sun provider implements the EC algorithms at this time.
    Here's an easy solution that works (Using NSS):
    http://blogs.sun.com/andreas/entry/elliptic_curve_cryptography_in_java
    NSS has been recently FIPS re-approved.
    BouncyCastle is another option if FIPS doesn't matter to you at all and you want pure java.
    Edited by: dstutz on Mar 10, 2008 7:49 AM

  • Bouncy Casle in J2ME

    Hi I have done encryptionin bouncycastle algorithm but it tells the following error:
    ERROR:
    java.lang.NoClassDefFoundError: java/security/SecureRandom: Cannot create class in system package
    PROGRAM:
    import java.math.BigInteger;
    import java.security.SecureRandom;
    import org.bouncycastle.crypto.AsymmetricBlockCipher;
    import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
    import org.bouncycastle.crypto.encodings.PKCS1Encoding;
    import org.bouncycastle.crypto.engines.RSAEngine;
    import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
    import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
    import org.bouncycastle.crypto.params.RSAKeyParameters;
    import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
    import javax.microedition.lcdui.*;
    import javax.microedition.midlet.*;
    public class Encryption extends MIDlet implements CommandListener
         Form f = new Form("MyForm");
         Command okCmd = new Command("Ok",Command.OK,1);
         Command exitCmd = new Command("Exit",Command.EXIT,2);
         private RSAPrivateCrtKeyParameters _RSAPrivateKey;
         private RSAKeyParameters _RSAPublicKey;
         public void startApp()
              f.addCommand(okCmd);
              f.addCommand(exitCmd);
              f.setCommandListener(this);
              Display.getDisplay(this).setCurrent(f);
         public void pauseApp()
         public void destroyApp(boolean unconditional)
         public void commandAction(Command c, Displayable d)
              if (c == okCmd)
                   functionCall();
              if (c == exitCmd)
                   notifyDestroyed();
         void functionCall()
              String theStringBeforeEncryption = "String to encrypt";
              String theStringAfterEncryption = null;
              byte[] theEncryptedString;
              try
                   System.out.println(theStringBeforeEncryption);
                   generateRSAKeyPair();
                   theEncryptedString = RSAEncrypt(theStringBeforeEncryption.getBytes());
                   theStringAfterEncryption = new String(RSADecrypt(theEncryptedString));
                   System.out.println(theStringAfterEncryption);
              catch (Exception e)
                   // TODO Handle exception!
                   e.printStackTrace();
         }//end of functionCall()
         private void generateRSAKeyPair () throws Exception
              SecureRandom theSecureRandom = new SecureRandom();
              BigInteger thePublicExponent = new BigInteger("10001", 16);
              RSAKeyGenerationParameters theRSAKeyGenParam =
                   new RSAKeyGenerationParameters(thePublicExponent, theSecureRandom, 1024, 80);
              RSAKeyPairGenerator theRSAKeyPairGen = new RSAKeyPairGenerator();
              theRSAKeyPairGen.init(theRSAKeyGenParam);
              AsymmetricCipherKeyPair theKeyPair = theRSAKeyPairGen.generateKeyPair();
              _RSAPrivateKey = (RSAPrivateCrtKeyParameters) theKeyPair.getPrivate();
              _RSAPublicKey = (RSAKeyParameters) theKeyPair.getPublic();
         private byte [] RSAEncrypt (byte [] toEncrypt) throws Exception
              if (_RSAPublicKey == null)
                   throw new Exception("Please generate RSA keys first in order to work");
              AsymmetricBlockCipher theEngine = new RSAEngine();
              theEngine = new PKCS1Encoding(theEngine);
              theEngine.init(true, _RSAPublicKey);
              return theEngine.processBlock(toEncrypt, 0, toEncrypt.length);
         private byte [] RSADecrypt (byte [] toDecrypt) throws Exception
              if (_RSAPrivateKey == null)
                   throw new Exception("Please generate RSA keys first in order to work");
              AsymmetricBlockCipher theEngine = new RSAEngine();
              theEngine = new PKCS1Encoding(theEngine);
              theEngine.init(false, _RSAPrivateKey);
              return theEngine.processBlock(toDecrypt, 0, toDecrypt.length);
    please Help me
    Regards,
    Nelson

    There is no class by name "SecureRandom" in "java.security" package as far as CLDC/MIDP API's available for the application developer are concerned with.
    May be you need to check out the alternative for SecureRandom class provided by the J2ME implementation of the BouncyCastle API.
    ~Mohan

  • Encryption between j2me and j2ee

    I need to exchange some cofidential data between j2me client and servelt using http connection . So i need to encrypt the data before i send from j2me and the data should be decrypted at the server side so obviously i should also pass the key. I have searched on the net for a common algorthim that wil suit my requirements but i din get any useful solution. Please any one help me in finding out a algorithm tat meets my requirements.
    I appreciate all the replies

    i am getting the impression you are new to data security...
    if this is indeed the case, and you are in any kind of hurry, i strongly advise you to use ssl if at all possible.
    if you can not or will not use ssl then you will need to look into some other options.
    there are multiple algorithms to choose from for secure key exchange, diffie-hellman prob being the most popular.
    however, you will need to supplement the cldc api in order to implement.
    some key words to search on:
    diffie-hellman
    rsa
    aes
    tripple des
    satsa
    bouncycastle
    j2me security
    j2me encryption

  • BigInteger in J2ME web service client

    I have a problem about sending parameter of BigInteger in J2ME web service client.
    To send a BigInteger as parameter web service, i change into array of byte then i change again into HexString.
    After that, the String value send to web service.
    The String value change into array of byte again then i build new object BigInteger.
    I think the way i try is correct, but in J2ME as web service client the value of BigInteger that i send has change.
    I tried in J2SE as web service client with the same way, then the value of BigInteger didn't changed.
    Is it the class BigInteger in library lcrypto-j2me (BouncyCastle) cannot apply into BigInteger in java?
    Or i've missing something???
    Thanks a lot for the answer...
    Best regards,
    Meis

    I have a problem about sending parameter of BigInteger in J2ME web service client.
    To send a BigInteger as parameter web service, i change into array of byte then i change again into HexString.
    After that, the String value send to web service.
    The String value change into array of byte again then i build new object BigInteger.
    I think the way i try is correct, but in J2ME as web service client the value of BigInteger that i send has change.
    I tried in J2SE as web service client with the same way, then the value of BigInteger didn't changed.
    Is it the class BigInteger in library lcrypto-j2me (BouncyCastle) cannot apply into BigInteger in java?
    Or i've missing something???
    Thanks a lot for the answer...
    Best regards,
    Meis

  • Md5 in j2me

    I'm building an j2me application and I want use md5 authentication.
    Is there a way to implement the encrypting of a string taken from a text box in md5?
    Thanks

    The bouncy castle api might help you with that: http://www.bouncycastle.org/
    Though maybe, basic base64 auth is much easyer to do..

  • Security and J2ME

    Is is realistic to encrypt networked data with J2ME?
    like using SSL to encrypt networked data.
    is there a J2ME SSL implementation? is it possible at all?
    and what about personnal Java?
    THANKS!!

    some deives support securesocket://host:port, plus (*quick google*)
    http://www.bouncycastle.org/
    http://www.wedgetail.com/jcsi/microedition/ssl/cdc/
    http://www-106.ibm.com/developerworks/library/wi-tip14.html?dwzone=wireless
    Google, your friend.

  • Authentication in j2me..

    Hi all,
    I would need some info on how to authenticate user while workin with j2me mobile applications...Thanks

    The bouncy castle api might help you with that: http://www.bouncycastle.org/
    Though maybe, basic base64 auth is much easyer to do..

  • Send email from j2me through servlet

    Hi people,
    i hope you can help me because i am new in network programming.
    I am trying to send email from j2me to googlemail account I have 2 classes EmailMidlet (which has been tested with wireless Toolkit 2.5.2 and it works) and the second class is the servlet-class named EmailServlet:
    when i call the EmailServlet, i get on the console:
    Server: 220 mx.google.com ESMTP g28sm19313024fkg.21
    Server: 250 mx.google.com at your service
    this is the code of my EmailServlet
    import java.io.*;
    import java.net.Socket;
    import java.net.UnknownHostException;
    import java.text.*;
    import java.util.Date;
    import javax.servlet.*;
    import javax.servlet.http.*;
    public class EmailServlet extends HttpServlet {
       public void doPost(HttpServletRequest request, HttpServletResponse response)
             throws IOException, ServletException {
          System.out.println("____emailservlet.doPost");
          response.setContentType("text/plain");
          PrintWriter out = response.getWriter();
          System.out.println("______________________________");
          out.println();
          String to = request.getParameter("to");
          System.out.println("____________________________to" + to);
          String subject = request.getParameter("subject");
          String msg = request.getParameter("msg");
          // construct an instance of EmailSender
          System.out.println("servlet_to" + to);
          send("[email protected]", to, subject, msg);
          out.println("mail sent....");
       public void send(String from, String to, String subject, String msg) {
          Socket smtpSocket = null;
          DataOutputStream os = null;
          DataInputStream is = null;
          try {
             smtpSocket = new Socket("smtp.googlemail.com", 25);
             os = new DataOutputStream(smtpSocket.getOutputStream());
             is = new DataInputStream(smtpSocket.getInputStream());
          } catch (UnknownHostException e) {
             System.err.println("Don't know about host: hostname");
          } catch (IOException e) {
             System.err
                   .println("Couldn't get I/O for the connection to: hostname");
          if (smtpSocket != null && os != null && is != null) {
             try {
                os.writeBytes("HELO there" + "\r\n");
                os.writeBytes("MAIL FROM: " + from + "\r\n");
                os.writeBytes("RCPT TO: " + to + "\r\n");
                os.writeBytes("DATA\r\n");
                os.writeBytes("Date: " + new Date() + "\r\n"); // stamp the msg
                                                    // with date
                os.writeBytes("From: " + from + "\r\n");
                os.writeBytes("To: " + to + "\r\n");
                os.writeBytes("Subject: " + subject + "\r\n");
                os.writeBytes(msg + "\r\n"); // message body
                os.writeBytes(".\r\n");
                os.writeBytes("QUIT\r\n");
                // debugging
                String responseLine;
                while ((responseLine = is.readLine()) != null) {
                   System.out.println("Server: " + responseLine);
                   if (responseLine.indexOf("delivery") != -1) {
                      break;
                os.close();
                is.close();
                smtpSocket.close();
             } catch (UnknownHostException e) {
                System.err.println("Trying to connect to unknown host: " + e);
             } catch (IOException e) {
                System.err.println("IOException: " + e);
       } 1.when i print "to" in EmailServlet also:
      String to = request.getParameter("to");
          System.out.println("____________________________to" + to);  it show null on the console :confused:
    2. ist this right in case of googlemail.com?
      smtpSocket = new Socket("smtp.googlemail.com", 25);  I would be very grateful if somebody can help me.

    jackofall
    Please don't post in old threads that are long dead. When you have a question, please start a topic of your own. Feel free to provide a link to an old thread if relevant.
    I'm locking this thread now.
    db

  • J2me and java card, need help to communicate

    we are trying to put together a reader to read smartcards using j2me and we figure that it would be easiest if we could develop it to work with java cards rather than standard smart cards, the problem is we get garbage when we communicate to it, the chip sends us crap, any suggestions what might be wrong, any calls we might be missing, has anyone worked with j2me and java cards or smart cards, any help would be appreciated.
    einar

    .... reader app and the ME behind it .... smells like mobile ....
    First of all - if you want to have one mobile application running on this just make sure that whatever is written in ME can use drivers from the reader chip ....
    Workin on the PC is something completely different. There was one good example how to develop one host application in Java provided with the JCOP tools long ago ... I don't know if this is now in the new Eclipse tools.
    But - there was a small API provided that can give you good hints what to do - and - once you have it on the reader side - you can easily integrate ME methods with this ...

Maybe you are looking for

  • .flv VIDEOS not playing smoothly

    A heavy video-generated Captivate project has been created in Cap 4: * 18 slides all up, with the total size of .flv videos coming to 90.7MB * Using Captivate, as looking for interactivity -- there is also a menu, so users can jump to whichever secti

  • How can I change all the fonts at once on labels I downloaded from Avery?

    How can I change all the fonts at once on labels I downloaded from Avery?

  • Elements 9 no disc to download to another computer

    I have the serial number for Elements 9, but I lost the disc.  It was only downloaded to 1 computer.  Is there a way to download it from the website and use the serial number I have Thanks, Ann

  • Af:panelPage facets not working

    I'm using ADF Faces EA11 and I'm having trouble with several of the facets on af:panelPage. None of infoReturn, infoStatus, and infoFootnote render at all. Is this a bug, or a known limitation of the early access release? Is there some trick to makin

  • Oracle Report toolkit and 3rd components

    Hi folks: I am a newbie to Oracle (10g) realm who am expected to write reporting functionality. My question is what the report tool out of the box in Oracle and is there any 3rd components for wrting reports? Thanks, Ricky