At this moment I have very little
time to extend the JCE taglib library. Therefore
I'm looking for contributors for following tasks:
- finalizing the LightCrypto library
- writing tags that works with OpenPGP
- writing tags for key agreement
- writing a tutorial
Please drop me a line if you are interested.
A patch has been released ("Patches" section) that fixes the XML parsing error in "jce.tld" file.
The issue can also be resolved by rebuilding the taglib using XDoclet 1.2.2
Thanks to Tito Costa for resolving the issue!
After a long period of beta cycles, I finally released version 1.0 of the JCE taglib project.
This final version adds support for JSP 2.0 EL (Expression Language) functions. Check out the new JSP 2.0 sample application for details.
The stripped down package CryptoLib has also been upgraded to 1.0.
Further, the documentation (javadoc & tag reference) is available in different formats such as html, pdf and chm.... read more
# Automatic generation from source: Xdoclet -> TLD -> reference documentation
# Refactoring & cleanup code
# Fixed some small bugs
This is hopefuly the last release before the final 1.0 which will be released in the first quarter of 2004. All 1.0 functionality is completed. Please test this release and report any bugs.
An upcoming release 1.1 will be a JSP 2.0 compliant version. Future roadmap: OpenPGP and key agreement
CryptoLib contains the same base classes that JCE tag library uses but without the tag library classes. They are re-packaged/refactored and offered as a separate download so it can be used for non-JSP projects.
CryptoLib provides high-level cryptographic functions based on JCE (Java Cryptographic Extensions) and will be used as a base for JCE taglib version 1.0 final
# PBE encryption of string & files
# Encrypt inputstreams with RC4 stream cipher
Due to the enormous amount of work, version 1.0 of JCE tag library has been delayed.
Recently, I released LightCrypto, classed that are using the Bouncycastle lightweight API instead of JCE. LightCrypto can be used when memory is an issue such as with mobile applications. Expect beta 3 soon.
Currently, I'm refactoring JCE taglib's underlying classes. These classes will soon be available as a separate package download, so they can be used for your non-JSP projects.... read more
# Create MACs (Message Authentication Code) from text and files with HMAC (HMAC-SHA1) or CBC-BlockCipherMAC with IV
# Keystore & encryption/decryption is now compatible with JCE taglib keystore (CBC-Twofish/256 bit)
# Removed redundant code
Beta 1 of the "LightCrypto" package have been released.
LightCrypto is a set of Open Source Java classes with
basic cryptographic routines using the BouncyCastle lightweight API.
It uses a minimal amount of memory so it can be used with J2ME, browser applets, PDA's, HSQLDB or in any other situation where JCE is too heavy for the job.
This is the last major beta release. All basic encryption features for an upcoming version 1.0 are included.
I will soon try to upload this beta into CVS
Beta 6 & corresponding released...
- The symmetric keystore is now passphrase-secured & encrypted with Twofish.
- Set optional random seeds for symmetric key generation & PBE
- Add support for RC4 stream cipher (for file encryption)
- Clear sensitive information (passwords, clear text, keys, ...) from memory after usage
- Tag reference available in printable PDF, Windows Help & plain HTML format
- FIX: using StringBuffer instead of String for storing sensitive information (passwords, clear text)
- FIX: PBE salts are now random and stored within the encrypted string/file
- FIX: IV (initialization vectors) are now stored within the encrypted string/file instead of the symmetric key.
- FIX: default scope is now set correctly (= PAGE)
Beta 5 and corresponding 0.5 sample application
can be downloaded.
* Hybrid encryption (combines different cryptographic functions such as block cipher
, signatures and X.509 certificates in one secure
object - read the FAQ for more information )
* Create certificates from PKCS10 and Netscape requests
The corresponding 0.4 sample application adds a complete example of Internet Explorer/Netscape/Mozilla & manual certificate enrollment
* Generating X.509 v3 certificates:
- RSA/DSA algorithms with 512, 1024 or 2048 bit keylength
- self-signed (CA), intermediate and user certificates
- for SSL server and client authentication, S/MIME, signatures, encryption, Code and object signing, ...
- for use with Internet Explorer, Netscape, Mozilla, IIS, Apache and other X.509 enabled products
PKCS#12 keystores or PEM strings/files
- Extract information from X.509 certificates
- Generate CRL (Certificate Revocation List)
- Verify & validate X.509 certificates against CRL's
I released a simple JSP application to show and test the JCE taglib functions.
Feel free to post and discuss your performance results in the
"JCE performance results" forum
- Added HMAC (message authentication codes)generation of string and files
- Added SIG (signature) generation/verification of strings and files
- Added public/private key encryption of strings (X.509 certificates)
- Changed most of the tag attribute "Runtime Expression Evaluation" parameter to "TRUE"
The first beta of JCE taglib for JSP has been released...