Geek Answers Handbook

Install SunJCE on Android?

The company I'm working on is worried about developing Android apps because the default cryptographic library, Bouncy Castle, is not FIPS-140 certified. I can do nothing to change my mind or policy.

I am wondering what options I have for installing (or at least combining) SunJCE with my application.

Firstly, I can’t find where I would download the latest version of this jar. I tried to grab jce jar from my desktop and install it as an internal jar in my Android project and got this funny if ominous message:

Trying to include the main class (java. * Or javax. *) In something other than the main library. It is likely that you tried to include in the application - the main library (or parts of it) from the virtual desktop machine. It will certainly not be a job. At a minimum, this compromises the compatibility of your application with the future version of the platform. It is also often of dubious legality.

If you are really going to build a kernel library that is only suitable as part of creating a complete virtual distribution of machines, as opposed to compiling an application, then use the --core-library option to suppress this error message.

If you go ahead and β€œ--core-library”, but actually create the application, then warned that your application will still not be able to build or run, at some point. Please be prepared for the anger of customers who find, for example, that your application ceases to function as soon as they system. You will be to blame for this problem.

If you legally use some code that is in the kernel package, then the easiest safe alternative you have to repackage this code. That is, move the classes to the question about your own namespace package. This means that they never come into conflict with the main system of classes. If you find that you cannot do this, then this is an indication that the path you are on will ultimately lead to pain, suffering, sadness and crying.

I am not because of pain, suffering, grief or crying, so I would like to know how to do it right, provided that I have to do something.

+4
source share
1 answer

You cannot import java.* Or javax.* due to a compiler error you encountered. Following their instructions, they should work, but changing the packages to something can be significant, and I don’t know if the result will still match FIPS-140. Also, if JCE is implemented in pure Java, on Android it can be slow. And if the JCE is not from the GPL'd version of Java or some other open source version, the issue of licensing error message hints matters.

There are other FIPS-140 encryption libraries, such as NSS , which have Java bindings and others that you could probably write Java bindings for. Perhaps you could force one of those who work with NDK to work on Android.

+1
source

More articles:


All Articles