20.1 Overview of RecipesThe sample applications in this chapter provide ready-to-use code snippets for symmetric key encryption, password-based encryption, public key encryption, and digital signature tasks. You can use them in your custom J2ME applications. Brief descriptions of those common tasks are given in Resources"), contains four sample applications, each demonstrating the API use of a crypto package (Bouncy Castle, IAIK, Phaos, and jNeo). Table 20.2 lists the toolkits versions used in this chapter. Inside each sample application, the most important class is CryptoEngine, which stores keys and provides thin wrappers over API methods. CryptoEngine sports a monolithic single class design not optimized for code reuse. Please do not consider it a best-practice example. Instead, the examples are designed to get you started with working code quickly. Each method in the CryptoEngine class demonstrates a complete application task (for example, the RSAEncrypt() method encrypts an input byte array using RSA).
20.1.1 The Package StructureAll the J2ME crypto libraries used in the sample applications run on both CLDC and CDC platforms. To evaluate their performance in the most restricted environment, I provided user interface (UI) for the MIDP. The MIDlets drive the CryptoEngine and measure time spent on each task.Building and running the sample applications is easy. You simply change the parameters in the build.xml file to reflect your system settings and run ANT tasks package and run. I bundled Bouncy Castle 1.16 in the BC sample. For other toolkit samples, you must contact vendors to obtain their software and evaluation licenses. You should put library JAR files in the lib/ directory. 20.1.2 Key SerializationBesides basic encryption/decryption operations, key serialization is a core feature demonstrated in the examples. There are two important reasons for key serialization.Except for the NTRUEncrypt algorithm, generating public key pairs on mobile devices is extremely time consuming.In most applications, the sender and receiver use different devices, which requires keys to be transported over the network. NoteIn our examples, key serialization is used to minimize on-device key generation. All our encrypt/decrypt and sign/verify method pairs in the CryptoEngine class use the same in-memory key objects.Classes in directory keygensrc pregenerate keys and serialize them to files in directory res/keys before MIDP suite packaging. CryptoEngine's constructor constructs pregenerated keys from files in the JAR's keys/ directory (res/keys directory in the build system). CryptoEngine also has methods to support direct key generation on mobile devices. |