ABA's JCE v1.1

Version : $Id: README.html,v 1.16 1999/02/18 06:57:52 leachbj Exp $
Send Comments to ABA

Australian Business Access

Australian Business Access Pty Ltd (ABA) was established in 1995 with the objective of enabling companies and government agencies for Internet commerce. As a result, ABA has developed considerable expertise in the area of Internet security. ABA has also concentrated its programming skills by developing JavaTM applications.

These strengths were the basis for the development of ABA's SecurEcommerceTM architecture. Written in Java, SecurEcommerce provides organisations with the ability to engage in highly secure business to business commerce using the Internet. SecurEcommerce's unique "need to know" messaging system means that sensitive information is revealed on the basis of commercial need only.

ABA has used the SecurEcommerce architecture to develop commercial applications; one of which is the highly successful real time, credit card authorisation service called SecurEpayment.

The ABA JCE was developed to provide the necessary security environment for SecurEcommerce.

Australian Business Access is an Australian company situated in Melbourne.

Contact details:
Australian Business Access Pty Ltd
Level 2, 33 Lincoln Square South,
Carlton, Victoria,3053, Australia

Phone +61 3 8341 2400
Fax +61 3 8341 2499
Email enquiries@aba.net.au

The ABA JCE v1.1

The ABA JCE is a clean room implementation of the Java Cryptography Extension (JCE) API as defined by Sun MicrosystemsTM, plus a provider of underlying crypto algorithms. This package does not include any native code.

This JCE is based on the early access beta2 version of the JCE as available from the Java Developer ConnectionTM early access area. Since the Sun JCE is written for JDK 1.2, there are three versions of the library included. One which is compatible with JDK 1.02, one with JDK 1.1 and one with JDK 1.2 (tested against JDK 1.2fcs).

The source for each version of the libraries may be found in this package as src-1.x.zip. These archives may be unzipped using the jar tool or a zip compatible archiver.

This package is covered by the ABA Public Licence. Please ensure you review this licence before making use of this package. Support contracts are also available.

Installation

To make use of this package simply include the 1.0, 1.1, or 1.2 version of the class zipfile (located in lib-1.0, lib-1.1 or lib-1.2 as jce.zip) in your CLASSPATH. There is no need to unzip these files, just include the zipfile in the CLASSPATH, for example:

CLASSPATH=.:lib-1.1/jce.zip

Check your Java runtime documentation for more information.

To make use of the ABA provider under JDK 1.1 or JDK 1.2 insert an entry for the provider into the security properties file ($JAVA_HOME/lib/security/java.security) similar to:

security.provider.2=au.net.aba.crypto.provider.ABAProvider

Alternatively an application may add the provider at runtime using code similar to:

import java.security.Security;
import au.net.aba.crypto.provider.ABAProvider;

Security.addProvider(new ABAProvider());

Further documentation

Executive Overview
For more information on this package
Technical Specifications
For information on the supported algorithms.
ABA Provider Documentation
The reference documentation for the ABA Provider.
Java 1.0 API documentation
JDK 1.0 API Documentation.
Java 1.1 API documentation
JDK 1.1 API Documentation.
Java 1.2 API documentation
JDK 1.2 API Documentation.

Compatibility Notes

In order to achieve compatibility across JDK 1.0, 1.1 and 1.2 included are a number of "compatibility packages". These packages are clean room implementations of the JavaTM packages based on the JDK 1.1 and 1.2 API documentation set.

The following packages are the compatibility packages for 1.0:

The following packages are the compatibility packages for 1.1:

To provide Java Serialization support across 1.0 and 1.1, we have implemented an ObjectInput and ObjectOutput streams based on the JDK 1.1 Externalizable specification. The Externalizable interface is similar to the Serializable interface. However each class needs to support a method for reading and writing instances of that class, and these methods are public.

Currently both the au.net.aba.crypto.provider.DESKey and au.net.aba.crypto.provider.RC4Key Key classes implement the Externalizable interface. This is undesirable since it makes these objects mutable (ie a given instance may be altered within the runtime. If there is no requirement to serialise keys in 1.1 and read them in 1.0, it is recommended to remove the Externalizable interface support from the Key classes that currently implement it, and recompile. This currently applies to the au.net.aba.crypto.provider.DESKey and au.net.aba.crypto.provider.RC4Key classes.

Mailing list

A mailing list is available for discussions on the ABA JCE. To subscribe send an empty mail message to: list-jce-subscribe@aba.net.au.

Feedback may be sent directly to: feedback-jce@aba.net.au.


Sun, Java, Java Developer Connection are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.

SecurEcommerce is a trademark of Australian Business Access Pty Ltd.