How do I implement BouncyCastle RSA encryption for a BlackBerry application?
As #itsteju points out, you can get the same functionality using the BlackBerry methods, but that does require an agreement and a royalty payment to Certicom.
Bouncy Castle maintains a J2ME compatible release on their releases page. It's not their full API, but does support RSA encryption.
As they provide source, the easiest way to integrate their RSA code into your project is to add their .java source files to your project and build. As I remember (I don't have the source readily available) they provide some classes in the java.lang package (BigInteger for example) - or at least they used to. The BlackBerry won't let your application run with these, so you'll have to rename the package and all references to it in the source you download. Note that last time I did this was a few years ago so things may have changed.
There is standard set of methods available for RSA encryption. Check API docs for this.
Those are licenced with Certicom. You need to get the keys purchased from Certicom before using RSA encryption.
Related
I'm starting to dive into a customer requirement that we use FIPS 140-2 for data at rest and data in transit. From my (limited) reading so far, it sounds like iOS 7 and up have FIPS support built in. I've also seen articles on the subject (iOS with FIPS) point to building OpenSSL and including that in your project to get FIPS support. I'm not sure why OpenSSL is necessary if FIPS is already included in iOS 7+. Am I missing something?
At the time of this writing OpenSSL FIPS is pretty much broken for newer Apple devices and versions of iOS past 6, because getting it to compile requires heavy modification of the build process, which is absolutely disallowed for FIPS compliance. You get a library, but not FIPS compliance unless you re-certify. Try stepping through the documented build process to observe the minefield. Community contributions to help resolve the issues have not been incorporated. It is also not very secure because it isn't responsively updated for threats. Heartbleed will be with us for years, but CommonCrypto turns on a dime in comparison, being re-certified as needed and updated along with other OS updates. Use Apple CommonCrypto.
One of the many threads about why it is broken: https://groups.google.com/forum/#!topic/mailing.openssl.users/V_HITNhWaDA
A related(not duplicate) question by me. The only answer breaks FIPS compliance.
Unknown cpu type when compiling OpenSSL FIPS Capable libraries for arm64 or arm7s
Unless you need some functionality that is in OpenSSL that is not in Common Crypto use Common Crypto.
The reason that Apple no longer supplies OpenSSL is due to many instances where SSL is not backward compatible and an Apple supplied current version may not be compatible with an app that was built with an earlier version.
Further, Common Crypto uses the build-in hardware crypto and OpenSSL may not.
Why use OpenSSL for FIPS 140-2 vs relying on CoreCrypto on iOS?
OpenSSL is available on a wider array of iOS platforms. For example, OpenSSL includes iOS 5 through iOS 7 using the A4 through A6 processors. There are more iOS validations, but they have not been given to the public under Certificate 1747. For example, the foundation already has an iOS 8 validation in progress.
In addition, OpenSSL is available on non-Apple platforms. The latter is appealing because the means the same code base can be used on multiple platforms, including Windows, Linux and Android.
Apple got its first validation on May 2013, which meant there was nothing available from Apple from 2010 to summer of 2013. That was a big void. Apple still only provides a validated module up to iOS 7.
And during the time of missing vendor support, Apple made it appear they had a validated module through their marketing literature. (Apple had a "Module In Progress", which is different than a "Validated Module". And it took them years to get it validated, which was kind of unheard of).
As someone who follows these things, Apple's tactics from 2010 through 2013 were clearly meant to confuse those who were looking for FIPS 140 validated modules. (I wrote to the CMVP about Apple's despicable practices. The CMVP will request a Cease and Desist order for vendors like Apple. Apple is not the only vendor to confuse and lie to folks - CipherCloud did it too).
I would like to know the minimum Android API level AndroidAnnoatations supports ? I could not find any info on their website .
regards,
Felix T
I think there is NO specific minimum Android API Level that AndroidAnnotations can work with.
Since it's a compilation tool, I mean it's related with the Java files and it's related not with Android API.
If you build an Android project with AndroidAnnotations, then some intermediate java files will be generated, which will be the final java file for Java compiler, and that's all. It's just used for convinience of your development. The generated apk file will not have information about AndroidAnnotations - it's something like a conversion tool (shorter exprssion to long complicated expression, which is not visible to you).
I think that you can use AndroidAnnotation from Android API Level 1.
Maybe some of the annotations cannot be used in Android API 1 project, but even if such case happens, just removing only that specific annotation in your .java file will make it work.
I would like to build an iOS app that includes some basic Git functionality. I basically only need pull, commit, and push capabilities. I'm new to iOS development so I am not aware of any frameworks or libraries that could provide these capabilities. I'm not sure if GitHub has an API for these features but that would suffice too.
Let me answer this old question with libgit2 library and their ObjectiveGit wrapper.
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language which supports C bindings.
ObjectiveGit provides Cocoa bindings to the libgit2 library. Even their licenses allow you to build closed-source software.
Found a random guide to making a commit with the API, no clue how accurate/useful it is.
GitHub API is available, details here : http://developer.github.com/
I understand why RIMAPPSA2 permission is thrown when signing a BlackBerry application. However, I don't know which classes, functions and/or API requires such permission.
Is there any way to find out (or better a documentation listing that information) ?
Regards,
RIMAPPSA2 permission is required when dealing with Blackberry Controlled APIs. In this particular case, I was definining new classes and redefining existing classes in one of the packages part of the Blackberry Controlled APIs.
Moving my classes to package not controlled by Blackberry Controlled APIs solved the issue.
I have just solved a similar problem for myself. As per my answer on BlackBerry RIMAPPSA2 signing key required — why?. I have updated this answer to help in case of future searches on similar words...
This might be due to a bug in Eclipse or RIM. You might not be using the RIMAPPSA2 classes.
OK, so its hard to believe but this page might fix the problem for some:
Frustrations with Blackberry Developer plugins for Eclipse
Basically its a bug, and by changing the Application Descriptor, saving, removing & re-adding the JAR file, the problem is fixed.
Follow-up #1 - might not work:
The above solution enabled me to build & sign the app. Unfortunately the app won't run on the phone Module 'MyApp" attempts to access a secure API.
Follow-up #2 - this worked for me:
I documented a full solution that worked for me here:
BlackBerry - use own JAR file in own project
In my case, I was importing my own JAR file, and I needed to set that project's build type to be a MIDLET. Setting it as LIBRARY or APPLICATION caused problems.
I have a RSA key in a PEM file created with openssl, and Im trying to load it into Lockbox3 (a delphi component) but it seems they are not compatible. In their forums I found this:
"Only after you nail down all the options used by the other party, both explicit and implicit (which are typically poorly documented), do you have a chance for interoperability."
So, I'm wondering if someone had made it work.
The latest version of Lockbox (available from SVN, not the file downloads as yet), provides a Delphi wrapper of OpenSSL's RSA functionality. It can save and load files in PEM format. I hope this satisfies.
The OpenSSL component is marked as experimental at the moment, but it has been tested and seems to work well.