Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Highlighted
Developer
Posts: 38
Registered: ‎09-22-2009
My Device: Not Specified
Accepted Solution

Availability of encryption modules?

I am currently using the RIM AES encryption support in my application, but I'm concerned that the libraries won't necessarily be on all users' devices, due to OS version, export controls, or other things.  According to the developer docs (http://www.blackberry.com/developers/docs/4.5.0api/net/rim/device/api/crypto/doc-files/CryptoAlgorit...):

"not all of the supported algorithms are loaded on the device in its default configuration. To maximize performance, the handheld can be optimized to include only a minimal set of crypto functionality. Conversely, to increase security, users who wish to use PGP, S/MIME or TLS must load a larger set of crypto files on the device. "

How does this loading take place?  According to the chart on the page, AES is provided in net_rim_crypto1.cod, but how is that loaded?  It seems to just work in my testing, but I don't know if I did anything to make that so, nor whether it will work on someone else's device.  Do I include it somehow, and if so will it be encumbered by export controls?

In general, I'm looking for a world-wide available BB encryption method.  The RIM libraries are convenient, and I'd like some advise I whether I should continue to use them.


Thanks,
Jim
Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: Availability of encryption modules?

You could include your own implementation of AES (e.g., see BouncyCastle AESFastEngine) and, if that one's too slow, you could use the Certicom's implementation where it is available (almost everywhere).
Developer
Posts: 38
Registered: ‎09-22-2009
My Device: Not Specified

Re: Availability of encryption modules?

I have a Code Signing key from RIM, but does using the Certicom classes require a different, additional key?

Regards,
Jim
Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: Availability of encryption modules?

[ Edited ]

I don't know whether you need RCC (aka Crypto API - Certicom) signatures for AES. I presume you are getting enough signatures from RIM already for your AES-using code to run fine.

 

P.S. Sorry for the confusion earlier. There's only one implementaion of AES available via the standard RIM APIs. I don't know whether this implementation is the one using the Certicom cryptographic kernel/classes or whether it's a RIM's own implementation.

Message Edited by klyubin on 22-09-2009 11:50 PM
Developer
Developer
Posts: 319
Registered: ‎07-20-2008
My Device: Not Specified

Re: Availability of encryption modules?

Just FYI... I use the native RIM AES implementation heavily and in the past 3 years, I've never run across a handheld that didn't have the proper libraries.  The odds of someone having AES disabled are so low that it's not worth worrying about.

 

Developer
Posts: 38
Registered: ‎09-22-2009
My Device: Not Specified

Re: Availability of encryption modules?

Thanks for the feedback.  Based on this, I'll stick with the RIM modules and see how it goes.

 

 

Regards,

Jim