README or Readme Src or Readme Bin Frequently Asked Questions Javadoc index or Help Documentation Java Cryptography Extension Specification Utility scripts Copyright and License

Cryptix Development Team

Introduction

Included in the Compiled Classes distribution is:

• the IJCE and providers packaged in JARs
• test programs within the JARs
• useful scripts to get it going
• this release readme, the main readme and the FAQ etc.
• doco in guide

Installation

For this Compiled Classes also do the following:

1. Do not unJAR the archives (*.jar) within the classes directory.

Testing

This distribution was tested at make time, and the actions were recorded into platform scripts in the auto directory (see auto/testjar*).

No JARs failed their tests.

In order to repeat the distribution tests, do for Unix:

    ../auto/testjar.sh

    ; Note, this batch is untested - and written by a non-DOS person :-)
    ..\auto\testjar

If any of the above listed working tests fail, please send a bug report. Note that the automatic release script produces a list of working tests; non-working tests are commented out. The latter should not be present, as non-working code is dropped from formal releases.

New in Release 3.1.0

This release - 3.1.0 - is mostly a bug fix release after an extended period of time. It may very well be the last release in the Cryptix 3 line, as the next generation will substantially change distribution patterns.

Changes include:

Java 2 (JDK 1.2) compatibility. No JCE 1.2 as yet, that will be released under a different stream.
• SHA-1 incompatibility bug is fixed (hopefully). MD5, SHA-1, SHA-0 update() bug should be fixed.
• RC4 static variable bug is fixed.
• Cryptix 2.2 compatibility with RSA is now added. It should not be used except by legacy code, like PGP 2.6 below.
• PGP 2.6 (not OpenPGP) has been added. There is only a nominal test that suits distribution.
• Testing now is more deterministic, as tests return 10 on success. This derives from the JVM's viewpoint that an uncaught exception is a successful result. New support classes are also added to the test cycle.
• Building: Old scripts in util cleaned up, and new scripts added.
• There is now an example manifest file util/man/webfunds.man which builds a complete single jar, taken from the WebFunds project.

These features were included in the previous release:

• Tools in cryptix/tools: Scar and UnixCrypt.
• HMACs for all message digests.
• Cryptix 2.2 compatibility with message digests, modes, ciphers.
• Supported Algorithms.
• Bugs fixed: RSA ArrayIndexOutOfBoundsException, Triple DES compatibility.

What's *not* here

• compatibility with JCE 1.2
• ElGamal encryption is incomplete (the tests are disabled), and whilst ElGamal signing is working and has a test, it is not really audited. You should use DSA in preference, which is faster and more reliable.
• IJCE:
  • test devoted to IJCE that can run independant of Cryptix (java.security.IJCE_test or some Sun standard name?)
• testing:
  • Some of the Test* programs do not correctly exit, so failures are not detected.
  • util/testjar.sh produces guess-code W95/NT batch scripts in auto/testjar.bat. This is reported to work, but is not reliable.
• Native libraries are not currently included.
• OpenPGP is not here at all
• Cryptix has only been compiled and run with Sun-sourced compilers and JVMs.
• Javadoc is distributed without images.

Mail us with your priorities.

Bug Reports

Please include

• the Cryptix version number: 3.1.0,
• the type of distribution: bin,
• your JDK version / supplier,
• the platform

Note that if you are not subscribed, you should do so. Regardless, bugs will caught by the list manager and sent to an appropriate Cryptix Development Team member.

Copyright and License

This release of Cryptix is covered by the Cryptix General License .