How to: Bouncy Castle on BlackBerry
While RIM does provide a Cryptographic API for their BlackBerry smartphones there are times when what is provided out of the box just isn't enough. In my case I was creating a mobile application that needed to retrieve infomation about TLS certificates presented on a socket / port by a server. While the RIM API has a 'Certificate' object, it does not allow you to get the encoded public key information.
To get around this problem I turned my attention to the Bouncy Castle Lightweight API which is suitable for use with the J2ME platform (BlackBerry included). As seems to be the case with Bouncy Castle it took me a few days to find out how to accomplish my task.
This article describes how to 'install' Bouncy Castle into your BlackBerry application.
Update: For information how to use the TLS Client from the BC Lightweight API, see this article.
References
- Bouncy Castle Latest Releases page [bouncycastle.org]
- Bouncy Castle FAQ [bouncycastle.org]
- Validate SSL Certificates? [supportforums.blackberry.com]
- Eclipse Character Encoding Problem [eclipse.org]
- How to change default text file encoding in eclipse? [stackoverflow.com]
Steps to get Bouncy Castle compiling in a BlackBerry project
- Download the Bouncy Castle J2ME edition from the BC download page
- Even though there is a package which contains 'everything' BC related, I found more luck using the J2ME specific package: lcrypto-j2me-147.zip
Other tutorials out there speak of a cldc_classes.zip file that should be used. I found working with the source code to be easier for me. That file doesn't exist any more, anyway: It's cldc_bccore_classes.zip
- Extract the lcrypto-j2me-147\lcrypto-j2me-147\zips\cldc_bccore_sources.zip file
- Import the source files into eclipse. Since this was new to me, here are some steps on how to do that:
- Right click on the src folder and select Import...
- Select File System when the 'Import' dialog appears
- Navigate to the folder where you decompressed the lcrypto-j2me package and check the boxes next to org and java. You may need to copy/paste the path into the From Directory box to avoid importing unnecessary folders
- Right-click and rename the Java.xxx packages to something like org.bouncycastle.java.xxx. This is important if you want to avoid code obfuscation (See question 3 of the bouncy castle FAQ for info on why they add code to the java.* namespace)
- If you don't use obfuscation and don't rename the java.* namespaces provided by bouncy castle, your app will seem to compile fine- then you'll see an error like this when you try to run it on a BB device:
Error Text: Error starting AppName, AppName may not contain classes in com.rim, net.rim, net.blackberry, java or javax packages
The error makes it sound like the app should have classes in those namespaces when in reality it is trying to tell you to NOT put classes there. - When I tried to refactor / rename the java.* files provided by BC, I ran into this eclipse error:
Error Text:
An exception has been caught while processing the refactoring Rename Package
Reason:
Some characters cannot be mapped using Cp1252 character encoding. Either change the encoding or remove the characters which are not supported by the CP1252 character encoding - To get past the problem I ended up changing the character encoding in Eclipse to UTF-8. This can be done by:
- Clicking on the Window menu
- Selecting the Preferences menu item
- Clicking on General -> Workspace
- In here you can change the Text File Encoding option
- At this point you should be able to compile and run your BlackBerry application without any weird error messages
In another article I'll demonstrate how to use the TLSClient functionality found in Bouncy Castle to gather information on Server Certificates.
I want to call out the assistance that rihan007 gave me in this BlackBerry forum thread. I was marching down the obfuscation path when he suggested renaming the classes. Makes sense to me!