ISNetworks S/MIMEPinatubo JCE/JCA Provider

ISNetworks S/MIME

Although our Java S/MIME library is no longer officially supported, we have released it under the Apache license to make it available to the public. The download includes the full source code, pre-compiled binaries, JavaDoc for the API and examples of how to use the library.

If you are interested in hosting an open source project for the source code, please let us know.

Features

  • Sends signed and encrypted messages
  • Validates and decrypts messages
  • Pure Java
  • Works with JDK 1.2.2, 1.3.x, 1.4.x, and 1.5.x
  • Adds S/MIME capability to JavaMailTM 1.1.3, 1.2, or 1.3

Frequently Asked Questions

  • How can I use certificates I already have from Verisign, Thawte, etc?

    If you only need to use the public key (for verifying a signature or sending an encrypted message), you can export your DER encoded certificate to a file and use the CertificateFactory API in the java.security.cert package to load it.

    However, if you need to use your private key to sign or decrypt messages, the easiest way to use your own certificates is to export both the certificate and private key in PKCS#12 format and load them from the file through the KeyStore API in the java.security package. These files will normally have .p12 or .pfx extensions. The ISNetworks JCE Provider included in the S/MIME download now includes read-only support for PKCS#12 files, with some restrictions as documented in the release notes.

    Sun also provides a PKCS#12 KeyStore implementation with the Java Secure Socket Extension (JSSE), but it does not work with all PKCS#12 files.

  • What MIME types does the library support?

    Currently, the library supports the following:

    application/pkcs7-mime (signed-data, enveloped-data, and compressed-data)
    application/x-pkcs7-mime (signed-data, enveloped-data, and compressed-data)
    multipart/signed
    application/pkcs7-signature
    application/x-pkcs7-signature

    When creating messages, the library defaults to use the older "x-" prefix when available for backwards compatibilty with older mail clients. This behavior can easily be overriden.

  • What email clients has the library been tested with?

    The library has been tested against Netscape Messenger 4.77, Microsoft Outlook 2000, and Microsoft Outlook Express 5 and 6, and Mozilla Mail 1.x.

Pinatubo JCE/JCA Provider

The Pinatubo Provider is a Java library which provides developers with programmatic access to Windows CryptoAPI. Pinatubo contains compliant providers for the Java Cryptography Architecure and Java Cryptography Extension.

The library is no longer officially supported, but we have now released the binaries under the Apache license and a full source release may follow. You can download it and use it free of charge.

Download note: The above product contains encryption technology that is subject to U.S. Export Regulations. The software may not be downloaded by individuals prohibited from receiving U.S. Exports (including Cuba, Iran, Iraq, North Korea, Sudan and Syria). More information is available on Export Administration Regulations (EAR) and the Bureau of Export Administration (BXA).

Features

  • Compliant JCA provider allows signing with software certificates and smart-cards
  • JCE Provider allows encrypting with software certificates and smart-cards
  • Native Secure Random for faster initialization of Crypto system
  • Sample code for demonstration of how to use the provider
  • Source included for clean-room JCE Implementation