The Java Cryptography Extension (JCE) 1.2.1 is an optional package for J2SE 1.2.x and 1.3.x that provides a framework and implementations for encryption, key generation, key agreement, and Message Authentication Code (MAC) algorithms. The digital certificate that was used to sign the JCE 1.2.1 jar files will expire on July 27, 2005, after which the product will no longer function.

This issue can occur in the following release:

• Java Cryptography Extension (JCE) 1.2.1 (for J2SE 1.2.x and 1.3.x)

Notes:

1. JCE 1.2.1 is at "End of Service Life" (EOSL), and is no longer supported. JCE 1.2.1 was EOSL'ed in 2002 when JCE 1.2.2 was released.
2. The JCE that is integrated into J2SE 1.4 and later is not affected by this issue. This Sun Alert is specific to JCE 1.2.1, which is an optional package for use with J2SE 1.2.x. and 1.3.x (JCE 1.2.1 is not bundled with J2SE 1.2.x and 1.3.x).

After the expiration date, code calling into JCE 1.2.1 will fail with symptoms similar to the following:

    [xxxxxx@xxxxxx] 258 >java BlowfishKey
    Exception in thread "main" java.lang.ExceptionInInitializerError:
    java.lang.SecurityException: Cannot set up certs for trusted CAs
         at javax.crypto.b.<clinit>([DashoPro-V1.2-120198])
         at javax.crypto.KeyGenerator.getInstance([DashoPro-V1.2-120198])

There is no workaround. Please see the "Resolution" section below.

This issue is addressed in the following releases:

• Java Cryptography Extension (JCE) 1.2.2 (for J2SE 1.2.x and 1.3.x)

which is available at: http://java.sun.com/products/jce/index-122.html

• JCE in J2SE 1.4 and later

which is available at: http://java.sun.com/j2se/1.4.2/download.html and http://java.sun.com/j2se/1.5.0/download.jsp

This solution has no attachment