0

Thanks to Android shipping its own, outdated versions of the BouncyCastle crypto libraries I'm in an ugly situation. I've built a library that talks REST to our own webservice where data is encrypted and decrypted on the fly by the client. The client can either be a mobile application on Android or desktop/server computer running Oracle Java.

For Android I need SpongyCastle and for the desktop/server I need BouncyCastle because SpongyCastle JARs are not signed and the Oracle runtime won't allow that for that crypto stuff.

The thing is, the code is completely the same, regardless of the library beingused. Only the imports are different because of the package names. In C I'd use conditional compiling to include the platform specific headers, not so much in Java, I know. Still, is there a way without too much effort where I can achieve something similar, create two builds from almost the same source? I'd really hate to have two .java files that do exactly the same but only have some different imports. That's a maintainance nightmare.

Robert Lohr
  • 635
  • 8
  • 21
  • How many imports do you have? You don't need the signed provider if you are not using JCE classes. – President James K. Polk Sep 23 '16 at 01:33
  • You could look at it as a glass half-full proposition. Android's version of Java and Oracle's version of Java are not completely compatible, and there is no guarantee they won't diverge even more in the future. Just having a few files that differ in headers doesn't seem like a big deal compared to, say, maintaining an iOS and Android versions. – President James K. Polk Sep 23 '16 at 01:37
  • I am using JCE but maybe I could work around this if that's the only option. – Robert Lohr Sep 23 '16 at 06:31

0 Answers0