public key encryption javax.crypto

L

Larry Grant

My primary eperience with crypto is using PGP, but now I'd like to use
crypto in a Java application. I've been wading therough the javadocs
for the "javax.crypto" package, and I'm having a hard time finding any
straightforward way to just perform basic public key encryption like
PGP does. I've found references to ElGamal and Diffie-Hellman
algorithms, but they seem to be all about "key agreements", not
encryption.

Is there anything in javax.crypto that will just let me generate key
pairs and then perform encryptions to public keys and decryptions from
private keys?
 
M

Michael Borgwardt

Larry said:
My primary eperience with crypto is using PGP, but now I'd like to use
crypto in a Java application. I've been wading therough the javadocs
for the "javax.crypto" package, and I'm having a hard time finding any
straightforward way to just perform basic public key encryption like
PGP does. I've found references to ElGamal and Diffie-Hellman
algorithms, but they seem to be all about "key agreements", not
encryption.

Is there anything in javax.crypto that will just let me generate key
pairs and then perform encryptions to public keys and decryptions from
private keys?
 
M

Michael Borgwardt

Larry said:
My primary eperience with crypto is using PGP, but now I'd like to use
crypto in a Java application. I've been wading therough the javadocs
for the "javax.crypto" package, and I'm having a hard time finding any
straightforward way to just perform basic public key encryption like
PGP does. I've found references to ElGamal and Diffie-Hellman
algorithms, but they seem to be all about "key agreements", not
encryption.

Is there anything in javax.crypto that will just let me generate key
pairs and then perform encryptions to public keys and decryptions from
private keys?

CipherInputStream and CipherOutputStream sounds promising to me...
 
C

Carl Howells

Larry said:
My primary eperience with crypto is using PGP, but now I'd like to use
crypto in a Java application. I've been wading therough the javadocs
for the "javax.crypto" package, and I'm having a hard time finding any
straightforward way to just perform basic public key encryption like
PGP does. I've found references to ElGamal and Diffie-Hellman
algorithms, but they seem to be all about "key agreements", not
encryption.

Is there anything in javax.crypto that will just let me generate key
pairs and then perform encryptions to public keys and decryptions from
private keys?

Having done this recently:

Kind of.

javax.crypto and java.security provide an interface with which
public-key encryption can be performed. However, they don't provide a
default implementation of most algorithms, instead providing only the a
common interface for provider to use.

I ended up using bouncycastle <http://www.bouncycastle.org/> as the
provider, using the javax.crypto and java.security interfaces.
 
L

Larry Grant

Michael Borgwardt said:
CipherInputStream and CipherOutputStream sounds promising to me...

I'd seen those, but I thought they were only for symmetric-key (not
public key) encryption. I'll take another look. Thanks.
 
M

Michael Borgwardt

Larry said:
I'd seen those, but I thought they were only for symmetric-key (not
public key) encryption. I'll take another look. Thanks.

Note that PGP and all similar programs do NOT use public key cryprography on
the actual content; they use it only to encrypt a session key which is then
used with a symmetric-key algorithm.
 
R

Roedy Green

Note that PGP and all similar programs do NOT use public key cryprography on
the actual content; they use it only to encrypt a session key which is then
used with a symmetric-key algorithm.

To use these classes, you don't need to be aware of how it works under
the covers. You just feed PGP keys and text and both ends and it does
it thing.


BouncyCastle is a JCE (Java Cryptographic Extension)-compatible
library that also handles PGP. It is well regarded. The source is not
well formatted or commented. The JavaDoc is sparce and inaccurate.

You will want to download the BouncyCastle jars for:
JCE Provider
open PGP
test examples
Java Source for Open PGP

Put the jars in your ext directory.

Generating Keys

Generate a binary private/public key with:

java org.BouncyCastle.openpgp.examples.RSAKeyPairGenerator charlie
"open sesame"

The public and private keys will appear as pub.bpg, and secret.bpg.
You can generate ascii *.asc ascii armoured file instead by using the
-a option like this:

java org.bouncycastle.openpgp.examples.RSAKeyPairGenerator -a charlie
"open sesame"

To generate variants look at the source code in bcpg-jdk14-122/src/
org/bouncycastleopenpgp/examples/RSAKeyPairGenerator.java

Signing A Binary File

java org.bouncycastle.openpgp.examples.SignedFileProcessor -s
anyfile.dat secret.bpg "open sesame"

Resulting signed file will appear in anyfile.dat.bpg signed, but not
encrypted.

Verifying a Signed Binary File

java org.bouncycastle.openpgp.examples.SignedFileProcessor -v
anyfile.dat.bpg pub.bpg
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top