Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

RC4 cypher in Java, decypher in JavaScript.

 
Thiago Primerano
Greenhorn
Posts: 3
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I need to encrypt with Symmetric Cryptography (RC4) a text in a Java program, after, decrypt this in a JavaScript function. Have Anybody a solution ?

Thanks.
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
En/decryption in Java is generally done using the JCE API. You can find some links and example code about it in the http://faq.javaranch.com/java/SecurityFaq. The two sides wouldn't by any chance be communicating over HTTP, would they? Because in that case one might just use SSL and be done with it.
 
Thiago Primerano
Greenhorn
Posts: 3
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Ulf, thanks for reply.
In my case, i need to generate a encrypted text and send via Email (an attached html document).
When de final user receive this file, i won't kwon if user is connected. The solution (i think) is a decrypt via javascript, this function will be send in the attached html.

Have anybody a same problem ?

Tks again.
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This sounds like a really convoluted way to go about sending encrypted text via emails. There are standards for sending encrypted emails; check out PGP and GPG.
 
Nicholas Jordan
Ranch Hand
Posts: 1282
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ulf Dittmer:
There are standards for sending encrypted emails; check out PGP and GPG.


Has anyone written these in Java ? and what about the Criptix package I found while working a similar question for my own project ? Code you ( anyone - poster, me or otherwise ) can understand is safer than code one does not understand.


 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Nicholas Jordan:
Code you ( anyone - poster, me or otherwise ) can understand is safer than code one does not understand.

The safety of code has nothing to do with the fact whether one is able to understand it. Especially with cryptography code I would advise NOT to write it oneself; it's very easy to get wrong and lose all safety. That's what the BouncyCastle and Cryptix libraries are for (if one wishes to avoid the Sun JCE providers).
 
Nicholas Jordan
Ranch Hand
Posts: 1282
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Ulf Dittmer:

The safety of code has nothing to do with the fact whether one is able to understand it. Especially with cryptography code I would advise NOT to write it oneself; it's very easy to get wrong and lose all safety. That's what the BouncyCastle and Cryptix libraries are for (if one wishes to avoid the Sun JCE providers).


I understand your point, and the poster should note it carefully: Encryption Software to Avoid, I just obtained two contemporary texts on crypto and both of them, along with Bruce Schneier say the same thing.

Do you know of any beginner texts / tutorials on how to use any of the three libraries ? I have extensive experience trying to do things with people who are not trained and I understand your point exquisitely, there are risks involved that cannot be understated. Still, with that in mind I needed a public key / private key pair for my design and did not need a turtle shell beyond defeating attacks on a simple inventory system that I am already doing myself - in my head without pencil and paper methods - and am stuck using non-crypto strength locks and keys because all the code I have found so far wraps everything is AES and Certificates ... neither of which is of any use in my current design needs.

I recently wrote several thousand lines of classes during recent holidays and yet nothing on simple public key private key pair beyond obtaining a nifty signature for my emails using putty. RC4 is not unbreakable.
[ December 23, 2007: Message edited by: Nicholas Jordan ]
 
Rus Prince
Greenhorn
Posts: 2
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here you go:

http://java.ittoolbox.com/code/archive/413/
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic