aspose file tools*
The moose likes Java in General and the fly likes string encrypt/decrypt API Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "string encrypt/decrypt API" Watch "string encrypt/decrypt API" New topic
Author

string encrypt/decrypt API

FY Hsieh
Ranch Hand

Joined: Aug 07, 2006
Posts: 73
In JDK, what's the common and popular encrypt/decrypt API ?
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18117
    
  39

Originally posted by FY Hsieh:
In JDK, what's the common and popular encrypt/decrypt API ?


As of Java 1.4, the cyptography API is included as part of the core. There are some good third party (and open source) solutions, but most programs just use the core libraries now.

Henry
[ November 29, 2006: Message edited by: Henry Wong ]

Books: Java Threads, 3rd Edition, Jini in a Nutshell, and Java Gems (contributor)
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
JCE is already in place with JDK to take care of your encryption and decryption.But I do not think is has any direct function to do this.
You can use symetric approach if you need to encrypt/decrypt a string.Using the JCE you can create symetric key and then with the help of cipher and the key you can decrypt and you need to use the very same key for decryption.


Rahul Bhattacharjee
LinkedIn - Blog
FY Hsieh
Ranch Hand

Joined: Aug 07, 2006
Posts: 73
Originally posted by Rahul Bhattacharjee:
JCE is already in place with JDK to take care of your encryption and decryption.But I do not think is has any direct function to do this.
You can use symetric approach if you need to encrypt/decrypt a string.Using the JCE you can create symetric key and then with the help of cipher and the key you can decrypt and you need to use the very same key for decryption.


Thanks. what if the party that needs to decrypt resides on another server and needs to decrypt the string I pass from my server ? Do people usually pass the string along with the key over the network ?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39548
    
  27
Do people usually pass the string along with the key over the network ?

That kind of defeats the purpose of encryption. I f you pass the ciphertext along with the key for decryption you might as well send the cleartext instead. Generally, the key is communicated to wherever it is needed by other channels.


Ping & DNS - updated with new look and Ping home screen widget
FY Hsieh
Ranch Hand

Joined: Aug 07, 2006
Posts: 73
Originally posted by Ulf Dittmer:

That kind of defeats the purpose of encryption. I f you pass the ciphertext along with the key for decryption you might as well send the cleartext instead. Generally, the key is communicated to wherever it is needed by other channels.


so, could you give some details on how to pass an encrypted string to another JVM (suppose they can use the same encryption algorithm or API) ?
FY Hsieh
Ranch Hand

Joined: Aug 07, 2006
Posts: 73
Originally posted by Ulf Dittmer:

That kind of defeats the purpose of encryption. I f you pass the ciphertext along with the key for decryption you might as well send the cleartext instead. Generally, the key is communicated to wherever it is needed by other channels.


so, could you give some details on how to pass an encrypted string to another JVM (suppose they can use the same encryption algorithm or API) for it to be decrypted on the other end ?
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
As Ulf mentioned ; by some other channed it should be made available to the JVM.

The key that you have used for encrypting , you can make a BAES64 encoded string out the key bytes.(key.getEncoded() would return you the raw bytes of the keys.)
Then put that encoded key string into a property file.You can now change the server code to look the property , decode using BASE64 , construct the key and use that for decrypting the cipher.
Tim LeMaster
Ranch Hand

Joined: Aug 31, 2006
Posts: 226
If I need to send some encrypted text from one machine to another, I'd use the commonly accepted way to do this - SSL. You could do HTTPS or just your own plaintext protocol - think telnet - but stream it with SSL over the TCP layer.

You get mutual authentication if you want it. You get a stream cipher so you can send data of any size. Check out SSLSocket.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39548
    
  27
You can copy the file containing the key to every machine where it's needed. Or does the key change so frequently that this isn't feasible?
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18117
    
  39

Originally posted by FY Hsieh:

so, could you give some details on how to pass an encrypted string to another JVM (suppose they can use the same encryption algorithm or API) for it to be decrypted on the other end ?


If you use an encryption algorithm that uses asymetric keys, then this should be easy to accomplish.

Basically, the target machine will need to generate a keypair, then pass the public key of the pair (in clear text) to the source machine. The source machine will then encrypt the data using the public key, and send it to the target machine. The target machine can then decrypt the data using the private key.

Anyone that watches this transaction will have the encypted data and the public key. And since the data was encrypted with the public key, it isn't capable of decrypting it.

Henry
D Rog
Ranch Hand

Joined: Feb 07, 2004
Posts: 472

Henry
Do you have any working examples of your approach? it looks very interesting for me, however I wouldn't like to start with pure idea.


Retire your iPod and start with HD Android music player Kamerton | Minimal J2EE container is here | Light weight full J2EE stack | and build tool | Co-author of "Windows programming in Turbo Pascal"
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18117
    
  39

Originally posted by D Rog:

Do you have any working examples of your approach? it looks very interesting for me, however I wouldn't like to start with pure idea.


I would hardly call this "my approach" -- as I didn't invent any of this stuff. I merely use it. But here are a couple of code snippets...

Here is how the target machine should generate the key pairs. Notice that you need to get the bytes for the public key -- so that you can send it over the network to the source machine.



At the source machine, you need to regenerated the public key (you have to know that the RSA algorithm uses X509 format for the public key). With the public key, you then encrypt the data that you want to send over to the target.



At the target machine, you need to decrypt the ciphertext back to the original clear text. This is done with the private key that was generated -- and that was *not* sent over.



Hope this helps,
Henry
[ December 08, 2006: Message edited by: Henry Wong ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: string encrypt/decrypt API
 
Similar Threads
encrypt password in properties
Voice encryption and decryption in java
how do i encrypt/decrypt query string.
Encrypt / Decrypt 10 digit Number
Encryption-decryption file problem