Java supports encryption by a wide variety of packages:

• The standard java.security package

• The standard javax.crypto package

• Packages supplied by third parties

www.cryptix.org

www.bouncycastle.orgcopy jar files onto your machine& include in CLASSPATH

# List of providers and their preference orders (see above):#security.provider.1=sun.security.provider.Sunsecurity.provider.2=com.apple.crypto.provider.Apple...security.provider.8=org.bouncycastle.jce.provider.BouncyCastleProvider

Edit the java.security file to include the provider.

setenv CLASSPATH .:/Users/driley/Library/bcprov-jdk15-146.jar

For Java 1.4 though 1.7 the SunJCE is a built-in provider.

http://download.oracle.com/javase/6/docs/technotes/guides/security/overview/jsoverview.html

Two Steps for generating a new key (or pair)1) Create generator key/pair by calling a static method named getInstance).

2) Call generateKey object, passing a random number.

The Java encryption packages include classes that are useful for generating keys.java.security.Key javax.crypto.KeyGenerator

java.security.KeyPair java.security.KeyPairGenerator

java.security.SecureRandom

Sample Symmetric CodeKeyGenerator generator = KeyGenerator.getInstance(“DESede”); 1)

Key key = generator.generateKey();

generator.init(new SecureRandom()); 2)

Sample Public-key CodeKeyPairGenerator generator = KeyPairGenerator.getInstance(“RSA”);1)

KeyPair keyPair = generator.generateKeyPair();

generator.initialize(2048, new SecureRandom()); 2)

Four Steps for encrypting/decrypting

3) Fill a byte array from plaintext to be encrypted (or ciphertext to be decrypted).4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting.

1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance).

2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt.

• getInstance specifies algorithm via 1st argument String Algorithm/ChainingMode/Padding

• getInstance specifies supplier via second (optional) argument

Four Steps for encrypting/decrypting

3) Fill a byte array from plaintext to be encrypted (or ciphertext to be decrypted).4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting.

1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance).

2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt.

Symmetric SampleCipher encoder = Cipher.getInstance(“DESede/ECB/PKCS5Padding”);1)

encoder.init(Cipher.ENCRYPT_MODE, key);2)

byte[] buffer = getPlaintext();3)

byte[] encodedMsg = encoder.doFinal(buffer);4)

Cipher decoder = Cipher.getInstance(“DESede/ECB/PKCS5Padding”);1)

decoder.init(Cipher.DECRYPT_MODE, key);2)

byte[] buffer = getCiphertext();3)

byte[] decodedMsg = decoder.doFinal(buffer);4)

must be encoder.getBlockSize() or smaller

Four Steps for encrypting/decrypting

3) Fill a byte array from plaintext too be encrypted (or ciphertext to be decrypted).4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting.

1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance).

2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt.

Public-key SampleCipher encoder = Cipher.getInstance(“RSA/NONE/PKCS1Padding”, “BC”);1)

encoder.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());2)

byte[] buffer = getPlaintext();3)

byte[] encodedMsg = encoder.doFinal(buffer);4)

must be encoder.getBlockSize() == 0