0

I was given a public key id, and being asked to use this public key id to encrypt a .txt file. I can find a reference on how to perform this, but in C# language using Bouncycastle and nothing with Java.

The specific public key id is provided by the encrypted-file recipient. Decryption is done by the encrypted-file recipient, therefore I have no concern on any decryption or private key id, if these info are essential which is beyond my knowledge for time being.

I am using Java and very new with encryption, please direct me to any LATEST java application examples or tutorial that encrypt a text file using specific public key id given instead of generated ones. Thanks!

lazyduckiy
  • 281
  • 2
  • 9
  • Have you seen [this](https://stackoverflow.com/questions/27962116/simplest-way-to-encrypt-a-text-file-in-java)? – Cardinal System Feb 07 '18 at 03:09
  • You mention both a private and public key which infers asymmetric encryption such as RSA or EC but neither are suitable for data larger there the key size and thus in general not suitable for file encryption. Please clarify what you are trying to accomplish with this encryption and why symmetric encryption such as AES is not suitable. – zaph Feb 07 '18 at 04:01
  • @CardinalSystem that linked question/answer should not be used. **Do not use DES for new work**, it is no longer considered secure and has been superceeded by AES (Advanced Encryption Standard) DES only has key size is only 56 bits which is not considered to be secure, AES supports key sizes of 128,192 and 256 bits. See [Security comparison of DES and AES](https://security.stackexchange.com/a/26181/5121). – zaph Feb 07 '18 at 04:04
  • Yes, the data receiver creates the key pairs (private & public). They provide me only the public key. I am supposed to, if I understand it correctly, to use symmetric key algorithm (AES) to encrypt the txt file (data), and then uses an asymmetric key algorithm (RSA) to encrypt that symmetric key with the receiver's public key. I found this explanation on the net that fits my current problem. The text file sizes are quire large up to 2 MB. Is this RSA method really not feasible then as mentioned? – lazyduckiy Feb 07 '18 at 07:37
  • Using a symmetric algorithm to encrypt the data and then use an asymmetric algorithm the symmetric key is secure and generally referred to as [hybrid encryption](https://en.wikipedia.org/wiki/Hybrid_cryptosystem). This is in general how HTTPS works. – zaph Feb 07 '18 at 14:44

1 Answers1

-1

You can use „raw“ Bouncy Castle for Java or one of several wrappers around the API. For using Bouncy Castle you need to understand the OpenPGP RFC (rfc4880).

Alternatively you can use existing wrappers like e.g. Bouncy GPG:

  final String original_message = "I love deadlines. I like the whooshing sound they make as they fly by. Douglas Adams";

// Most likely you will use  one of the KeyringConfigs.... methods.
// These are wrappers for the test.
KeyringConfig keyringConfigOfSender = Configs
    .keyringConfigFromResourceForSender();

ByteArrayOutputStream result = new ByteArrayOutputStream();

try (
    BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(result, 16384 * 1024);

    final OutputStream outputStream = BouncyGPG
        .encryptToStream()
        .withConfig(keyringConfigOfSender)
        .withStrongAlgorithms()
        .toRecipients("recipient@example.com", "sender@example.com")
        .andSignWith("sender@example.com")
        .binaryOutput()
        .andWriteTo(bufferedOutputStream);
    // Maybe read a file or a webservice?
    final ByteArrayInputStream is = new ByteArrayInputStream(original_message.getBytes())
) {
  Streams.pipeAll(is, outputStream);
// It is very important that outputStream is closed before the result stream is read.
// The reason is that GPG writes the signature at the end of the stream. 
// This is triggered by closing the stream.
// In this example outputStream is closed via the try-with-resources mechanism of Java
}

result.close();
byte[] chipertext = result.toByteArray();
Community
  • 1
  • 1
Jens
  • 570
  • 3
  • 11