Java supports encryption by a wide variety of packages: The standard java.security package The standard javax.crypto package Packages supplied by third parties copy jar files onto your machine & include in CLASSPATH # List of providers and their preference orders (see above): # security.provider.1=sun.security.provider.Sun security.provider.2=com.apple.crypto.provider.Apple... security.provider.8=org.bouncycastle.jce.provider.BouncyCastleProvider Edit the java.security file to include the provider. setenv CLASSPATH.:/Users/driley/Library/bcprov-jdk jar For Java 1.4 though 1.7 the SunJCE is a built-in provider.

Two Steps for generating a new key (or pair) 1) Create generator key/pair by calling a static method named getInstance ). 2) Call generateKey object, passing a random number. The Java encryption packages include classes that are useful for generating keys. java.security.Key javax.crypto.KeyGenerator java.security.KeyPair java.security.KeyPairGenerator java.security.SecureRandom Sample Symmetric Code KeyGenerator generator = KeyGenerator.getInstance(“DESede”); 1) Key key = generator.generateKey(); generator.init(new SecureRandom()); 2) Sample Public-key Code KeyPairGenerator generator = KeyPairGenerator.getInstance(“RSA”); 1) KeyPair keyPair = generator.generateKeyPair(); generator.initialize(2048, new SecureRandom()); 2)

Four Steps for encrypting/decrypting 3) Fill a byte array from plaintext to be encrypted (or ciphertext to be decrypted). 4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting. 1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance ). 2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt. getInstance specifies algorithm via 1st argument String Algorithm/ChainingMode/Padding getInstance specifies supplier via second (optional) argument

Four Steps for encrypting/decrypting 3) Fill a byte array from plaintext to be encrypted (or ciphertext to be decrypted). 4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting. 1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance ). 2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt. Symmetric Sample Cipher encoder = Cipher.getInstance(“DESede/ECB/PKCS5Padding”); 1) encoder.init(Cipher.ENCRYPT_MODE, key); 2) byte[] buffer = getPlaintext(); 3) byte[] encodedMsg = encoder.doFinal(buffer); 4) Cipher decoder = Cipher.getInstance(“DESede/ECB/PKCS5Padding”); 1) decoder.init(Cipher.DECRYPT_MODE, key); 2) byte[] buffer = getCiphertext(); 3) byte[] decodedMsg = decoder.doFinal(buffer); 4) must be encoder.getBlockSize() or smaller

Four Steps for encrypting/decrypting 3) Fill a byte array from plaintext too be encrypted (or ciphertext to be decrypted). 4) Call doFinal on the object, passing the byte array; this returns the result of encrypting/decrypting. 1) Create an encrypting object using javax.crypto.Cipher. (This is done by calling a static method named getInstance ). 2) Call init on the Cipher object, passing the key & setting the mode to encrypt/decrypt. Public-key Sample Cipher encoder = Cipher.getInstance(“RSA/NONE/PKCS1Padding”, “BC”); 1) encoder.init(Cipher.ENCRYPT_MODE, keyPair.getPublic()); 2) byte[] buffer = getPlaintext(); 3) byte[] encodedMsg = encoder.doFinal(buffer); 4) must be encoder.getBlockSize() == 0