SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
Amandeep Singh wrote:I have intent to avoid using Bouncy Castle provider. I want to know if RSA(Asymmetric Algorithm) CAST5 cipher supported?
Retired horse trader.
Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
Amandeep Singh wrote:The vendor has given us public key and told us to import using default options in gpg. The default says Rsa cast5. So let me confirm this, we can encrypt file using public key with any cipher want. And they can decrypt the file with any rsa cipher. Is this correct?
Retired horse trader.
Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
I would recommend that whenever you encrypt a file for you vendor using his public key that you also encrypt it with your own encryption public key and that you sign it using a separate signing private key. This way you can always recover the original file and you can prove that you signed it. You should not use the same key pair for both encryption and signing; it is considered insecure.
SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
Amandeep Singh wrote:Thanks for reply.
4) gpg --out <output file name> -r <vendor's key user id> -q --batch --encrypt <full path to file to encrypt>
Do you think this setup addresses your concern-
I would recommend that whenever you encrypt a file for you vendor using his public key that you also encrypt it with your own encryption public key and that you sign it using a separate signing private key. This way you can always recover the original file and you can prove that you signed it. You should not use the same key pair for both encryption and signing; it is considered insecure.
To recover the original file, we can have original file saved with us on disk. Even then, encrypted file sent to them using their public key could never be cross checked with our public key encrypted file.
Questions:
1) I'm confused here vendor told us to use gpg, is it possible we can still encrypt the file using SunJCE or Bouncy Castle?
2) Is it possible I do the above 4 steps in gpg, after signing the vendor's key with our pass phrase. Then I export the signed key to be used in SunJCE or Bouncy Castle?
3) Is there any way to figure out from their public key, what pubkey and algorithm is being used?
4) Does extensions really matter *.pgp, *.gpg, *.asc? Can I give arbitrary name to extensions.
Retired horse trader.
Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
Amandeep Singh wrote:
I'm using below class from Bouncy Castle. It works for me. I'm using -a -i as the arguments.
1) Does below code means I'm using RSA/CAST5? It doesn't says we are using RSA or not.
2) Is below code equivalent to following command- gpg --out input.csv.asc –r <user name is not shown here> -q --batch --encrypt input.csv ?
Retired horse trader.
Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
James Sabre wrote:
By the time I have trawled though all of that code looking for conformance with your 'gpg' command line you could have tested it 50 times! If your public key is an RSA public key then it will use RSA (I'm pretty sure that DSA key do not at this time support encryption, just signing). As to whether it user CASTE5 - I don't know since I have not gone into that sort of detail with the Bouncy Castle PGP API but I' pretty sure that I can easily find out by looking at the source.
Seems a bit pointless just creating a Java 'gpg' equivalent command line tool when you have 'gpg' in all it's glory with 20 odd years of development and bug fiixing behind it.
SCJP 1.4, SCWCD 5, SCBCD 5, OCPJWSD 5,SCEA-1, Started Assignment Part 2
My blog- http://rkydesigns.blogspot.com
Let nothing stop you! Not even this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
|