I want to encrypt, decrypt, sign and verify data using PKCS#7 Cryptographic Message Syntax. I saw sample code for this with Bouncy Castle. I want to know can I do this without using the Bouncy Castle libraries?
Asked
Active
Viewed 1,471 times
3
-
There are no mention of PKCS7 in the [section on _Ciphers_](http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher) in Java's _Standard Algorithm Name Documentation_ so I guess this can't be done without external libraries. [This other answer](http://stackoverflow.com/a/10718419/433835) seems to reinforce this. – Kohányi Róbert Oct 06 '12 at 11:06
-
1You can always code the algorithm yourself. – Hot Licks Oct 06 '12 at 11:39
-
Are you talking about using PKCS#7 *padding*? – Duncan Jones Oct 06 '12 at 17:52
-
I want encrypt large data like file. this can help encrypt my data without manage blocking. it also known as CMS encryption. – Mohsen Gorgani Oct 06 '12 at 19:39
-
@HotLicks of course, if you've got a few weeks/months left for implementing an ASN.1 or BER/DER parser/generator, building the structures and testing it against existing implementations... – Maarten Bodewes Oct 06 '12 at 20:54
-
@DuncanJones If you look at the title it pretty well rules out PKCS#7 padding. So we are talking about Cryptographic Message Syntax here. – Maarten Bodewes Oct 06 '12 at 22:42
-
@owlstead Always worth checking, I've seen some fairly loose usage of terminology here :-) And speaking as someone who had to partially implement CMS to run on some specialised hardware, I wholeheartedly agree with your other comment! – Duncan Jones Oct 07 '12 at 07:00
2 Answers
1
There is no support for PKCS7 messages in the standard Java libraries. There is no reason not to use an existing implementation like Bouncycastle. It has such a liberal license you can probably just grab it and say you wrote it.
President James K. Polk
- 40,516
- 21
- 95
- 125
-
3Of course, you shouldn't *really* say you wrote it. You should include the correct licence text as per the following page: http://www.bouncycastle.org/licence.html. However, the licence is very friendly for commercial use. – Duncan Jones Oct 07 '12 at 07:03
0
You should have fully compatible results using JCE and PKCS5.
phatfingers
- 9,770
- 3
- 30
- 44
-
I saw "sun.security.pkcs.PKCS7" recently. does this implement my request? – Mohsen Gorgani Oct 06 '12 at 17:49
-
2You should never use any class from a sun.* package. They are not for public use. – President James K. Polk Oct 06 '12 at 20:16