1

I understand that OpenPGP is a 'definition of a set of standard formats for encrypting/signing'.

I recently recommended someone to use the default Java JCA instead of bouncycastle as their encryption library so that they dont have to use any external libraries. But then they asked me if the Java JCA supported OpenPGP. I didn't know the answer to that question. I did not even properly know what the question means.

I just want to know what does it mean by supporting OpenPGP?

We can encrypt/sign in Java JCA using standard algorithms like RSA. So what else does it take to support OpenPGP?

Nobody recommended JCA as an answer to this question.

Anmol Singh Jaggi
  • 8,376
  • 4
  • 36
  • 77
  • You can directly see from https://www.openpgp.org/software/ what email applications can support OpenPGP standard. – Mihai8 Feb 13 '19 at 11:55

2 Answers2

2

Q : I just want to know what does it mean by supporting OpenPGP?
Ans : Means provider library should follow open PGP standards mentioned in RFC 4880.

Nobody recommended JCA as an answer...
Its complicated as per - How do I encrypt a PGP message through java's crypto extension?

Bouncy castle is one of the OpenPGP provider for Java platform.
You can check other implementors on all platforms here.

As long as I studied, JCA being architecture for cryptography has its own design principles. JCA is basic crypto framework which can be used with JCE.

Community
  • 1
  • 1
Haripriya
  • 822
  • 1
  • 14
  • 27
  • One question - Why are there crypto `standards`? Is it because a crypto algorithm like RSA, AES can be implemented in slightly different ways? – Anmol Singh Jaggi Feb 14 '19 at 06:37
  • Btw, you asked 2 questions :) 1. Why are there crypto standards? - well, for secure communication of course. crypto standards uses different encryption/decryption logic (which may or may not be formed by referring to rsa, aes etc algo OR even combination of those). 2. Is it because a crypto algorithm like RSA, AES can be implemented in slightly different ways? - I could not get this question. If crypto implementation does not comply RSA then its diff cryto implementation. Are you looking for [this](https://scialert.net/fulltext/?doi=jas.2006.482.510)? – Haripriya Feb 14 '19 at 07:14
  • That was an interesting article. By second question I meant that what constitutes a `protocol`? Is it the types/varieties of algorithms supported. Or does it specify the details of the algorithms themselves. Or the file formats to use? – Anmol Singh Jaggi Feb 14 '19 at 07:28
  • For example, if we encrypt data using OpenPGP RSA algorithm, will we be able to decrypt it using non-OpenPGP RSA implementation? – Anmol Singh Jaggi Feb 14 '19 at 07:30
  • Does a crypto standard means `Use algo 'A' for assymetric crypto, algo 'B' for signatures etc.`? Or does it mean `Use algo 'A' with primes ranging from 2^20 to 2^256 as modulus, or use mode 'CBC' for cipher algo 'B' (that is, specifying the inner details of the algo)`? – Anmol Singh Jaggi Feb 14 '19 at 07:31
  • Trying to ans in short. 1. what constitutes a protocol? - set of steps to fulfill some purpose. Refer [Operation section of RSA](https://simple.wikipedia.org/wiki/RSA_algorithm). How to implement is developer's choice. 2. if we encrypt data using OpenPGP RSA algorithm, will we be able to decrypt it using non-OpenPGP RSA implementation? - in standard way - No. in hacking case- Yes. Developer should implement enough complexity while complying protocols that no other way could decrypt it. – Haripriya Feb 14 '19 at 07:45
  • 3. Use algo 'A' for assymetric crypto, algo 'B' for signatures..... - this is defined by architects, analysts, etc organization standard approvers. We have used different algo for 64-bit and 128-bit communication channels. – Haripriya Feb 14 '19 at 07:49
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/188412/discussion-between-priyankaw-and-anmol-singh-jaggi). – Haripriya Feb 14 '19 at 10:59
2

No, Java JCA is a cryptography API. It doesn't support any higher level protocols, it just gives a relatively high level access to cryptographic algorithms. There is of course one noteworthy protocol that is implemented in Java: TLS within the (separate) JSSE provider. This requires support for using / verifying X.509v3 certificates and such, but that's about it (the JCA is very much geared towards supporting TLS as main purpose, for obvious reasons).

OpenPGP one the other hand is a protocol specification that isn't supported by Java. You'd need to build a protocol implementation on top of JCA to support OpenPGP. However, that's exactly what Bouncy Castle did; their implementation depends on the JCA interface rather than the Bouncy Castle "lightweight" API. So you can use Bouncy Castle's OpenPGP library and use the JCA, e.g. for support of AES-NI or hardware keys. Just make sure that the JCA provider you want to use has more priority than any third party ones, such as the Bouncy Castle provider (add it to the end of the list of providers!).

Of course, for support of some more esoteric options (notably support for specific EC curves) you may still want to add the Bouncy Castle provider to your runtime. The Maven module of the OpenPGP still lists the Bouncy Castle provider as compile requirement, but I'm not sure if that's not just for testing or that the library is directly required.

One issue that may be troublesome is that PGP uses its own version of the CFB encryption algorithm, which is not directly available from the default providers in the runtimes that I know about. So you may need to include the library for that functionality. This may also mean that AES acceleration is not available for the library.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • 1
    I've asked a new question [here](https://stackoverflow.com/q/54675216/589259) to validate how the OpenPGP library depends on the Bouncy provider. – Maarten Bodewes Feb 13 '19 at 16:37
  • Thank you Maarten! One question; Why are there crypto `protocols`? Is it because a crypto algorithm like RSA, AES can be implemented in slightly different ways? – Anmol Singh Jaggi Feb 14 '19 at 06:36
  • 1
    No, it is because just an algorithm is not enough for us to communicate. RSA can only hold that much information. You can have encryption that is just protected for confidentiality, or you can protect the integrity / authenticity of a message, or both. TLS cannot be replaced by just AES, right? – Maarten Bodewes Feb 14 '19 at 11:40