Send pgp encrypted mail+attachment with javamail - java

is it possible to send a PGP encrypted/signed mail with JavaMail (javax.mail package)?
Is it also possible to encrypt attachments?
If so, could anybody give me pointers how to do this?
I have searched the API docs (https://javamail.java.net/nonav/docs/api/), found nothing.
Do I have to use external libraries for encryption? If so, where can I learn how to sign an email?
I'd be greatful for any hints!
Thanks!

See Bouncy Castle and JavaMail-Crypto.

Related

Specifying Server-Side Encryption does not work using JAVA SDK

In my case, I want to encrypt each file which is uploaded to S3 bucket. I have followed AWS documentation on this link https://docs.aws.amazon.com/AmazonS3/latest/dev/SSEUsingJavaSDK.html .
the encryption already set using AES256 as following evaluation
The document have been uploaded successfully. But unfortunately, the server side encryption is not set.
Could anyone help me on this ?
Thank you,
Cheers,
Putra

SMS encryption code

I have a project on SMS encryption. It will be able to send encrypted SMS.
I don't know where to start. I work with android studio. Please help me out with solutions.
for encryption you have to use cryptography algorithms like ECC, RC4, RC6, ESA, AES etc. and for simple solution you can use Base 64 encoding and decoding. first you have to encrypt data then send SMS, ans at another side you have to receive the message and decrypt the message using same algorithm then you get your actual message.

Encrypting webpage fileds using custome algorithm written in JAVA

I have designed a webpage using HTML and client side validation using JavaScript.PHP for server side.I want to encrypt the fields before it is transmitted over network,I have encryption code written in JAVA.Can anybody give me a solution as how can I incorporate java code for encryption?Or any better way for encryption?
Any help is greatly appreciated.
Thanks.
An example of AES encryption using JavaScript can be found here. Depending on your use case, https encryption may be a better option, or can at least provide an additional layer of privacy. I think the key question to ask yourself is whether the data on the server should be opaque to anyone but the client. If the server is going to use the data in its plaintext form, then https is a relatively safe, easy and robust option. If the server doesn't need the data, then having the user encrypt at the client in JavaScript would allow your server to maintain those sensitive fields in a way that would be useless to your own employees, but useful to the client who could regenerate the same key to decrypt it.
If you want to encrypt on client side and decrypt on server side, you'll have to do it with javascript on client side; maybe you can do it with an applet and that way use Java on client side, but that seems troublesome.
I think you better look into https.
I think a better way would be using https if you have the option to do so. Why reinvent the wheel?

Android call with encryption and decryption

How to do an encryption and decryption features in my application for a call. Is their any algorithm available for it?
Thanks in advance :)
I was sending one message that should be encrypted and reciever should reply same .when i recieve that same message it should match and gives automatic call to reciever.
Take a look at the javax.crypto documentation for Android

How to Send Encrypted Emails Programmatically (from an automated process)

I have a process that runs on a UNIX (Solaris) server that runs nightly and needs to be able to send out encrypted emails.
I only need the "encryption" portion, NOT the digital signature / self-repudiation part of PKI.
I use MS Outlook in a corporate setting and I am assuming that when a user clicks "Publish to GAL..." under Tools -> Options -> Security, this will publish their PUBLIC KEY to the Global Address List (GAL).
So I am thinking that I need a way to connect to the Exchange Server that the GAL is on from my UNIX server.
Then I would need to retrieve the recepients PUBLIC KEY.
Then I could encrypt the email using the recepients PUBLIC KEY.
This would encrypt the email and only allow someone with the recepients PRIVATE KEY to read the email right?
Then I would send out the email.
But, what I am not sure about, is how to encrypt the email using only the recepients PUBLIC KEY (no KEYS on the UNIX side) in a way that MS Outlook will be able to read the email when the recepient receives it?
Would this work?
Anybody out there run into a similiar problem and come up with a solution?
Java code is preferred, but any langauge would do to start with.
Any additional details required in order to get a reasonable answer?
Thanks
You're logic is right.
Typical PKI encryption is:
cryptoAlgorithm(plaintext, public key) = ciphertext
cryptoAlgorithm(ciphertext, private key) = plaintext
For some algorithms, the cryptoAlgorithm is the same procedure, sending and receiving.
So... for each recipient you need their digital certificate, which will contain their public key.
GAL Certificate Storage
I would think it would be possible to configure the GAL to allow users to publish certificates. My general impression is that how the GAL is configured and used varies from company to company.
S/MIME & PGP
I agree with the post that S/MIME is what you want for Outlook.
Also note - if your users are using Outlook Web, rather than the Outlook client, they won't be able to receive encrypted emails. At least as of 2000, but I suspect 2003 as well. It's a huge usability problem and I've got no good workaround.
General Microsoftyness
Microsoft has their own special way of doing things (no kidding...). They are
no different in the world of PKI. User certificates must be clearly marked with an encryption capability. I know it must have the KeyUsage field KeyEncipherment. And there may be one other extension required by Microsoft. Having an incorrectly formatted user certificate could mean that the recipient will be unable to read the mail when it arrives, because Outlook won't agree on the fact that the mail was encrypted. Spare some serious integration testing time here and plan to hit lots of user groups on how to do this. Every time my team has had to integrate with a Microsoft product, there have been nasty surprises, particularly regarding how the certificate is configured.
Libraries & Tools
I second the recommendation for BouncyCastle - I haven't used it, but people I trust swear by it. I personally loved the Phaos toolkit when I had to write this stuff, but I'm out of date. I know it cost serious money, and may be too much bang for your buck.
OpenSSL is another fabulous tool, and useful for much more than SSL. It's great for generating test certificates, but I can't remember if it does S/MIME email encryption as well.
For most libraries, you should be able to take plaintext, and the certificate, and put both into a function that generates the S/MIME message. They may require the encryption algorithm as well.
In the general case : to send an encrypted message to someone, you only need their public key. You dont need to have a key yourself. The rule with asymetric crypto is whatever is encrypted with a public key can be decrypted with the corresponding private key, and whatever is encrypted with a private key can be decrypted with the corresponding public key.
You will need a key for your server only if you want to sign the message.
If you want to do the implementation in Java, I dont think that JavaMail supports encryption out of the box, but you can have a look at JavaMail-Crypto (havent used it myself). There is supposedly a JNI interface to GnuPG somewhere ... And you can always exec PGP or GnuPG from any language ...
I dont know about the support for PGP in Outlook, nor anything else about Outlook.
You have to send encrypted mail to Outlook in s/mime format. Outlook doesn't support PGP.
Start by trying to send a plaintext message from Java and see if you can get it into Outlook. Worry about the encryption later. Use the JavaMail library to create and send emails.
I don't know how to extract keys from the GAL. It is probably easiest to start off by exporting a key manually and see if you can work with it.
To create encrypted mails in s/mime format I recommend Bouncy Castle. Bouncy Castle is a crypto-provider that also has support for s/mime. (Look for the CMS/Smime package). There should be some examples in the downloaded sources. I've used it in the past to send emails to a wide array of email clients, including Outlook and it works pretty well. But brace yourself for the crypto stuff -- it can be a steep learning curve!
The caveat not noted previous is that the GAL isn't necessarily on the Exchange Server, and is more frequently found on the Domain server, when not run in a standalone mode. The certificate will be found in the LDAP attribute userCertificate or userSMIMECertificate.

Categories