Just a nod to Erik's comment about asymmetric crypto used with symmetric crypto: this is very good practice, since asymmetric crypto is very slow.
For those unaware, this technique is exactly how TLS (formerly SSL) works. In the connection handshake, asymmetric keys are used to securely transmit a randomly generated symmetric key between the two parties. The symmetric key is used to encrypt all remaining communication after the handshake. Without this, TLS would be painfully slow. Thanks for bringing it up Erik. Cheers, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Wed, May 4, 2011 at 11:50 AM, Erik Beeson <[email protected]> wrote: > In addition to what Les said, you may want to check out jasypt and vtcrypt. > The former is dead simple for basic password based encrypting, and the > latter has a fairly simple wrapper around asymmetric ciphers (like you're > asking about). > As I understand it, when you're trying to encrypt any significant quantity > of data with an asymmetric cipher, you generate a key for a symmetric cipher > (like Blowfish), encrypt your data with that, then encrypt the key with your > asymmetric cipher and include that with your data. > > --Erik > > On Tue, May 3, 2011 at 9:39 PM, Ryan McKinley <[email protected]> wrote: >> >> Does shiro include utilities to encrypt text with a private key? I >> have messed with java.security stuff but it is kinda ugly. >> >> I got this working, and it may be OK it would be better if I could use >> a private key to encode and a public one to decode: >> >> >> BlowfishCipherService bf = new BlowfishCipherService(); >> byte[] key = bf.generateNewKey().getEncoded(); >> System.out.println( "Key:"+Base64.encodeToString(key) ); >> >> String txt = "kittens"; >> System.out.println( "original: "+txt ); >> >> String out = bf.encrypt(txt.getBytes(), key).toBase64(); >> System.out.println( "encrypted: "+out ); >> String xxx = new String( bf.decrypt(Base64.decode(out), >> key).getBytes() ); >> >> System.out.println( "out: "+xxx ); >> >> >> Any pointers would be great! >> >> thanks >> ryan
