Creating OpenPGP Messages in Java Using the FIPS 140-2 Library

Question

Creating OpenPGP Messages in Java Using the FIPS 140-2 Library

I am currently updating an application that generates OpenPGP messages to meet FIPS 140-2 requirements. I am currently creating PGP messages that use RSA / AES-256 encryption, which are both approved algorithms using BouncyCastle and its OpenPGP provider. I can no longer use BouncyCastly since it is not verified by FIPS 140-2, so I am looking at the BSAFE library from RSA.

There is no high-level abstraction in this library so that you can directly generate an OpenPGP message. Does anyone know a library that can use an existing JCE provider (like my BSAFE library) that can generate OpenPGP messages? I would really like for me not to have to implement the OpenPGP specification myself, as it seems like it will take a lot of time. Alternatively, any suggestions on other ways to format my encrypted files?

Thanks in advance for any input!

+3

java encryption public-key-encryption openpgp

Michael May 13, '11 at 15:50

source share

3 answers

S/MIME ( ) OpenPGP.

http://mozilla-enigmail.org/forum/viewtopic.php?t=67

, S/MIME ( , 1024 1 ), OpenPGP PGP ( ).

0

Duke 14 . '11 18:58

FIPS 140-2 , SSL, PGP, S/MIME SSH. , , RSA AES. ( , ).

FIPS 140-2 . " ", . .

So you can use the PGP BouncyCastle provider. Instead of installing Bouncy Castle as a crypto provider, install your certified FIPS 140-2 version. Bouncy Castle PGP will use the preferred cryptography provider for its core cryptographic algorithms. You can use their S / MIME support in the same way.

0

erickson Sep 14 '11 at 19:30

source share

Michael · Accepted Answer · 2011-09-05T18:12:34+0000

After much research, it seems that there is no way to do this without implementing the OpenPGP format. However, the cryptographic message syntax seems like a suitable replacement.

Creating OpenPGP Messages in Java Using the FIPS 140-2 Library

More articles: