As we decides earlier I’m and malalasena have worked on developing the API for Digital Signature process & File and String symmetric Encryption/Decryption.
First I worked on the File encryption and decryption implementation. I got some codes that have been developed by Malalasena and I figure out and fixed the problems in that codes, that can be created during the encryption/ decryption section. And I extend it for the String encryption process. Then I finalized the full structured eID styled layout for the Encryption/Decryption API.
After that i moved on the API for the Digital Signature process. I found there are some Java Cryptography Architecture which is a framework for accessing and developing cryptographic functionality for the Java platform. A JCA provider implements the cryptographic functionalities like Digital Signatures and Message Digests. And I worked on JCA and the Asymmetric encryption algorithms like RSA.
But I realised that the RSA, DSA are computationally slower than symmetric encryption algorithms like AES. Then I figured out that is good practice to encrypt the actual message to be transmitted using a Symmetric key Algorithm and then encrypt the key used in the Symmetric Key Algorithm using an Asymmetric Key Algorithm.
That is let we take an Example : if one wants to transmit the message “Shayanthan Kanaganayagham is Here”, then first encrypt this message using a symmetric key ,say an 128 bit AES key like x7oSgDfAgWxEMiZE/0qYrg and then encrypt this key using an asymmetric key algorithm like RSA.
Then I used this algorithm to develpoe the above considurations. The algorithm below can be used for implementing public key cryptography in Java.
- Encrypt the message using a symmetric key.
- Concatenate the symmetric key + Hash of symmetric key + Hash of message.
- Encrypt the concatenated string using the receivers public key.
- Sign the data to be transmitted (Encrypted symmetric key + Hash of the key + Hash of message).
- Validate the Signature.
- Decrypt the message using Receiver private key to get the symmetric key.
- Validate the integrity of the key using the Hash of the key.
- Decrypt the actual message using the symmetric key which has been decrypted and parsed and checked for integrity.
- Compute MessageDigest of data.
- Validate if the Message Digest of the decrypted text matches the Message Digest of the Original Message.