support for non-proprietary secure encrypt&sign format?
Hi,
I want to embed data in my application which I have encrypted and signed using strong cryptography, so that the application can verify the data (assuming the application itself doesn't get changed).
Currently I construct three byte[] arrays:
1.) DESede encrypted data
2.) RSA encrypted DESede key
3.) Signature of unencrypted data using the
Signature signature = Signature.getInstance("SHA1withRSA")
signature.initSign(rsaPrivateKey)
signature.update(unencryptedData)
I turn each of these three byte[]s into Strings using Base64Coder and then concatenate them ":" separated.
While this works (I can decrypt and verify the data), the format in which I represent the encrypted and signed data (Base64 encoding and ":" separation) is not any widely used standard and also doesn't contain any metadata about the encryption algorithm used, as would e.g. a gnupg encrypted block.
So I was wondering, why is there no static method in the JCE that just says
String or byte[] encrypted = SomeClass.encryptAndSign(data, "RSAwithDESede")
or something like that, which then encrypts and signs the data according to some standard format? E.g. such that I could then decrypt and verify the data with PGP/GnuPG/OpenSSL/... ?
Is there any library that does this, and which preferrably provides a simple facade to the complexity of JCE?
Any help is appreciated - thanks in advance!
Tobias
