I am using AES-GCM from crypto-js presently. The intent would be to change to RSA for the asymmetric cryptography. Is the following statement correct https://community.postman.com/t/http-message-signing-using-rsa-sha256/1791
?
However, CryptoJS doesn’t support RSA, and it’s the only crypto
library available in the Postman Sandbox. So I’m sort of stuck, unless
I implement a RSA-SHA256 signing algorithm myself.
Now, I’ve noticed that crypto-js hasn’t had a single commit for a year
on GitHub,
I would really prefer to stick with the crypto-js library since it was difficult to use the built-in SubtleCrypto and now we have a framework built around the crypto-js libraries. That would basically have to be scrapped to go to SubtleCrypto. Pointers appreciated.
As #Topaco mentions the crypto-js is a symmetric encryption library only. I did pivot to tweet-nacl and it is working well.
I am trying to add my own cipher to the FreeBSD kernel. I searched online but couldn't really find help. I am wondering which files should i modify to link my new cipher and where to put my source code. Thanks
Take a look at sys/opencrypto/, in particular sys/opencrypto/xform.c, to see how various algorithms are integrated with the rest of the kernel.
See crypto(9). Most of the algorithms are found in /usr/src/sys/crypto/. Some algorithms and the cryptograhic framework code are in /usr/src/sys/opencrypto/.
I'm trying to use PoDoFo (0.9.2) to decrypt (and later encrypt) files. However, the code does not support AESV2 which is currently the de-facto standard. I didn't find any material about this issue and I was wondering if anyone tried to tackle it or to patch the library to make it usable.
I have a problem when attempting to implement AES/RSA encryption on J2ME,
that problem being that bouncycastle (a library that supports java and specially J2ME) is too big for implementation on a mobile phone solution (about 860 classes in total without the test and example classes).
I've googled around and the only alternative I can really find is JCE... which in itself is also too big.
Does anyone here know a way to implement it in a very small solution? Or a "tiny" library that I can use? (like for instance for TEA: http://www.winterwell.com/software/TEA.php)
If you are willing to do a little work you should be able to take the Bouncycastle J2ME source code as a starting point and with judicious use of copy and paste implement just RSA and AES very compactly.
UPDATE:
Just as an exercise I tried this myself. It took about 45 minutes of copying and light editing to produce 27 Bouncycastle classes that completely implemented AESEngine and RSAEngine exactly as they are in Bouncycastle J2ME sources. But I did no testing of them at all, namely because I don't really understand what to do with my Netbeans J2ME project that I created them in.
How about you try the lightweight API version? Go to Bouncy Castle's latest release page and download the J2ME build. Its just about 7MB - much lighter in size.
What tools are available to encrypt or password-protect a file stored on the IFS?
*integrated file-system, accessible from Windows
You could setup object security so only certain users can view the file.
There are encryption tools available for purchase. There is also some built-in APIs for encrypting.
Here are some resources to look into:
Scenario: Key Management and File Encryption Using the Cryptographic Services APIs
The Next Step in Security
A Simple Encryption/Decryption Algorithm for Numbers
Cryptographic Services APIs
Most of these articles deal with encrypting data in a table, but the concepts should help you encrypt a file on the IFS.
Or you could simply encrypt the file from a Windows box with ccrypt or TrueCrypt (perhaps not what you are looking for). Both are free. As is GnuPG which has a windows port and is probably the best of the bunch.
Don't forget that iSeries with PASE can run many AIX programs as is.
ccrypt for AIX could almost definitely be made to run on the iSeries and be called from QSH. And similarly for GnuPG for AIX; it could be run on the iSeries itself.
There is PkZIP for the iSeries which can provide encryption.
You could also 'roll your own' encryption using Java Cryptography.
We are currently using Arpeggio, which is free. We used to use PKZip, but were able to replace that tool with the free Arpeggio software. Seems to work well
You can set the authority to the file so only users in one group have access to it. I think its option 9 I don't have access to a iseries at this moment.
You can pull a port of GnuPG from Scott Klement's website at : https://www.scottklement.com/gnupg/. We have been using it without issue for years.
A lot has changed since this question was asked! IBM i now has extensive support for open source software in PASE. Several of the other answers here mention packages that IBM now provides for no cost as RPMs, easily installable via yum (or the Access Client Solutions GUI, which includes a graphical front-end for yum). Here is just a sampling of IBM-packaged tools you could use for encryption of IFS files:
GnuPG
p7zip (POSIX version of 7-Zip, compatible with and mostly superior to PKZIP)
Python, Node.js, and other programming languages, with access to various encryption libraries
Note that the RPM-based packaging is only supported on IBM i 7.2 and above. (Some people have been able to get it working on 7.1, but this requires the right combination of PTFs and know-how.)
For those on older (and by now, far out of support) versions of IBM i and its predecessors, you may be able to use Scott Klement's ports of GnuPG and p7zip, or Per Gummedal's iSeriesPython.