Cert-Encoder

Cert-Encoder is a Java library that implements two strategies for encrypting/decrypting data:

• A symmetric schema using AES-CBC-256
• A schema based on a public/private keypair (PKCS#7 / CMS)

The asymmetric schema is meant to be intoperable with X509Crypt and can encode/decode data within your application that you encoded on the shell, ultimately making use of of the command openssl smime

Symmetric Encryption

Symmetric Encryption is the easiest option, in case you can rely on the security of the key and you don't have any specific need with regard to distributed systems.

Asymmetric Encryption

In analogy with X509Crypt which is thought to encrypt a file in a format that only the desired recipient will be able to read/decrypt. While X509Crypt is meant to be used on the commandline, Cert-Encoder is meant to be embedded into your Java application.

Use Case

Remote machines can encrypt the data on a server without having to disclose a private key, which is sensible information.

With PKI it is possible to host on the same storage content that is encrypted for distinct recipients without disclosing the keys.

Each recipient cannot decrypt a message that is not aimed at them, recipients can only decrypt their own data.

Source Code

Source code is available from this URL

License

The code is freely available under GPL License see: COPYING

Additional commercial support and licensing is available on request. You can issue a support request and mention you are interested in cert-encoder