JCO is a jar of classes that let you encrypt and decrypt with symmetric (RC4) and/or assymetric (RSA) keys, sign and verify assymmetric key signatures, encode and decode objects (such as keys), and to generate new keys from random numbers.
JCO classes have the same names as in JCA/JCE, prefixed by JCO, as a reminder that JCO provides the same functionality as JCA/JCE via a similar (but different in detail) API that is simpler to understand and use. JCO does not replace the BouncyCastle JCE. It provides a convenient, easy to use API for accessing the BouncyCastle lightweight API.
Java documentation is available here for those who find this more useful than I do. But except for general familiarity with standard cryptographic principles, all you really need to know is in these examples once you bear this in mind. JCO uses nothing from Sun's JCA/JCE architecture (except SecureRandom). To use it simply import edu.virtualschool.jco.* and forget about registering cryptographic providers, signing of provider jars, ciphers, encryption modes, encoding formats, and so forth. Omit all references to java.security and javax.crypto from your code. JCO takes care of all that for you.
JCO's simplicity is reflected its class hierarchy, which shows every JCO class:
JCOAsymmetricKey (abstract) JCOPrivateKey JCOPublicKey JCOSymmetricKey (abstract) JCOSecretKey JCOGenericBytes (abstract) JCODigestedBytes JCOEncodedBytes JCOSealedBytes JCOSignedBytes JCOKeyPair
To seal (encrypt) an object with a symmetric (secret) key and recover (decrypt) it:
JCOSealedBytes sealedBytes = aJCOSecretKey.seal(someObject); Object unsealedObject = aJCOSecretKey.unseal(sealedBytes).
Asymmetric key sealing (encryption) work the same way except you provide the complementary key to unseal the result.
JCOSealedBytes sealedBytes = aJCOPrivateKey.seal(someObject); Object unsealedObject = aJCOPublicKey.unseal(sealedBytes);
Assymetric encryption/decryption is very slow compared to symmetric crypto. Don't use this for bulk messages. Use this only to protect a secret key and use that for the bulk message.
To sign an object and verify the signature while recovering the original object:
JCOSignedBytes signedBytes = aJCOPrivateKey.sign(someObject). Object unsignedObject = aJCOPublicKey.verify(signedBytes);
This will throw a JCOSignatureException if aPublicKey does not match aPrivateKey.
JCOEncodedBytes encodedKey = anyJCOKey.encode(); Object recoveredKey = encodedKey.decode();
JCOEncodedBytes also provides an API for encoding/decoding byte arrays and serializable objects:
JCOEncodedBytes encodedBytes = new JCOEncodedBytes(byte[] bytes); JCOEncodedBytes encodedBytes = new JCOEncodedBytes(aSerializableObject); Object decodedObject = encodedBytes.decode();
To generate a JCOSecretKey from SecureRandom bytes
JCOSecretKey secretKey = new SecretKey();
Public and Private keys come in complementary pairs. These are constructed by the JCOKeyPair class from random bytes from the SecureRandom generator.
JCOKeyPair keyPair = new JCOKeyPair(); JCOPublicKey publicKey = keyPair.getPublic(); JCOPrivateKey privateKey = keyPair.getPrivate();
The JCODigest class supports cryptographic message digests (one way cryptographic hashing):
JCODigest digest = new JCODigest(aMessage); byte[] digestBytes = digest.getBytes();
JCO keys are, by design, not serializable as in JCA/JCE. Serialization forces obfuscators to preserve the very classes we'd most like to obfuscate. Just encode keys to JCOEncodedBytess and serialize that.
| Modification date: April 02, 2004 | © Copyright 2004 by Brad Cox |