Posted on

Implementation of Hybrid Encryption Using Java 1.8 and OpenSSL

Symmetric encryption is a type of encryption in which a single key is used to both encrypt and decrypt the data. Whereas in asymmetric encryption approach public/private key pair is used to do the same. This rules out the risk of mishandling of the key as the public key is only shared with the clients and the private key is kept secret. Client can encrypt the data with the key and send the data securely over any standard data sharing protocols. At the receiver end, the private key is used to decrypt the data.

But the time to encrypt the data with asymmetric encryption grows significantly proportionately with the size of data. Here symmetric encryption does the job quite efficiently.

Posted on

OPEN SSL – The Hero Nobody Talks About

When we see HTTPS and HTTP connections, most of us can’t differentiate between them. We ask ourselves what difference can a single, "S," make? Little do we know that the letter "S" is all that matters.

The difference between the HTTP and HTTPS connection is not of just a letter, but a secure and protected connection ensured by a valid SSL certificate.

Posted on

How to Verify AS2 Message (SMIME) Signature With OpenSSL

Error MDNs stating an error in the lines of "Signature verification failed" or "Decryption failed" are common for users who are just getting started AS2 in any AS2 service. We, ourselves, have seen many such instances in our SaaS B2B AS2 messaging platform the AdroitLogic AS2Gateway. With these kinds of errors, sometimes, it is important for the support team and also the user itself to be able to try the decryption or signature verification manually to get more insight.

In this blog post, we will look at what the digital signature in AS2 protocol is, how to verify the signature of an AS2 message, and some tips on figuring out the cause for certain signature verification failures.

Posted on

Using TLS With Rust: Authentication

After running into a few hurdles, I managed to get rust openssl bindings to work, which means that this is now the time to actually wire things properly in my network protocol. Let’s see how that works, shall we?

First, we have the OpenSSL setup:

Posted on

Extracting a Private Key From the Java Keystore (JKS)

I’ve been working with the AS2 Protocol and the AdroitLogic AS2Gateway for quite some time now, and hence, playing with JKS has been a must. One of the tricks that were required from time to time was extracting the private key and public key (certificate) from Java KeyStores. In this blog post, we’ll go through a couple of simple commands on how to do that.

What Is a Java KeyStore (JKS)? 

A JKS is an encrypted security file used to store a set of cryptographic keys or certificates in the binary format, and it requires a password to be opened. JKS files are used for a variety of security purposes. They can be used to identify the author of an Android app during a build and when publishing to Android Market in Google Play or in SSL encryption.