Introduction:
SlimPGP is a pure Java implementation of OpenPGP protocol as defined in RFC2440. Current version implements most of the features in the OpenPGP. It is originally coded as a temporary solution for SlimFIX Java FIX(Financial Information Exchange) engine (www.oocities.org/slimfixhome). The code is not tuned for performance. It should by no means be considered in any serious applications. People that intend to use OpenPGP in their applications should look at other commercial implementations such as products from Network Appliance Inc.
SlimPGP can be used as a Java class library that provides access to common OpenPGP functions. It also provides a simple command line interface that can be used to create OpenPGP keys, encrypt/decrypt files and digital sign/verify texts.
Licence:
Open source under GNU General Public License (GPL)
System Requirement:
SlimPGP is written in Java 1.2. So it should be able to work on any platform that supports Java 1.2 VM, though it has only be tested on Windows NT4.0 (SP3).
Because Elgamal algorithm is not included in the standard JCE, a specific JCE provider that supports Elgamal has to be chosen in the compilation time. In this implementation, the provider is CDC standard JCE provider (CDC in the following text) which is available from http://www.informatik.tu-darmstadt.de/TI/Forschung/cdcProvider/overview.html. As a result, CDC is required for source-code compilation and is the only provider for Elgamal algorithm.
Due to the limitation of CDC on the implementation of IDEA algorithm, another JCE provider should be used to replace CDC's implementation. There are many free Java JCE providers. One of them is from ABB and is available from http://www.openjce.org/.
Installation:
Download the binary class library slimpgp.jar and include it in your VM's classpath.
Download the JCE providers and install them. I have configured my JCE providers in java.security in such order:
security.provider.1=sun.security.provider.Sun
security.provider.2=au.net.aba.crypto.provider.ABAProvider
security.provider.3=cdc.standard.CDCStandardProvider
Java Interface:
The Java API interface of this library is documented in this JavaDoc slimpgp_doc.jar.
Java Source Code:
The Java source code is here slimpgp_src.jar.
Command-Line:
1. Create new OpenPGP Key Pair
java com.ark.pgp.key.PGPKeyRing <key ring> <user id> <passphrase>
key ring -- the new key ring file that holds the generated OpenPGP Public key and Private key. See following section for the details of the key ring file
user id -- user identification to be bind to the key pair, a good candidate is user's email address
passphrase -- used to access the encrypted private key, it is suggested that the passphrase has a length of at least 8
and contains both alpha and numeric values
2. Manage PGP Message
java com.ark.pgp.PGPMessageAgent <key ring> <passphrase> <action> <input file> <output file> [parameter]
key ring -- the key ring file that holds user's OpenPGP Public key and Private key. See following section for the details of the key ring file
passphrase -- used to access the encrypted private key
action -- different PGP functions, see below for details
input file -- file to be worked on
output file -- output after apply the OpenPGP function to the input file
parameter -- additional parameters for different OpenPGP functions
Action Description Parameters Description
---------------------------------------------------------------------------------------------------------------
cte Sign clear text file none
ctd Verify signed clear text file none
pke Sign & Encrypt file(Public Key) <user id user who will receive the file
pkd Decrypt & Verify file(Public Key) none
ske Sign & Encrypt file(Symmetric Key) <passphrase> password
skd Decrypt & Verify file(Symmetric Key) <passphrase> password
Key Ring File:
The key ring file starts with owner's OpenPGP Private Key, followed by its corresponding OpenPGP Public key. The first two keys are required. Other Public keys can simply be appended to the end the key ring file. The formats of the OpenPGP Private Key and Public key are defined in the RFC2440.
Default Algorithms:
1. Clear text is digested using SHA-1
2. Default symmetric key algorithm is IDEA
3. Default signature key uses DSA and default encryption key uses RSA
4. Default Secure Random algorithm is SHA1PRNG
Notes:
1. The structure of a signed & encrypted file is
{ PGP Encrypted Message
{ PGP Compressed Message
{ PGP Signed Message
{ PGP Literal Message }
}
}
}
2. The structure of a Signed Message is
{ PGP Literal Message, Signature Packet }
Contact:
sunh11373@yahoo.com