Add to collection(s) Add to saved
  1. No category

readme

advertisement 
File encryption utility
Pre-requisites

JDK 8 or above installed on server or machine on which jar will be invoked.
Encryption Algorithm



PGP with 2048 RSA key
AES 256 symmetric encryption logic of PGP
SHA256 for digital signing.
Encryption key pair generation (One time activity)
Pre-requisites

Encryption key pair will be generated by the team who decrypts the file. If you are team who
decrypting the files then proceed with key pair generation else ask the decrypting team to
provide public key.
Key pair generation steps




Copy the shared encryption-util-1.0.jar file into a location on the server /PC.
Two keys i.e. public and private key will be generated in this step.
o public.asc ( public key - used for encryption)
o secret.asc ( private key – used for decryption)
Private (secret.asc) and public key (public.asc) can be generated using following steps.
o </path/to/java8> -jar <location of the jarfile>/encryption-util-1.0.jar KEYGEN <team
identfier> sometoughpassword
o If password or team identifier has spaces in between then put the string inside quotes
( E.g. “some critical password”)
If you are team who is decrypting the files then share the public key with team who is
encrypting the files.
Steps to generate signing key pair (One time activity)
Pre-requisites

This step need to be done by team who is encrypting the files. If you are team who is decrypting
the files then please ask the signing-public.asc from team who is encrypting the files.
Signing key pair generation steps



Copy the shared encryption-util-1.0.jar file into a location on the server /PC where the dumps
are created.
Signing of encrypted data takes care of non-repudiation of encrypted files.
Data is signed using private key located at your end and verified at target end (i.e us) using
public key shared by you.

Private (signing-secret.asc) and public key (signing-public.asc) can be generated using following
steps.
o </path/to/java8> -jar <location of the jarfile>/encryption-util-1.0.jar SIGNKEYGEN
SOC_TEAM sometoughpassword
o If password has spaces in between then put the password string inside quotes ( E.g.
“some critical password”)
This would generate two files in the location of jar file namely
o signing-secret.asc ( signing private key)
o signing-public.asc (signing public key)
o
Keep the private with you and share public key with team who is decrypting the files.
Steps to encrypt the dump files:
Shell script /Manual encryption



Copy the shared encryption-util-1.0.jar file into a location on the server /PC where the
dumps are created.
Generate dump file.
Execute following command after the csv is generated
</path/to/java8> -jar encryption-util-1.0.jar ENCRYPTION filedump.csv signingsecret.asc etradeswift
NOTE: If password has spaces in between then put the password string inside quotes
(E.g. “some critical password”)
ex: </path/to/java8> –jar /home/<working-directory>/encryption-util-1.0.jar
ENCRYPTION /home/<working-directory>/<EXTRACT-NAME>.csv signing-secret.asc
sometoughpassword

After the command is executed, a new file will be created with extension as .enc in the
same location as input file location.
ex: /home/<working-directory> /<EXTRACT-NAME>.csv.enc

Push the encrypted file along with touch file to SFTP location.
Programmatically (java) encrypting the files




Add the jar to the classpath.
Generate dump file
Import following class to your programming class using
com.sbi.recon.ReconEncryptionUtil
Call the method ReconEncryptionUtil.main(String[]) in the class ReconEncryptionUtil
To encrypt the dump file
ReconEncryptionUtil.main(new String[] {“ENCRYPTION”, “/home/<workingdirectory>/<EXTRACT-NAME>.csv”, “./signing-secret.asc”, “sometoughpassword”});

After the command is executed, a new file will be created with extension as .enc in the
same location as input file location.
Ex: /home/<working-directory> /<EXTRACT-NAME>.csv.enc

Push the encrypted file along with touch file to SFTP location.
Steps to decrypt files
Shell script/manual decryption



Copy the shared encryption-util-1.0.jar file into a location on the server /PC where the
dumps are created.
Generate dump file.
Execute following command after the csv is generated
</path/to/java8> -jar encryption-util-1.0.jar DECRYPTION <encrypted-file-path>
<decryptionPrivatekey> <decryptionpassword> <signing-public-key>
NOTE: If password has spaces in between then put the password string inside quotes
(E.g. “some critical password”)
ex: </path/to/java8> –jar /home/<working-directory>/encryption-util-1.0.jar
DECRYPTION <ENCRYPTED_FILE> secret.asc criticalpassword signing-public.asc

After the command is executed, a new file will be created with extension as .dec in the
same location as input file location.
ex: /home/<working-directory> /<EXTRACT-NAME>.dec
Programmatically (java) decrypting files




Add the jar to the classpath.
Generate dump file
Import following class to your programming class using
com.sbi.recon.ReconEncryptionUtil
Call the method ReconEncryptionUtil.main(String[]) in the class ReconEncryptionUtil
To decrypt the dump file
ReconEncryptionUtil.main(new String[] {“DECRYPTION”, “/home/<workingdirectory>/<EXTRACT-NAME>.enc”, “/dir/secret.asc”, “criticalpassword”, “signingpublic.asc”});

After the command is executed, a new file will be created with extension as .dec in the
same location as input file location.
Ex: /home/<working-directory> /<EXTRACT-NAME>.dec
Related documents
Audience Analysis Worksheet
Audience Analysis Worksheet
The Academic Support Center is open to all students at... students transition to AU, the ASC offers a variety of...
The Academic Support Center is open to all students at... students transition to AU, the ASC offers a variety of...
Bemidji State University Today’s Date __________________________________________ Advising Success Center (ASC)
Bemidji State University Today’s Date __________________________________________ Advising Success Center (ASC)
Download
advertisement