AESKeyGeneration.java generates the sysmetric key using AES algorithm. Key size assigned here is 128 bits. It works for key size of 192 and 256 bits also by adding secuirty related files to jre1.6.0libsecurity folder. You do not generate the key used by aes when you use ssh-keygen.Since aes is a symmetric cipher, its keys do not come in pairs. Both ends of the communication use the same key. The key generated by ssh-keygen uses public key cryptography for authentication. From the ssh-keygen manual. Ssh-keygen generates, manages and converts authentication keys for ssh(1).

Symmetic encryption

For symmetic encryption, you can use the following:

To encrypt:

To decrypt:

Asymmetric encryption

For Asymmetric encryption you must first generate your private key and extract the public key.

To encrypt:

To decrypt:

Encripting files

You can't directly encrypt a large file using rsautl. Instead, do the following:

• Generate a key using openssl rand, e.g. openssl rand 32 -out keyfile.
• Encrypt the key file using openssl rsautl.
• Encrypt the data using openssl enc, using the generated key from step 1.
• Package the encrypted key file with the encrypted data. The recipient will need to decrypt the key with their private key, then decrypt the data with the resulting key.

Ultimate solution for safe and high secured encode anyone file in OpenSSL and command-line:

Private key generation (encrypted private key):

With unecrypted private key:

With encrypted private key:

With existing encrypted (unecrypted) private key:

Encrypt a file

Encrypt binary file:

Aes 256 Symmetric Key

Encrypt text file: Windows xp sp3 genuine key generator.

What is what:

• smime — ssl command for S/MIME utility (smime(1)).
• -encrypt — chosen method for file process.
• -binary — use safe file process. Normally the input message is converted to 'canonical' format as required by the S/MIME specification, this switch disable it. It is necessary for all binary files (like a images, sounds, ZIP archives).
• -aes-256-cbc — chosen cipher AES in 256 bit for encryption (strong). If not specified 40 bit RC2 is used (very weak). (Supported ciphers).
• -in plainfile.zip — input file name.
• -out encrypted.zip.enc — output file name.
• -outform DER — encode output file as binary. If is not specified, file is encoded by base64 and file size will be increased by 30%.
• yourSslCertificate.pem — file name of your certificate's. That should be in PEM format.

That command can very effectively a strongly encrypt any file regardless of its size or format.

Decrypt a file

Decrypt binary file:

For text files:

What is what:

• -inform DER — same as -outform above.
• -inkey private.key — file name of your private key. That should be in PEM format and can be encrypted by password.
• -passin pass:your_password — (optional) your password for private key encrypt.

Verification

Creating a signed digest of a file:

Generate Aes 256 Key

Verify a signed digest:

Source

This class provides the functionality of a secret (symmetric) key generator.

Key generators are constructed using one of the getInstance class methods of this class.

KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys.

There are two ways to generate a key: in an algorithm-independent manner, and in an algorithm-specific manner. The only difference between the two is the initialization of the object:

• Algorithm-Independent Initialization

  All key generators share the concepts of a keysize and a source of randomness. There is an init method in this KeyGenerator class that takes these two universally shared types of arguments. There is also one that takes just a keysize argument, and uses the SecureRandom implementation of the highest-priority installed provider as the source of randomness (or a system-provided source of randomness if none of the installed providers supply a SecureRandom implementation), and one that takes just a source of randomness.

  Since no other parameters are specified when you call the above algorithm-independent init methods, it is up to the provider what to do about the algorithm-specific parameters (if any) to be associated with each of the keys.

• Algorithm-Specific Initialization

  For situations where a set of algorithm-specific parameters already exists, there are two init methods that have an AlgorithmParameterSpec argument. One also has a SecureRandom argument, while the other uses the SecureRandom implementation of the highest-priority installed provider as the source of randomness (or a system-provided source of randomness if none of the installed providers supply a SecureRandom implementation).

In case the client does not explicitly initialize the KeyGenerator (via a call to an init method), each provider must supply (and document) a default initialization.

Every implementation of the Java platform is required to support the following standard KeyGenerator algorithms with the keysizes in parentheses:

• AES (128)
• DES (56)
• DESede (168)
• HmacSHA1
• HmacSHA256

Generate A Aes 256 Symmetric Key Vs

These algorithms are described in the KeyGenerator section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other algorithms are supported.