Cryptographer

Usage

Using the Cryptographer you can encrypt and decrypt messages.

Dialog Descriptions in the Cryptographer

Cryptographer Plug-in Dialog

In this dialog, you select one of the algorithms:

Available algorithms

Select one of the algorithms:

  • AES (Advanced Encryption Standard)

    Successor of the Data Encryption Standard (DES)

    Symmetrical encrypting algorithm for exchanging messages using AES-128 ECB with a secret key internally.

    When using this procedure, the very same key is used for encrypting and decrypting the input message.

  • AWS version 4 signature calculator

    To calculate a hexadecimal encoded AWS version 4 signature string.

  • CMS (Cryptographic Message Syntax)

    If you select this option, the input message is encrypted/decrypted and transferred using a hybrid procedure. This hybrid procedure combines the asymmetrical encryption/decryption procedure with the symmetrical:

    • At runtime, a session key is generated automatically. With this session key, the input message is encrypted symmetrically. You define the symmetrical procedure that should be used in the next step.

    • The session key and the input message are transferred to the recipient using the asymmetrical procedure CMS.

      Thus, the Cryptographer makes use of the advantages of both procedures: symmetrical procedures have a better performance when used on large amounts of data; asymmetrical procedures are more secure.

  • HMAC (Hash-based Message Authentication Code)

    Used for adding a hash to a message to be sent and for checking the integrity of the message received by the addressee. Sender and receiver need the same private key to compute the hash.

  • PGP (Pretty Good Privacy)

    PGP can be used for encrypting, decrypting, and signing messages as well as for verifying signed messages.

  • Unix password hashing (crypt)

    For producing a hash from the input message using the Unix crypt function.

    This hash allows the message receiver to check whether messages are corrupt, for example by the transfer via an insecure net, because this procedure always returns the same value when used on the same input message.

  • Websale Cryptographic 3DES

    Symmetrical encrypting algorithm for exchanging messages.

    When using this procedure, the very same key is used for encrypting and decrypting the input message.

AES (Advanced Encryption Standard) Dialog

Select AES in the dialog (refer to Cryptographer Plug-in Dialog) as encryption/decryption procedure and use the AES dialog to define whether the Cryptographer should encrypt or decrypt the input message and the algorithm to be used. Furthermore, select Message Digest (MD5) to secure the key as well as the message format.

Settings

  • Encrypt/Decrypt

    Define whether input messages are to be decrypted or encrypted.

  • AES algorithm

    The drop-down list provides the options AES-128 and AES-256 for choosing the algorithm to be used for encryption/ decryption.

  • Key/Retype key

    The given string is used as key for the symmetrical encryption/decryption. The Key length must be 16 bytes for AES-128 and 32 bytes for AES-256.

    If you encrypt your messages make sure the message’s recipient possesses the key for decrypting the message!

  • Message Digest (MD5)

    Enable this option to secure the key with Message Digest (MD5) (recommended only for AES-128).

    If Message Digest is not enabled standard key length must be 16 bytes for AES-128 and 32 bytes for AES-256.

  • Output message format (Encrypt)/Input message format (Decrypt)

    Select the radio button UTF-8, BASE64, or HEX corresponding the required message format.

AWS signature v4 Dialog

Usage

To calculate a hexadecimal encoded AWS version 4 signature string.

Prerequisites

You have selected AWS version 4 signature calculator in the Available algorithms section in the dialog (refer to Cryptographer Plug-in Dialog).

Settings

All of these fields are mandatory. If one or more fields are empty, an error message is displayed.

  • Key

    Text to be encrypted. It can be a string encoded with either UTF-8 or Base-64.

  • Region

    The region where the service is to be requested from.

    AWS supports only specific regions, which can only be modified by an administrator.

  • Service

    The AWS service to be connected to.

  • Private key

    Private key is provided as a validating token to the person who is trying to generate the signature.

  • Key encoding type

    Type of encoding used to encode the Key.

    If the Key is UTF-8 encoded, the Key encoding type must be set to UTF-8 and this applies to Base-64 accordingly.

CMS (Cryptographic Message Syntax) Dialog

If you have selected CMS in the dialog (refer to Cryptographer Plug-in Dialog) as encryption/decryption procedure, you use the CMS dialog to define whether the Cryptographer should encrypt or decrypt the input message and the session key and which symmetrical procedure should be used to do so. Additionally, you store your public and private key, respectively.

Encryption settings

  • Encrypt

    For defining that the Cryptographer should encrypt the input message and the session key.

  • Select certificate or truststore …

    For storing the key used for encrypting the input message and the session key.
    After the selection the validity of the certificate and the truststore, respectively, is displayed.

  • Encryption algorithm

    For selecting the symmetrical procedure used for encrypting the input message and the session key.

Decryption settings

  • Decrypt

    For defining that the Cryptographer should decrypt the input message and the session key.

  • Select private key

    For storing the key used for decrypting the input message and the session key.

Hash-based Message Authentication Code (HMAC)

If you selected HMAC in the dialog (refer to Cryptographer Plug-in Dialog) as encryption/decryption procedure, you use this dialog to specify the Hash algorithm. the private key, and the key encoding.

  • Hash algorithm

    To specify one of the algorithms supported.

  • Key

    To enter the private key.

  • Key encoding

    To specify the key encoding used for the private key.

PGP configuration Dialog

Usage

To choose the PGP function.

Prerequisites

You have selected PGP (Pretty Good Privacy) in the Available algorithms section in the dialog (refer to Cryptographer Plug-in Dialog).

PGP configuration

  • PGP encryption

    To encrypt a message.

  • PGP decryption

    To decrypt a message.

  • Sign PGP

    To sign a message

  • Verify PGP Signature

    • To verify the PGP signature of a signed message

    • To extract the data of a signed message

  • Sign and encrypt

    To sign and encrypt a message.

  • Decrypt and verify Signature

    To decrypt and verify the signature of a message.

PGP encryption Dialog

Usage

To configure the encryption of a message.

Prerequisites

Settings

  • Activate encryption

    To activate the encryption (cannot be deactivated).

  • Encryption algorithm

    Choose the encryption algorithm from the selection list.

  • Integrity check (MDC)

    To activate Modification Detection Code (MDC).

  • Output format

    Choose one of the following output formats:

    • ASCII armor

      The message is encoded to printable and readable characters only.

    • Binary

      The message is encoded binary.

  • Add public key

    Click this button to load a PGP public key file using the file chooser dialog.

  • Public key data

    In this field, the content of the PGP public key file is displayed.

PGP decryption Dialog

Usage

To configure the decryption of a message.

Prerequisites

Settings

  • Activate decryption

    To activate the decryption (cannot be deactivated).

  • Password

    Enter the password of the PGP private key.

  • Add private key

    Click this button to load a PGP private key file using the file chooser dialog.

  • Private key data

    In this field, the content of the PGP private key file is displayed.

Sign PGP Dialog

Usage

To configure how to sign a message.

Prerequisites

Settings

  • Activate signing

    To activate the signing (cannot be deactivated).

  • Hashing algorithm

    Choose the hashing algorithm from the selection list.

  • Signature type

    Choose one of the following signature types.

    • Clear sign

      To sign the input message without encrypting as clear text.

    • Binary sign

      To sign the input message binary.

  • Output format (only for Binary sign)

    • ASCII armor

      The message is encoded to printable and readable characters only.

    • Binary

      The message is encoded binary.

  • Password

    Enter the password of the PGP private key.

  • Add private key

    Click this button to load a PGP private key file using the file chooser dialog.

  • Private key data

    In this field, the content of the PGP private key file is displayed.

Verify PGP Signature Dialog

Usage

To verify a PGP signature and to extract signed data.

Prerequisites

Settings

  • Activate signature verification

    Activate to check the PGP signature for the input message (cannot be deactivated).

  • Extract signed data

    Activate to extract the signed data from the input message.

  • Signature type

    Choose one of the following signature types:

    • Clear sign

      The input message was signed without encrypting as clear text.

    • Binary sign

      The input message was signed binary.

  • Add public key

    Click this button to load a PGP public key file using the file chooser dialog.

  • Public key data

    In this field, the content of the PGP public key file is displayed.

Sign and Encrypt Dialog

Usage

To configure signing and encryption of a message.

Prerequisites

Settings

  • Activate signing and encryption

    To activate signing and encryption (cannot be deactivated).

  • Hashing algorithm

    Choose the hashing algorithm from the selection list.

  • Encryption algorithm

    Choose the encryption algorithm from the selection list.

  • Integrity check (MDC)

    To activate Modification Detection Code (MDC).

  • Output format

    Choose one of the following output formats:

    • ASCII armor

      The message is encoded to printable and readable characters only.

    • Binary

      The message is encoded binary.

  • Password

    Enter the password of the PGP private key.

  • Add private key

    Click this button to load a PGP private key file using the file chooser dialog.

  • Private key data

    In this field, the content of the PGP private key file is displayed.

  • Add public key

    Click this button to load a PGP public key file using the file chooser dialog.

  • Public key data

    In this field, the content of the PGP public key file is displayed.

Decrypt and verify Signature Dialog

Usage

To decrypt and verify the signature of a message.

Prerequisites

Settings

  • Activate decryption and signature verification

    To activate the decryption and signature verification for the input message (cannot be deactivated).

  • Extract signed data

    Activate to extract the signed data from the input message

  • Add private key

    Click this button to load a PGP private key file using the file chooser dialog.

  • Private key data

    In this field, the content of the PGP private key file is displayed.

  • Add public key

    Click this button to load a PGP public key file using the file chooser dialog.

  • Public key data

    In this field, the content of the PGP public key file is displayed.

Websale Cryptographic 3DES Dialog

Select Websale Cryptographic 3DES in the dialog (refer to Cryptographer Plug-in Dialog) as encryption/decryption procedure and use the Websale Cryptographic 3DES dialog to define whether the Cryptographer should encrypt or decrypt the input message.

Settings

  • Encrypt/Decrypt

    Define whether input messages are to be decrypted or encrypted.

  • Password/Retype password

    The given string is used as key for the symmetrical encryption/decryption.

    If you encrypt your messages make sure the message’s recipient possesses the key for decrypting the message!