1. Password Profile - Encryption and Decryption Encryption is a process that will be encrypted with some mathematical operations into a group of things that can't be unknown; decryption is the process of converting an encrypted text back to the original text. During this process, the mathematical algorithm that plays the transition between the original text and the encrypted text is called Cipher.
Figure 1 Cipher's operation
Most modern CiPher will use Key to encrypt and decrypt data. The so-called key refers to a confidential value, we can treat it as a password. Encrypted text must use the descent key to decrypt as the original text. A. Symmetrical Cipher symmetrical Cipher is the same as the key used by the transmitting end, as shown in Figure 2, the symmetrical Cipher is also called Private Key Cipher, because the value of Key only knows the transfer end and the receiving end. If a third party knows the Private Key value, you can solve the encrypted information.
Figure 2 Operation of symmetrical Cipher
B. Asymmetric Cipher asymmetrical Cipher is also called public key cipher, Cipher In addition to Private Key, it will also introduce a public key that can be distributed. The information encrypted by the public key is only the relatively reflected Private Key can be unwrapped, and the same data encrypted by Private Key is only the relatively reflected public key can be unpredictable. As shown in FIG. 3, the operation process of the asymmetric Cipher is shown.
Figure 3 Operation of non-symmetrical Cipher
C. Message Digest message Summary is a special number to calculate from a set of input data, and its principle operation is like Hash Function. In the application of cryptography, it is generally used to verify that the data is tampered. 2. JCE Downloads Due to the restrictions of US regulations, Sun only provides a few encryption methods in JDK, and most of the remaining parts are only available in SunJCE, and SunJCE's API restriction is only the United States, can be downloaded in Canada. Table 1 Encrypted algorithm for SUN and SunJCE respectively.
name
Pattern
Sun
MD5
Message summary
SHA-1
Message summary
DSA
signature
Sunjce
HMACMD5
Mac
Hmacsha1
Mac
DES
Symmetrical Cipher
DeSede
Asymmetric Cipher
Pbewithmd5anddes
Symmetrical Cipher
DH
KEY exchange
Table 1 Encrypted algorithm supported by Sun and SunJCE
Although the US regulations have such a definition, there is already a manufacturer in the United States to make JCE, and can be downloaded directly on the Internet, Table 2 is a list of download URLs.
Kit
Website
free
JCE
http://java.sun.com/products/jdk/1.2/jce/
Yes
Cryptix
http://www.cryptix.org/
Yes
IAik
http://wwwjce.iaik.tu-graz.ac.at/
no
Table 2 JCE Software Download URL
3. JCE installation
Unzip into the JDK directory set classpath = c: /jdk/bin/cryptix-jce-api.jar; c: /jdk/bin/cryptix-jce-compat.jar; C: / JDK / BIN / CRYPTIX-JCE- Provider.jar ... Join security.Provider.1 = sun.security.provider.sun in JDK / lib / security / java.security (original) security.provider.2 = cryptix.jce.Provider.cryptix (join )
4. Program Example Before an example, I first complete a public category, used to convert a string into a hexadecimal representation. public class Msg {public static String toHexString (byte [] b) {StringBuffer hexString = new StringBuffer (); String plainText; for (int i = 0; i import java.security *;. public class SHA extends Object {public static void main (String [] args) throws Exception {MessageDigest md = MessageDigest.getInstance ( "SHA"); md.update (args [0] .getBytes () ); Byte [] digest = md.digest (); system.out.println (msg.tohexstring (digest));}} PS. When comparing whether the two message summary is the same, ISEQUAL can be called. 6. The message authentication code (MAC, Take the HMACSHA1 as an example) message authentication code is just a message abstract, and it is more difficult to make the message summary to make the message summary. Steps to generate a message authentication code: Use the password to generate a key call GetInstance to get the MAC entity call init, initialize the Mac call Update to feed the Mac call DOFINAL to generate a message authentication code import java.security *;. import javax.crypto *;. import javax.crypto.spec *;. public class MacSHA {public static void main {SecureRandom sr = new SecureRandom (String [] args) (); byte [] keyBytes = New Byte [20]; Sr.NextBytes; SecretKey Key = New SecretKeyspec (Keybytes, "HmacSha"); try {mac m = mac.getInstance ("hmacsha"); M.INIT (KEY); M. Update (Args [0] .getbytes ()); byte [] mac = m.dofinal (); system.out.println (msg.tohexstring (mac));} catch (exception e) {system.out.println "Exception !!");}}} 7. Encryption and Decryption (with DES as an example) The encryption / decryption here is a symmetrical Cipher; in the financial transaction, the symmetric Cipher is commonly used to add / decrypt data. The step of encryption / decryption: With a password, a KEY call GetInstance generates a CIPHER object call init setting to encrypted or decrypt encryption / decryption IMPORT JAVA.IO. *; Import java.security. *; Import javax.crypto. *; Public class pwddes {public static final INT kBuffersize = 8192; public static void main (string [] args) throws exception {if (args.length <4) {system.out.println ("usage: cloak -e | -d passwd inputfile outputfile); return; } // GET or CREATE KEY. Key Key; keygenerator generator = keygenerator.getInstance ("des"); generator.init (New SecurerandM (args [1] .getbytes); key = generator.GenerateKey (); / / Get a copher object copher copher = copher.getInstance ("DES / ECB / PKCS # 5"); // Encrypt or Decryptiff IF (args [0] .indexof ("e")! = -1) Cipher.init ( Cipher.ENCRYPT_MODE, key); else cipher.init (Cipher.DECRYPT_MODE, key); FileInputStream in = new FileInputStream (args [2]); FileOutputStream fileOut = new FileOutputStream (args [3]); CipherOutputStream out = new CipherOutputStream (fileOut , cipher; byte [] buffer = new byte [kbuffersize]; int lay; while ((Length) H = in.read (buffer))! = -1) Out.write (buffer, 0, length); in.close (); out.close ();}} 8. Generate a signature and certification (with DSA as Example) Digital signature is commonly used to confirm on the Internet. Procedure for generating a signature: Call GetInstance gets a signature entity call INITSIGN initializes Signature call SIGN generation signature Procedure for certification: Call GetInstance gets a signature entity call initverify Initialize Signature Call Verify Certification Sample1: generating Private / Public Keyimport java.security *; import java.security.KeyPairGenerator; import java.security.KeyPair; import java.io *; public class KeyPair1 {public static void main (String [] args) {try.. {KeyPairGenerator genKeyPair = KeyPairGenerator.getInstance ( "DSA"); genKeyPair.initialize (1024, new SecureRandom ()); KeyPair kpKey = genKeyPair.genKeyPair (); PrivateKey prKey = kpKey.getPrivate (); PublicKey puKey = kpKey.getPublic ( ); ObjectOutputStream osPrivate = new ObjectOutputStream (new FileOutputStream ( "D: //Private.Key")); ObjectOutputStream osPublic = new ObjectOutputStream (new FileOutputStream ( "D: //Public.Key")); osPrivate.writeObject (prKey) Ospublic.WriteObject (Pukey); ospacket.close (); ospublic.close ();} catch (exception e) {system.out.println ("error");}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}} .io. *; Import java.security. *; import java.security.signature; import java.security.cert. *; public class gensign {public static void main (string [] args) throws Exce Ption {string options = args [0]; string messagefile = args [1]; string signaturefile = args [2]; signature signature = signature.getInstance ("DSA"); if (Options.indexof ("s")! = -1) {ObjectInputStream is = new ObjectInputStream (new FileInputStream ( "D: //Private.key")); PrivateKey priKey = (PrivateKey) is.readObject (); signature.initSign (priKey); is.close (); } else {ObjectInputStream is = new ObjectInputStream (new FileInputStream ( "D: //Public.key")); PublicKey pubKey = (PublicKey) is.readObject (); signature.initVerify (pubKey); is.close ();} FileInputStream in = new fileinputstream (messagefile);
