Understand the basics of Java password Extension

Source: Internet
Author: User
Learn about the basics of Java password extension-general Linux technology-Linux programming and kernel information. The following is a detailed description. The Java Cryptography Extension is an important part of JDK1.4. Basically, it consists of some packages which form a framework and implement encryption, key Generation Algorithms, protocols, message authentication codes, and other algorithms. This article will introduce you to the installation and use of JCE.
It is worth noting that although JCE is part of the core package of JDK1.4, we will first use JDK1.2 and a later version to show you if you install and configure JCE (static installation ). Later, we will show you how to use JCE (dynamic installation) without installation ). Finally, we will demonstrate how to generate the key and password, and how to perform basic encryption and decryption.
What is the provider?
Providers are the implementers of specific encryption algorithms. Some providers (provided encryption technologies) are free of charge, and some are not free. IBM, Bouncy Castle, and RSA are both some (encryption) providers. later in this article, we will examine the RSA algorithm from Bouncy Castle. Sun also explained to you that if you implement your own provider (you need to comply with some jDK conventions ).
Static Installation
Before installing and using JCE, you need to go to the Sun Web site (here is the secret sun provider as an example ). obtain the installation package. The JCE has sun's own security provider-sunJCE. To install sunJCE statically to the default provider list, you need to modify the Security Attribute file:
• \ Jre \ lib \ security \ java. security (Win32)
• /Jre/lib/security/java. security (UNIX)
If you install JDK in C: \ jdk1.3, edit the following file:
C: \ jdk1.3 \ jre \ lib \ security \ java. security
To install SunJCE, add the following to the above file:
Security. provider. n = com. sun. crypto. provider. SunJCE
Replace n with the priority of the provider you added (note: the sequence number must be incremented and cannot be skipped, but the order can be adjusted ).
Listing A is used to view the information of the provider you have installed. The results are listed in Listing B to show the capabilities of the provider, such as the available encryption algorithms.
Listing A: ProviderInformation. java
Import java. security. Provider;
Import java. security. Security;
Import java. util. Set;
Import java. util. Iterator;
Public class ProviderInformation {
Public static void main (String [] args ){
Provider [] providers = Security. getProviders ();
For (int I = 0; I <providers. length; I ++ ){
Provider provider = providers ;
System. out. println ("Provider name:" + provider. getName ());
System. out. println ("Provider information:" + provider. getInfo ());
System. out. println ("Provider version:" + provider. getVersion ());
Set entries = provider. entrySet ();
Iterator iterator = entries. iterator ();
While (iterator. hasNext ()){
System. out. println ("Property entry:" + iterator. next ());
}
}
}
}
Listing B: ProviderInformation. java output
Provider name: SUN
Provider information: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore)
Provider version: 1.2
Property entry: Alg. Alias. KeyFactory.1.2.840.10040.4.1 = DSA
Property entry: Alg. Alias. Signature.1.2.840.10040.4.3 = SHA1withDSA
Property entry: Alg. Alias. KeyPairGenerator. OID.1.2.840.10040.4.1 = DSA
Property entry: Signature. SHA1withDSA KeySize = 1024
Property entry: Signature. SHA1withDSA ImplementedIn = Software
Dynamic installation: Listing c illustrates how to dynamically load the Security provider at runtime. Note that when you use Security. addProvider (...) When loading the provider, it is useful to the entire JVM environment;
Listing C: DynamicProvider. java
Import java. security. Security;
Public class DynamicProvider {
Public static void main (String [] args ){
// This is all there is to it!
Security. addProvider (new com. sun. crypto. provider. SunJCE ());
}
}
As mentioned above, when you install a provider, you use n to specify the priority of this provider, but when an algorithm instance is called, JVM searches for available implementations in the installed providers based on the provided priority and uses the available algorithms first. You can also add additional parameters during the survey to specify the algorithm to be used in that provider.

Implementation Details:
JCE APIs contain a large number of classes and interfaces to implement security features. First, we will provide an example of DES symmetric encryption.

Generate key:
Listing D shows how to generate a key using the initial key generator;
Listing D: DESKeyGenerator. java

Import javax. crypto. KeyGenerator;
Import java. security. Key;
Import java. security. NoSuchAlgorithmException;
Import java. security. Security;
Public class DESKeyGenerator {
Public static void main (String [] args ){
Security. addProvider (new com. sun. crypto. provider. SunJCE ());
Try {
KeyGenerator kg = KeyGenerator. getInstance ("DES ");
Key key = kg. generateKey ();
System. out. println ("Key format:" + key. getFormat ());
System. out. println ("Key algorithm:" + key. getAlgorithm ());
}
Catch (NoSuchAlgorithmException e ){
E. printStackTrace ();
}
}
}
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.