Java Encryption decryption

Secret key key, divided into symmetric key and asymmetric key

Symmetric secret key Secretkey, generated by Keygenerator

Non-pair privatekey,publickey, generated by keypairgenerator

keyfactory (secretkeyfactory) can also generate secret key, you can add the secret key is converted to an external representation such as a byte array, Key spec, etc.

One keyspec corresponds to a key

keyfactory secret key, secret key Specification conversion

Dsaprivatekeyspec spec = XX;

Keyfactory KF = Keyfactory.getinstance ("DSA");

Privatekey PK = kf.generateprivatekey (spec);

Privatekey key = XX;

Class sp = class.forname ("Java.security.spec.DSAPrivateKeySpec");

Dsaprivatekeyspec spec = (dsaprivatekeyspec ) kf.getkeyspec (key, SP);

Message digest algorithm

Used to identify the message has not been rewritten, there are three major series of Md,sha,mac algorithm

Mac algorithm compared to Md,sha, more than a key, Md,sha can prevent the text from being rewritten, but does not prevent the message digest is also overwritten

Mac solves this problem.

Symmetric encryption algorithm

The main algorithms are Aes,des,desede

Cipher Cipher = cipher.getinstance ("DES")

Cipher.init (Cipher.encryt_mode, key)

Cipher.dofinal (data)

Asymmetric encryption algorithm

Main algorithm RSA

Data encrypted with the private key is decrypted with the public key

Data encrypted with the public key is decrypted with the private key

Use Keypairgenerator to generate a key pair and then use cipher to decrypt

Digital Signature Algorithm

Main algorithms RSA, DSA, ECDSA

Digital signature algorithms require validation of data integrity, authentication of data sources, and the role of anti-repudiation

, which is implemented by combining the message digest algorithm with the asymmetric encryption algorithm.

Message digest for validating data integrity

Asymmetric encryption algorithm for validating data sources, anti-repudiation

Private keys are used for signing, and public keys are used to verify

Signature

Sinature sinature = sinature.getinstance ("Md5withrsa")

Sinature.initsign (Privatekey);

Sinature.update (data)

Byte[]sign = Sinature.sign ();

Verify

Sinature sinature = sinature.getinstance ("Md5withrsa")

Sinature.initverify (PublicKey)

Sinature.update (data) #这里的data和 signed data is the same object

Boolean status = Sinature.verify (sign);

Digital certificates

The digital certificate includes the message digest algorithm, the encryption and decryption algorithm, the digital Signature algorithm

KeyStore KeyStore

Certificate X509Certificate

Java Encryption decryption