Java
Páginas: 63 (15600 palabras)
Publicado: 17 de septiembre de 2011
JavaTM Cryptography Extension (JCE)
Reference Guide
for the JavaTM 2 SDK, Standard Edition, v 1.4
Introduction
What's New in JCE in the Java 2 SDK, v 1.4
Cryptographic Concepts
Encryption and Decryption
Password-Based Encryption
Cipher
Key Agreement
Message Authentication Code
Core Classes
The Cipher Class
The Cipher Stream Classes
The CipherInputStream Class
TheCipherOutputStream Class
The KeyGenerator Class
The SecretKeyFactory Class
The SealedObject Class
The KeyAgreement Class
The Mac Class
How to Make Applications "Exempt" from Cryptographic Restrictions
Installing JCE Providers for the Java 2 SDK, v 1.4
JCE Keystore
Code Examples
Using Encryption
Using Password-Based Encryption
Using Key Agreement
Appendix A: StandardNames
Appendix B: SunJCE Default Keysizes
Appendix C: SunJCE Keysize Restrictions
Appendix D: Jurisdiction Policy File Format
Appendix E: Maximum Key Sizes Allowed by "Strong" Jurisdiction Policy Files
Appendix F: Sample Programs
Diffie-Hellman Key Exchange between 2 Parties
Diffie-Hellman Key Exchange between 3 Parties
Blowfish Example
HMAC-MD5 Example
Introduction
Thisdocument is intended as a companion to the JavaTM Cryptography Architecture (JCA) API Specification & Reference. References to chapters not present in this document are to chapters in the JCA Specification.
The JavaTM Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support forencryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects.
JCE was previously an optional package (extension) to the JavaTM 2 SDK, Standard Edition (Java 2 SDK), versions 1.2.x and 1.3.x. JCE has now been integrated into the Java 2 SDK, v 1.4.
JCE is based on the same design principles found elsewhere in the JCA:implementation independence and, whenever possible, algorithm independence. It uses the same "provider" architecture. Providers signed by a trusted entity can be plugged into the JCE framework, and new algorithms can be added seamlessly.
The JCE API covers:
* Symmetric bulk encryption, such as DES, RC2, and IDEA
* Symmetric stream encryption, such as RC4
* Asymmetric encryption, such asRSA
* Password-based encryption (PBE)
* Key Agreement
* Message Authentication Codes (MAC)
The Java 2 SDK, v 1.4 release comes standard with a JCE provider named "SunJCE", which comes pre-installed and registered and which supplies the following cryptographic services:
* An implementation of the DES (FIPS PUB 46-1), Triple DES, and Blowfish encryption algorithms in theElectronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Propagating Cipher Block Chaining (PCBC) modes. (Note: Throughout this document, the terms "Triple DES" and "DES-EDE" will be used interchangeably.)
* Key generators for generating keys suitable for the DES, Triple DES, Blowfish, HMAC-MD5, and HMAC-SHA1 algorithms.
* An implementation ofthe MD5 with DES-CBC password-based encryption (PBE) algorithm defined in PKCS #5.
* "Secret-key factories" providing bi-directional conversions between opaque DES, Triple DES and PBE key objects and transparent representations of their underlying key material.
* An implementation of the Diffie-Hellman key agreement algorithm between two or more parties.
* A Diffie-Hellman key pairgenerator for generating a pair of public and private values suitable for the Diffie-Hellman algorithm.
* A Diffie-Hellman algorithm parameter generator.
* A Diffie-Hellman "key factory" providing bi-directional conversions between opaque Diffie-Hellman key objects and transparent representations of their underlying key material.
* Algorithm parameter managers for Diffie-Hellman,...
Reference Guide
for the JavaTM 2 SDK, Standard Edition, v 1.4
Introduction
What's New in JCE in the Java 2 SDK, v 1.4
Cryptographic Concepts
Encryption and Decryption
Password-Based Encryption
Cipher
Key Agreement
Message Authentication Code
Core Classes
The Cipher Class
The Cipher Stream Classes
The CipherInputStream Class
TheCipherOutputStream Class
The KeyGenerator Class
The SecretKeyFactory Class
The SealedObject Class
The KeyAgreement Class
The Mac Class
How to Make Applications "Exempt" from Cryptographic Restrictions
Installing JCE Providers for the Java 2 SDK, v 1.4
JCE Keystore
Code Examples
Using Encryption
Using Password-Based Encryption
Using Key Agreement
Appendix A: StandardNames
Appendix B: SunJCE Default Keysizes
Appendix C: SunJCE Keysize Restrictions
Appendix D: Jurisdiction Policy File Format
Appendix E: Maximum Key Sizes Allowed by "Strong" Jurisdiction Policy Files
Appendix F: Sample Programs
Diffie-Hellman Key Exchange between 2 Parties
Diffie-Hellman Key Exchange between 3 Parties
Blowfish Example
HMAC-MD5 Example
Introduction
Thisdocument is intended as a companion to the JavaTM Cryptography Architecture (JCA) API Specification & Reference. References to chapters not present in this document are to chapters in the JCA Specification.
The JavaTM Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support forencryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects.
JCE was previously an optional package (extension) to the JavaTM 2 SDK, Standard Edition (Java 2 SDK), versions 1.2.x and 1.3.x. JCE has now been integrated into the Java 2 SDK, v 1.4.
JCE is based on the same design principles found elsewhere in the JCA:implementation independence and, whenever possible, algorithm independence. It uses the same "provider" architecture. Providers signed by a trusted entity can be plugged into the JCE framework, and new algorithms can be added seamlessly.
The JCE API covers:
* Symmetric bulk encryption, such as DES, RC2, and IDEA
* Symmetric stream encryption, such as RC4
* Asymmetric encryption, such asRSA
* Password-based encryption (PBE)
* Key Agreement
* Message Authentication Codes (MAC)
The Java 2 SDK, v 1.4 release comes standard with a JCE provider named "SunJCE", which comes pre-installed and registered and which supplies the following cryptographic services:
* An implementation of the DES (FIPS PUB 46-1), Triple DES, and Blowfish encryption algorithms in theElectronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Propagating Cipher Block Chaining (PCBC) modes. (Note: Throughout this document, the terms "Triple DES" and "DES-EDE" will be used interchangeably.)
* Key generators for generating keys suitable for the DES, Triple DES, Blowfish, HMAC-MD5, and HMAC-SHA1 algorithms.
* An implementation ofthe MD5 with DES-CBC password-based encryption (PBE) algorithm defined in PKCS #5.
* "Secret-key factories" providing bi-directional conversions between opaque DES, Triple DES and PBE key objects and transparent representations of their underlying key material.
* An implementation of the Diffie-Hellman key agreement algorithm between two or more parties.
* A Diffie-Hellman key pairgenerator for generating a pair of public and private values suitable for the Diffie-Hellman algorithm.
* A Diffie-Hellman algorithm parameter generator.
* A Diffie-Hellman "key factory" providing bi-directional conversions between opaque Diffie-Hellman key objects and transparent representations of their underlying key material.
* Algorithm parameter managers for Diffie-Hellman,...
Leer documento completo
Regístrate para leer el documento completo.