Memo - Java Cryptograp Architecture (JCA Java Cryptograp Architecture)

加密架构 JCA
	架构
		加密服务提供者
			Sun、 SunJSSE、 SunJCE、 SunRsaSign
			Bouncy Castle
		加密引擎
			MessageDigest
			Signature
			Cipher
			SecureRandom
			Message Authentication Codes (MAC)
			 KeyFactory
			 SecretKeyFactory
			 KeyPairGenerator
			KeyGenerator
			KeyAgreement
				DH
			AlgorithmParameters
			AlgorithmParameterGenerator 
			KeyStore
			CertificateFactory
			CertPathBuilder
			CertPathValidator
			CertStore
		算法
			SHA1WITHRSA
			SHA256WITHRSA
			...
		java.sercutiry.*
	高级类
		Provider
			不指定提供者时的提供程序的搜寻机制
				按注册优先级,按顺序查找
			安装提供者程序
				安装在classpath路径中
				安装在标准扩展目录:jre/lib/ext
			注册提供者程序
				静态注册
					jre/lib/security/java.security 文件
				动态注册
					Security.addProvider(Provider);
					Security.insertProviderAt(Provider,position);
		Security
			管理提供程序
				查询,添加,删除提供程序
			安全属性设置
		SecureRandom
			强随机数
		MessageDigest
			MD算法
				MD5
			SHA算法：安全哈希算法（Secure Hash Algorithm）
				SHA1
				SHA256
			MAC算法
				HmacMD5
		Signature
			DSA
			RSAwithMD5
			签名/验证
		Cipher
			加密解密
				块加密
					数据加密前需要填充字节满足输入块长度,解密后剥离
						填充类型
							PKCS5PADDING
				流加密
					处理任意长度数据,无需填充
		Mac
		KeyAgreement
			Diffie-Hellman
		密钥生成器
			KeyGenerator
			KeyPairGenerator
		密钥管理
			KeyStore
				读取PKCS12 和 JKS 格式的密钥库信息

package inaction.jca;

import inaction.Log;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.Test;

import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;

/**
 * @author oniong
 * on 2018/4/29.
 */
public class JCATest {

    public static void main(String[] args) throws Exception{

        /*Security.addProvider(Provider);
        Security.insertProviderAt(Provider,position);*/
    }

    @Test
    public void mac()throws Exception{
        KeyGenerator keyGen = KeyGenerator.getInstance("AES");
        keyGen.init(128);
        Key key = keyGen.generateKey();
        Mac mac = Mac.getInstance("HMACMD5");
        mac.init(key);
        Log.println(Base64.getEncoder().encodeToString(mac.doFinal("123456".getBytes())));

    }

    @Test
    public void cipher()throws Exception{
        Provider provider = new BouncyCastleProvider();
        Log.println(provider.getName());
        Security.addProvider(provider);
        String alg = "AES/ECB/PKCS5Padding";
        KeyGenerator keyGen = KeyGenerator.getInstance("AES","BC");
        keyGen.init(128);
        Key key = keyGen.generateKey();
        Log.println(new String(key.getEncoded()));
        Cipher cipher = Cipher.getInstance(alg);
//        cipher.init(Cipher.ENCRYPT_MODE,key);
        cipher.init(Cipher.ENCRYPT_MODE,new SecretKeySpec("abcdefghijklmnop".getBytes(),"AES"));
        Log.println(Base64.getEncoder().encodeToString(cipher.doFinal("123456789".getBytes())));

        ByteArrayInputStream input = new ByteArrayInputStream("123456789".getBytes());
        CipherInputStream cipherInputStream = new CipherInputStream(input,cipher);
        ByteArrayOutputStream output = new ByteArrayOutputStream(1024);
        byte[] data = new byte[8];
        for(;;){
            int len = cipherInputStream.read(data);
            if(len>0){
                output.write(data,0,len);
            }else{
                break;
            }
        }

        Log.println(Base64.getEncoder().encodeToString(output.toByteArray()));

        Cipher cipher2 = Cipher.getInstance(alg);
        cipher2.init(Cipher.DECRYPT_MODE,key);
        cipher2.update(output.toByteArray());
        byte[] v = cipher2.doFinal();
        System.out.println(new String(v));
        ByteArrayInputStream input2 = new ByteArrayInputStream(output.toByteArray());
        CipherInputStream cipherInputStream2 = new CipherInputStream(input2,cipher2);
        ByteArrayOutputStream output2 = new ByteArrayOutputStream(1024);
        byte[] data2 = new byte[8];
        for(;;){
            int len = cipherInputStream2.read(data2);
            if(len>0){
                output2.write(data2,0,len);
            }else{
                break;
            }
        }
        Log.println(new String(output2.toByteArray()));
    }

    @Test
    public void signature()throws Exception{
        KeyPairBuilder keyPairBuilder = new KeyPairBuilder("RSA",1024).build();
        Log.println(keyPairBuilder.getPrivateKey().getFormat());
        Log.println(keyPairBuilder.privateKey());
        Log.println(keyPairBuilder.getPublicKey().getFormat());
        Log.println(keyPairBuilder.publicKey());

        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyPairBuilder.privateKey().getBytes());
        Log.println(pkcs8EncodedKeySpec.getFormat());

        Signature signature = Signature.getInstance("SHA1WITHRSA");
        signature.initSign(keyPairBuilder.getPrivateKey());
        byte[] src = "123456".getBytes();
        signature.update(src);
        byte[] out = signature.sign();
        Log.println(Base64.getEncoder().encodeToString(out));
    }

    @Test
    public void sr()throws Exception{
        byte[] seed = new byte[]{27, -31, 44, -111, -67, -18, 31, 66, 88, 120};
        Log.println(Arrays.toString(seed));
        SecureRandom secureRandom = SecureRandom.getInstanceStrong();
        secureRandom.setSeed(seed);
        Log.println(secureRandom.getAlgorithm());
        secureRandom.ints(2,0,Integer.MAX_VALUE).forEach(value -> Log.println(value));
        secureRandom.longs(2,0,Long.MAX_VALUE).forEach(value -> Log.println(value));
        secureRandom.doubles(2,1,Long.MAX_VALUE).forEach(value -> Log.println(value));
        byte[] data = new byte[128];
        secureRandom.nextBytes(data);
        Log.println(Base64.getEncoder().encodeToString(data));

    }

    @Test
    public void md()throws Exception{

        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.getProvider().entrySet().forEach(entry->{
            Log.println(entry.getValue(),":",entry.getKey());
        });
        Log.println("Provider:",messageDigest.getProvider());
        Log.println("Algorithm:",messageDigest.getAlgorithm());
        String input = "123456";
        Log.println("Input:",input);
        byte[] output = messageDigest.digest(input.getBytes());
        Log.println("Output Base64:",Base64.getEncoder().encodeToString(output));
    }

}