Week 10 Learning Summary
TCP programming and UDP network programming
• In the Java language, the data transmission function is implemented by Java IO, that is to say, it is only necessary to obtain the input stream and output stream from the connection, and then write the data to be sent into the connection object. In the output stream, the data can be read from the input stream after the transmission is completed.
OutputStream os = socket1.getOutputStream(); //Get the output stream
InputStream is = socket1.getInputStream(); //Get the input stream
• In the Java API, UDP programming is implemented, including client-side network programming and server-side network programming, mainly implemented by the DatagramSocket and DatagramPacket classes.
Java Cryptography Algorithms
Fundamentals of Cryptography
• The security problems we encounter can be boiled down to three properties of security (CIA Golden Triangle): Confidentiality, Integrity and Availability.
•Cryptography includes two branches: Cryptography and Cryptanalyst. Coding and analytics promote and restrict each other. On the one hand, the two promote each other in enhancing the security of cryptanalysis; on the other hand, the two also influence each other in implementing more effective attacks.
• Common terms in cryptography are: plaintext, ciphertext, encryption, decryption, broadcaster, receiver, encryption algorithm, decryption algorithm, encryption key, decryption key, passive attack, active attack, cryptographic protocol and so on.
• Use the secure communication model to interpret the information transmission method in cryptography, as shown in the following figure:
• The following six techniques are collectively referred to as a cryptographer's toolbox: symmetric cryptography, public key cryptography, one-way hash functions, message authentication codes, digital signatures, and pseudorandom number generators.
Java and Cryptography
• The Java security architecture is divided into 4 parts: JCA (Java Cryptography Architecture), JCE (Java Cryptography Extension, Java Encryption Extension Package), JSSE (Java Secure Sockets Extension, Java Secure Sockets) Access expansion package), JAAS (Java Authentication and Authentication Service, Java Authentication and Security Service).
• JCA and JCE are two sets of APIs provided by the Java platform for security and encryption services. They do not implement any algorithms, they are just a set of interfaces that connect the application to the actual algorithm implementation program. Software developers can implement various algorithms according to the JCE interface (also known as the security provider interface), package them into a Provider (security provider), and dynamically load them into the Java runtime environment.
Java Symmetric Encryption-DES Algorithm
• Save the key in a file through object serialization, programming ideas: (1) Get the key generator, (2) Initialize the key generator, (3) Generate the key, (4) ) to save the key in a file via object serialization.
• Save the key in a file by bytes, programming ideas: All key classes in Java have a getEncoded( ) method, through which the main encoding format can be obtained from the key object, and the return value is a byte array . The main steps are: (1) obtain the key, (2) obtain the main encoding format, (3) save the key encoding format
Java Asymmetric Encryption-RSA Algorithm
Java's KeyPairGenerator class provides some methods to create a key pair for asymmetric encryption. After the key pair is created, it is encapsulated in an object of type KeyPair. The KeyPair class provides methods for obtaining public and private keys. The specific steps are as follows:
(1) Create a key pair generator, (2) Initialize the key generator, (3) Generate a key pair, (4) Obtain the public key and private key.
Creating Shared Keys Using Key Agreement
• Asymmetric encryption solves the key distribution problem, but it requires more computation than symmetric keys, so asymmetric encryption is generally not used to encrypt large amounts of data. It is common practice to combine the best of both worlds by encrypting the primary data with a symmetric key and distributing the symmetric key using asymmetric encryption.
• In addition to this, a key agreement can also be used to exchange symmetric keys. The standard algorithm for performing key agreement is the DH algorithm. 1. Create DH public and private keys, 2. Create a shared key.
Java Digest Algorithm - MD5
• Calculates a message digest of a specified string using Java.
The MessageDigest class in the java.security package provides methods for computing message digests.
(1) Generate the MessageDigest object
MessageDigest m=MessageDigest.getInstance("MD5");
(2) Pass in the string to be calculated
m.update(x.getBytes("UTF8" ));
(3) Calculate the message digest
byte s [ ]=m.digest( );
(4) Process the calculation result.
Network
• Network can be divided into: local area network and wide area network.
•The communication protocol of computer network architecture is divided into seven layers, from bottom to top: physical layer (Physics Layer), data link layer (Data Link Layer), network layer (Network Layer), transport layer (Transport Layer) , Session Layer, Presentation Layer, Application Layer. The fourth layer completes the data transmission service, and the upper three layers face users.
HTTP Protocol
• HyperText Transfer Protocol (HTTP, HyperText Transfer Protocol) is the most widely used network protocol on the Internet. All WWW documents must comply with this standard.
• An HTTP request contains: method, request header, and request entity.
java.net.URL and java.net.URLConnection
• URL: Uniform Resource Locator is a concise representation of the location and access methods of resources available from the Internet, and is the address of a standard resource on the Internet. Every file on the Internet has a unique URL that contains information indicating the file's location and what the browser should do with it.
• The java.net.HttpURLConnection class is another way to access HTTP resources. The HttpURLConnection class has full access capabilities and can replace the HttpGet and HttpPost classes. Using HttpUrlConnection to access HTTP resources can use the following six steps:
(1) Using java.net .URL encapsulates the url of the HTTP resource, and uses the openConnection method to obtain the HttpUrlConnection object
(2) Set the request method, such as GET, POST, etc.
(3) Set the input and output and other permissions. If you want to download HTTP resources or upload data to the server, you need to Use the following code to set.
To download HTTP resources, you need to set the parameter value of the setDoInput method to true
(4) Set the http request header. In many cases, you need to set some HTTP request headers according to the actual situation. For example, the following code sets Charset The value of the request header is UTF-8.
(5) Input and output data. This step is to read and write HTTP resources. That is to read and write data through InputStream and OutputStream. The following code obtains the InputStream object and OutputStream Object.
(6) Close the input and output streams. Although it is not necessary to close the input and output streams, the input and output streams will be automatically closed after the application ends, but it is a good practice to show that the input and output streams are closed.