JAVA encrypted signature JCA

Others 2022-04-28 08:38:37 views: 0 
/**
 * JCA ( Java Encryption Framework) : Digest , Signature , Key , Cert , Alogorithm , whether Digest , Signature , Key , Cert , use the algorithm Algorithm .
*
 *
 1 ) MessageDigest : Hash the message to generate a fixed-length message digest ( digest ). Generated by a one-way Hash encryption function acting on the message The
message digest service is actually a byte[] generated by calculating a message (which can be a string, file content, html , etc.) using the hash algorithm . Commonly used encryption algorithm MD5 ,SHA and SHA-1 are actually hash algorithms.
The message digest has two basic properties: it is difficult to generate the same digest for two different messages, and it is difficult to generate a message for the specified digest, and the specified digest ( irreversible )
 is deduced from the message. The message digest algorithm includes MD (Message Digest , Message Digest Algorithm ) , SHA (Secure Hash Algorithm , Secure Hash Algorithm ) , MAC (Message AuthenticationCode , Message Authentication Code Algorithm ) a total of 3 series
 2 ) Signature : The digital signature algorithm is " asymmetric encryption algorithm " and A combination of " Message Digest Algorithms " .
It is the information sender (that is, a digital string that can only be generated by the sender of the information that others cannot forge) will " use its private key to perform the RSA algorithm operation on the characteristic data (or message digest) of the plaintext message." Generate Sign+ plaintext information and send it to the recipient together.
 The function is to ensure that the sender cannot deny that the information has been sent (ie non-repudiation), and also to ensure that the information message has not been tampered with after being signed (ie integrity) .When
 the information receiver receives the message, it can use the sender's public key to verify the digital signature.
 3 ) KeyPairGenerator : Generate the paired public key and private key according to the specified asymmetric algorithm.
 4 ) KeyGenerator according to the specified Symmetric algorithm to generate secret key
 5 ) KeyFactory : Generate public key or private key
 according to the Key specification ( KeySpec ). 6 ) KeyStore : Keystore is a database of keys . The private key in the Keystore will have an associated certificate chain. It is used to identify the corresponding public key. A keystore also contains other trusted entities. A KeyStore is a key , certThe library stores PrivateKey, Aliases, Certs.
 7 ) SecretKeySpec secret key description specification
 8 ) Padding :
     data length: AES and DES in ECB or CBC mode, the data to be encrypted must be an integer multiple of the block length, if No padding is needed then .
    Key length: The key length is fixed. There are three kinds of AES : 128 , 192 , 256bit
     pad There are many ways: PKCS7Padding : use hexadecimal 0x07 to pad 7; Public Key Cryptography Standard
 padding: use a value equal to the number of padding bytes as the padding value.
9 ) SecureRandom : used to generate random numbers or pseudo-random numbers.
*/
/**
 * Common process of
 communication " Plaintext Encryption Transmission API" : * 1. First encrypt the "plaintext file" with the " symmetric encryption key " ( the symmetric algorithm encryption speed is fast, and the plaintext file is relatively large);
 * 2. Use " Asymmetric publicKey" encrypts " symmetric encryption key " ; ( asymmetric algorithm encryption speed is slow, symmetric key file is small)
 * 3. Use " asymmetric PrivateKey" to decrypt " symmetric encryption key " ;
 * 4 .Decrypt the " plaintext file " with the " symmetric encryption
 key " . */
/**
 * Common practices for
 communication API data security verification: * 1. First use RSA to generate a public key and private key pair , keep the private key, and distribute the public key
 * 2. Use RSA private key + message digest algorithm ( eg: MD5WithRSA ) to generate Sign
 * 3.Sign+ plaintext is sent to the receiver (the plaintext needs to be encrypted, please refer to the above)
 * 4. The receiver decrypts the Sign with the RSA public key to generate " original message digest A" , and uses plaintext to generate a new " message digest B"
 *5 .AB for comparison
 */
 /**
 * Company APP related API verification method
 * 1. Generate each APPappKey+appSecret , these two data must be sent to the API caller.
* 2. We use appKey + appSecret + APIData for MD5, and intercept 8-24 bits as signA
 * 3. Plaintext + signA, transmit together
 * 4. Call the same way, generate signB, and verify the correctness of the interface
 *
 * /

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326224992&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com