Home

Java

JCA (Java Cryptography Architecture)

JSSE (Java Secure Socket Extensions)

Tools

openssl

keytool

Bouncy Castle

Bouncy Castle GitHub mirror

Bouncy Castle tests

Algorithm Names

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

• TLS: Or SSL, protocol
• ECDHE: EC, elliptical curve, algorithm; DHE, E is ephemeral, for forward secrecy
• ECDSA_WITH_AES_128: Symmetrical encryption after key exchange
• GCM: Cipher mode
• SHA256: Hashing

Certificates

Java certificate authority (or root certificate): jre/lib/security/cacerts