Skip to content

Home

Jump to bottom
neurite edited this page Apr 30, 2017 · 20 revisions

Basics

  • Random number generation
  • Hashing
  • Symmetric encryption
  • Asymmetric encryption

Java

JCA (Java Cryptography Architecture)

JSSE (Java Secure Socket Extensions)

Standard algorithm names

Tools

openssl

keytool

Bouncy Castle

Bouncy Castle Specifications

Bouncy Castle GitHub mirror

Bouncy Castle tests

Bouncy Castle API

Bouncy Castle PKIX API

Bouncy Castle OpenPGP API

Algorithm Names

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

  • TLS: Or SSL, protocol
  • ECDHE: EC, elliptical curve, algorithm; DHE, E is ephemeral, for forward secrecy
  • ECDSA_WITH_AES_128: Symmetrical encryption after key exchange
  • GCM: Cipher mode
  • SHA256: Hashing

Certificates

Java certificate authority (or root certificate): jre/lib/security/cacerts

Applications

  • ID generation
  • HMAC response signing
  • Encryption at rest (one key per item)
  • Data upload with a special example of code publishing
  • SSL, TLS
  • JWT, JWS, JWE
  • OAuth
Clone this wiki locally