Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dôležité triedy a interface: Cipher MAC SecureRandom KeyGenerator KeyPairGenerator Signature KeyStore.

Published byLynette Bailey Modified over 9 years ago

Similar presentations

Presentation on theme: "Dôležité triedy a interface: Cipher MAC SecureRandom KeyGenerator KeyPairGenerator Signature KeyStore."— Presentation transcript:

1

2 Dôležité triedy a interface: Cipher MAC SecureRandom KeyGenerator KeyPairGenerator Signature KeyStore

3 JAVA APIJS API JCA JCE

4 Abstraction Layer Service Provider Interface Provider functionality Application code JCE/JCA API JCE/JCA SPI Classes In Provider Provider Internal Classes

5 private static Key createKey() throws Exception { Key k = null; KeyGenerator kg = KeyGenerator.getInstance(“AES”); k = kg.generateKey(); return k; }

6 private static KeyPair createKeyPair() throws Exception { KeyPair k = null; KeyGenerator kg = KeyGenerator.getInstance(“RSA”); k = kg.generateKeyPair(); return k; }

7 private static PublicKey getPubliceKey(KeyPair kp) throws Exception { return kp.getPublic(); } private static PrivateKey getPrivateKey(KeyPair kp) throws Exception { return kp.getPrivate(); }

8 1.Vytvoríme alebo načítame inštanciu triedy Key 2.Vytvoríme inštanciu triedy Cipher v šifrovacom móde 3.Vykonáme šifrovanie

9 private static byte[] encrypt(String plainText, PrivateKey pk) throws Exception { byte[] plainData = plainText.getBytes(“UTF-8”); Cipher c = Cipher.getInstance(“RSA”); c.init(Cipher.ENCRYPT_MODE, pk); byte[] cipherData = c.doFinal(plainData); return cipherData; }

10 1.Načítame inštanciu triedy Key 2.Vytvoríme inštanciu triedy Cipher v dešifrovacom móde 3.Vykonáme dešifrovanie

11 private static byte[] decrypt(byte[] cipherData, PublicKey pk) throws Exception { Cipher c = Cipher.getInstance(“RSA”); c.init(Cipher.DECRYPT_MODE, pk); byte[] plainData = c.doFinal(plainData); return plainData; }

12 private static Certificate getCertificate (File file) throws Exception { Certificate certificate = null; FileInputStream is = new FileInputStream(file); CertificateFactory cf = CertificateFactory.getInstance(“X.509”); certificate = cf.generateCertificate(is); return certificate; }

13 public byte[] getHash(String input) throws Exception { MessageDigest messageDigest = MessageDigest.getInstance(“SHA”); messageDigest.reset(); messageDigest.update(input.getBytes(“UTF-8”)); return messageDigest.digest(); }

14 public static byte[] sign(String input, PrivateKey pk) throws Exception { Signature sign = Signature.getInstance(“DSA”); signature.initSign(pk); signature.update(input.getBytes(“UTF-8”)); return signature.sign(); }

15 public static boolean verify(byte[] input, PublicKey pk) throws Exception { Signature sign = Signature.getInstance(“DSA”); signature.initVerify(pk); return signature.verify(input); }

16 keytool -genkey –alias ALIAS -keystore main.keystore -keypass KEYPASS -storepass STOREPASS -keyalg RSA keytool -exportcert -alias ALIAS –file certificate.cer -keystore main.keystore -keypass KEYPASS -storepass STOREPASS

17 private static Key getKey() throws Exception{ Key k = null; KeyStore ks = KeyStore.getInstance(“jks”); ks.load(new FileInputStream(“main.keystore”), “STOREPASS”.toCharArray()); k = ks.getKey(“ALIAS”, “KEYPASS”.toCharArray()); return k; }

18 private static void saveKey() throws Exception{ Key k = null; KeyStore ks = KeyStore.getInstance(“jks”); KeyGenerator kg = KeyGenerator.getInstance(“AES”); k = kg.generateKey(); ks.setKeyEntry(“ALIAS”, k, “KEYPASS”.toCharArray(), null); ks.store(new FileOutputStream(“main.keystore”), “STOREPASS”.toCharArray()); }

19 Základný tvar príkazu: jarsigner jar-file alias jar-file – cesta a meno súboru, ktorý chceme podpisovať alias - alias identifikujúci súkromný kľúč, ktorý bude použitý na podpísanie.jar súboru jarsigner –keystore main.keystore –storepass STOREPASS –keypass KEYPASS file.jar ALIAS

20 vygenerovanie páru kľúčov vytvorenie certifikátu vytvorenie aplikácie typu klient-server komunikujúci cez SSLServerSocket a SSLSocket

21 prístup k súkromnému kľúču(dekódovanie správ) prístup k certifikátu(musí ho poslať klientovi) vytvoriť SSL server socket

22 Normálne sockety: serverSocket = new ServerSocket(port); clientSocket = serverSocket.accept();

23 Štruktúra zdrojového kódu: importy public class SecureSocketServer { deklarácia premenných public static voi main(String[] args) { inicializácia SSLServerSocket sslClientSocket = (SSLSocket) SSLServerSocket.accept(); asociácia I/O streamov so socketmi Input/Output (komunikácia) zatváranie socketov a streamov }

24 import java.net.*; import java.io.*; import javax.net.ssl.*; import java.security.*; public class SecureSocketServer { static final String KEYSTORE = "myStore.ks"; static final String STOREPASSWD = "123456"; static final String ALIASPASSWD = "123456";

25 public static void main(String[] args) throws Exception { KeyStore ks = KeyStore.getInstance("JCEKS"); ks.load( new FileInputStream( KEYSTORE ), STOREPASSWD.toCharArray() ); KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); kmf.init( ks, ALIASPASSWD.toCharArray() ); SSLContext sslContext = SSLContext.getInstance( "TLS" );

26 sslContext.init( kmf.getKeyManagers(), null, null ); SSLServerSocketFactory sslServerFactory = sslContext.getServerSocketFactory(); SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerFactory.createServerSocket(4444); sslServerSocket.setEnabledCipherSuites( sslServerSocket.getSupportedCipherSuites());

27 SSLSocket sslClientSocket = (SSLSocket)sslServerSocket.accept();

28 PrintWriter out = new PrintWriter(sslClientSocket.getOutputStream(), true); BufferedReader in = new BufferedReader(new InputStreamReader( sslClientSocket.getInputStream())); String inputLine = in.readLine(); if (inputLine.equals("Hello")) out.println("Connection established"); else out.println("Connection refused");

29 out.close(); in.close(); sslClientSocket.close(); sslServerSocket.close(); }

30 SSLContext sslContext = SSLContext.getInstance( "TLS" ); KeyStore ts = KeyStore.getInstance("JCEKS"); ts.load(new FileInputStream(TRUSTSTORE), TRUSTSTOREPASSWD.toCharArray()); TrustManagerFactory tfm = TrustManagerFactory.getInstance("SunX509"); tfm.init(ts); sslContext.init(null, tfm.getTrustManagers(), null ); SSLSocketFactory sslFact = sslContext.getSocketFactory(); SSLSocket client = (SSLSocket)sslFact.createSocket("localhost",4444); client.setEnabledCipherSuites( client.getSupportedCipherSuites());

Download ppt "Dôležité triedy a interface: Cipher MAC SecureRandom KeyGenerator KeyPairGenerator Signature KeyStore."

Similar presentations

Java Cryptography & Internet Security

Java Cryptography & Internet Security
Socket Programming By Ratnakar Kamath. What Is a Socket? Server has a socket bound to a specific port number. Client makes a connection request. Server.

Socket Programming By Ratnakar Kamath. What Is a Socket? Server has a socket bound to a specific port number. Client makes a connection request. Server.
Applied Cryptography1 Michael McCarthy. Applied Cryptography2 “SOAP is going to open up a whole new avenue for security vulnerabilities” Bruce Schneier,

Applied Cryptography1 Michael McCarthy. Applied Cryptography2 “SOAP is going to open up a whole new avenue for security vulnerabilities” Bruce Schneier,
Java Threads A tool for concurrency. OS schedules processes Ready 205 198 201 Running 200 Blocked 177 206 180 185 A process loses the CPU and another.

Java Threads A tool for concurrency. OS schedules processes Ready Running 200 Blocked A process loses the CPU and another.
Exception examples. import java.io.*; import java.util.*; class IO { private String line; private StringTokenizer tokenizer; public void newline(DataInputStream.

Exception examples. import java.io.*; import java.util.*; class IO { private String line; private StringTokenizer tokenizer; public void newline(DataInputStream.
Programming Applets How do Applets work ? This is an HTML page This is the applet’s code It has a link to an applet.

Programming Applets How do Applets work ? This is an HTML page This is the applet’s code It has a link to an applet.
95-702 Distributed Systems1 Lecture 12: RSA. 95-702 Distributed Systems2 Plan for today: Introduce RSA and a toy example using small numbers. This is.

Distributed Systems1 Lecture 12: RSA Distributed Systems2 Plan for today: Introduce RSA and a toy example using small numbers. This is.
Client/Server example. Server import java.io.*; import java.net.*; import java.util.*; public class PrimeServer { private ServerSocket sSoc; public static.

Client/Server example. Server import java.io.*; import java.net.*; import java.util.*; public class PrimeServer { private ServerSocket sSoc; public static.
Java sockets. From waiting.

Java sockets. From waiting.
System Programming Practical session 11 Multiple clients server Non-Blocking I/O.

System Programming Practical session 11 Multiple clients server Non-Blocking I/O.
The Java Crypto API ICW Lecture 3 Tom Chothia. Reminder of Last Time: Your programs defines “Classes”. Each class defines “Objects”. An Object is defined.

The Java Crypto API ICW Lecture 3 Tom Chothia. Reminder of Last Time: Your programs defines “Classes”. Each class defines “Objects”. An Object is defined.
Projekt współfinansowany przez Unię Europejską w ramach Europejskiego Funduszu Społecznego „Networking”

Projekt współfinansowany przez Unię Europejską w ramach Europejskiego Funduszu Społecznego „Networking”
Strings and File I/O. Strings Java String objects are immutable Common methods include: –boolean equalsIgnoreCase(String str) –String toLowerCase() –String.

Strings and File I/O. Strings Java String objects are immutable Common methods include: –boolean equalsIgnoreCase(String str) –String toLowerCase() –String.
1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University.

1 Internet and Intranet Protocols and Applications Lecture 9b: How Java Supports SSL March, 2004 Arthur Goldberg Computer Science Department New York University.
Java Review 2. The Agenda The following topics were highlighted to me as issues: –File IO (Rem) –Wrappers (Rem) –Interfaces (Rem) –Asymptotic Notation.

Java Review 2. The Agenda The following topics were highlighted to me as issues: –File IO (Rem) –Wrappers (Rem) –Interfaces (Rem) –Asymptotic Notation.
Certificates, SSL and IPsec Ahmed Muaydh Sara Bin Saif Shi-Jey Chou Advisor:Dr. Leszek Lilien.

Certificates, SSL and IPsec Ahmed Muaydh Sara Bin Saif Shi-Jey Chou Advisor:Dr. Leszek Lilien.
Secure Sockets SSL/TLS ICW: Lecture 6 Tom Chothia.

Secure Sockets SSL/TLS ICW: Lecture 6 Tom Chothia.
CSE 341, S. Tanimoto Java networking- 1 Java Networking Motivation Network Layers Using Sockets A Tiny Server Applets URLs Downloading Images, MediaTracker.

CSE 341, S. Tanimoto Java networking- 1 Java Networking Motivation Network Layers Using Sockets A Tiny Server Applets URLs Downloading Images, MediaTracker.
Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.

Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.
1 Homework Study Java Cryptography by Reading the rest of slides and accessing Sun ’ s Java website:

1 Homework Study Java Cryptography by Reading the rest of slides and accessing Sun ’ s Java website:

Similar presentations

Ads by Google