Oracle Crypto

This section provides data and code samples for using the core classes and interfaces of Oracle Crypto. The core classes and interfaces are divided into the follow categories : This class represents a symmetrical key which may be used for encoding, decoding or for MAC operations. This interface represents a public key which may be a RSAPublicKey, a DSAPublicKey, a DHPublicKey or a ECPublicKey example. This interface represents a private key which may be an RSAPrivateKey, a DSAPrivateKey, a DHPrivateKey, an ECPrivateKey or a PrivateKeyPKCS8 example that holds an code secret key.

Reading: Oracle Crypto

This interface represents a key which may be used for encoding or decoding, for generating or verifying a digital signature, or for generating or verifying a MAC. A winder may be a private key, a populace key, or a symmetrical key. Oracle Crypto provides the watch classes and interfaces for working with keys : example 3-5 Code Example for Generating and Saving Symmetric Keys Generate the key copulate with the generateKey ( ) method acting. You can then save the key by using the getEncoded ( ) method. example 3-5 shows how to generate and save a symmetrical key pair. example 3-4 Code Example for Creating a New SymmetricKeyGenerator Instance To get a new symmetrical key generator, create a modern case of SymmetricKeyGenerator by calling the static getInstance ( ) method acting with an AlgorithmIdentifier object as a parameter. case 3-4 shows how to create a new SymmetricKeyGenerator exemplify : This class generates symmetrical key pairs such as Blowfish, DES, 3DES, RC4, RC2, AES, and HMAC keys. Save the keys using the output signal ( ) method acting, or in the case of the private key, encrypt it and save it using the PrivateKeyPKCS8 class. example 3-3 shows how to save a key pair. example 3-2 Code Example for Initializing and Generating a Key Pair Initialize the key pair generator by using one of the format ( ) methods. Generate the key pair with the generateKeyPair ( ) method. exemplar 3-2 shows how to initialize the winder match generator and then generate a key pair : This creates a KeyPairGenerator object from one of the concrete classes : RSAKeyPairGenerator, DSAKeyPairGenerator, DHKeyPairGenerator, or ECKeyPairGenerator. exemplar 3-1 Code Example for Creating a New KeyPairGenerator Instance To get a newly key pair generator, create a newly case of KeyPairGenerator by calling the inactive getInstance ( ) method with an AlgorithmIdentifier object as a argument. exemplar 3-1 shows how to create a new KeyPairGenerator exemplify : This abstract class is used to generate key pairs such as RSA, DSA, Diffie-Hellman or ECDSA key pairs. Oracle Crypto provides the come classes for keystone generation :

3.3.3 Ciphers

The Oracle Crypto Cipher classes and interfaces are divided into the follow categories :

3.3.3.1 Symmetric Ciphers

The symmetrical ciphers are made up of two categories : deoxythymidine monophosphate he block ciphers ( such as Blowfish, DES, 3DES, RC2, and AES ) and the stream ciphers ( such as RC4 ) .
A symmetrical cipher can be used for four types of operations :

  • encoding of raw data. Use one of the encrypt() methods by passing data to be encrypted .
  • decoding of encrypted data. Use one of the decrypt() methods by passing encrypted data to be decrypted .
  • Wrapping of private or symmetrical keys. Use one of the wrapKey() methods by passing the private or symmetrical samara to be encrypted .
  • unwrap of individual or symmetrical encrypted keys. Use either the unwrapPrivateKey() or the unwrapSymmetricKey() method acting by passing the code private or symmetrical key to be decrypted .

The concrete stop cipher classes extend the abstract oracle.security.crypto.core.BlockCipher class, which extends the oracle.security.crypto.core.Cipher class. The flow cipher classes directly extend the oracle.security.crypto.core.Cipher class .
To create a new exemplify of Cipher, call the static getInstance() method with an AlgorithmIdentifier and a Key object as parameters .
case 3-6 shows how to create a new Cipher example. First an RC4 object is created and initialized with the specified key. Second a obstruct calculate DES aim is created and initialized with the specified keystone and padding. This creates a zero and initializes it with the guide parameters. To re-initialize an existing calculate, call one of the initialize() methods .
example 3-6 Code Example for Creating a Cipher Instance

Cipher rc4 = Cipher.getInstance(AlgID.rc4, rc4SymKey);

Cipher desCipher = Cipher.getInstance(AlgID.desCBC, desSymKey, Padding.PKCS5);

When using CBC ciphers, the AlgorithmIdentifier object may hold cryptanalytic parameters such as the low-level formatting vector ( IV ) or the effective key length for RC2 ciphers. To specify these parameters when creating or initializing block ciphers, build a CBCAlgorithmIdentifier object or RC2AlgorithmIdentifier object with the cryptanalytic parameters. Example 3-7 shows how to create and initialize a CBC code and a RC2 calculate .
exercise 3-7 Code Example for Creating and Initializing CBC Ciphers

CBCAlgorithmIdentifier cbcAlgID = 
    new CBCAlgorithmIdentifier(AlgID.desCBC, iv);
desCipher.initialize(cbcAlgID, desSymKey, Padding.PKCS5);
RC2AlgorithmIdentifier rc2AlgID = 
    new RC2AlgorithmIdentifier(iv, 56);
BlockCipher rc2Cipher = 
    (BlockCipher)Cipher.getInstance(rc2AlgID, rc2SymKey, Padding.PKCS5);

3.3.3.2 The RSA Cipher

The RSA cipher is an implementation of PKCS # 1 v2.0 that supports the RSAES-OAEP and RSAES-PKCS1-v1_5 encoding schemes. According to the specification, RSAES-OAEP is recommended for raw applications, and RSAES-PKCS1-v1_5 is included merely for compatibility with existing applications and protocols .
The encoding schemes are used to combine RSA encoding and decoding primitives with an encoding method. encoding and decoding can only be done through the methods encrypt(byte[]) and decrypt(byte[]) .
You can use an RSA cipher for four types of operations :

  • encoding of raw data. Use one of the encrypt() methods by passing data to be encrypted .
  • decoding of encrypted data. Use one of the decrypt() methods by passing encrypted data to be decrypted .
  • envelop of keys. Use the wrapKey() method acting by passing the winder to be encrypted .
  • unwrap of code keys. Use the unwrapSymmetricKey() method by passing the code key to be decrypted .

To create a new case of Cipher, call the static getInstance() method acting with AlgorithmIdentifier and Key objects as parameters. exemplar 3-8 demonstrates how to create an RSApkcs1 object and initialize it with the specified key. The zero can then be used to encrypt or decrypt data .
case 3-8 Code Example for Creating and Initializing an RSA Cipher

Cipher rsaEnc = Cipher.getInstance(AlgID.rsaEncryption, pubKey);
byte[] encryptedData = rsaEnc.encrypt(data);
Cipher rsaDec = Cipher.getInstance(AlgID..rsaEncryption, privKey);
byte[] decryptedData = rsaDec.decrypt(encryptedData);

When using RSA ciphers, the AlgorithmIdentifier object may hold cryptanalytic parameters such as the dissemble generation function for RSAES-OAEP. To specify these parameters when creating or initializing RSA ciphers, build an OAEPAlgorithmIdentifier, or use the nonpayment one located in the oracle.security.crypto.core.AlgID interface .

3.3.3.3 Password Based Encryption

The outline oracle.security.crypto.core.PBE class provides methods for Password Based Encryption ( PBE ) operations. The concrete classes extending the PBE are the PKCS5PBE and PKCS12PBE classes .
You can use a PBE object for four types of operations :

  • encoding of natural data. For example :

    byte[] encData = pbeEnc.encrypt(" myPassword", data);
    
  • decoding of encrypted data. For example :

    byte[] decData = pbeDec.decrypt(" myPassword", encData);
    
  • Wrapping of private or symmetrical keys. For case :

    byte[] encPrivKey = pbeEnc.encryptPrivateKey(" myPassword", privKey);
    byte[] encSymKey = pbeEnc.encryptSymmetricKey(" myPassword", symKey);
    
  • unwrap of individual or symmetrical encrypted keys. For example :

    PrivateKey decPrivKey = pbeDec.decryptPrivateKey(" myPassword", encPrivKey);
    SymmetricKey decSymKey = pbeDec.decryptSymmetricKey(" myPassword", encSymKey);
    

To create a newfangled case of PBE, call the inactive getInstance() method with a PBEAlgorithmIdentifier object as a parameter. For case :

PBE pbeEnc = PBE.getInstance(pbeAlgID);

This will create a PKCS5PBE object and initialize it with the specified PBE algorithm. The PBE can then be used to encrypt or decrypt data, wind or unwrap keys .
When using PBE objects, the AlgorithmIdentifier object may hold cryptanalytic parameters such as the salt or the iteration count adenine well as the ASN.1 Object Identifier specifying the PBE algorithm to use. To specify these parameters when creating or initializing PBEs, build a PBEAlgorithmIdentifier object with the cryptanalytic parameters .
exercise 3-9 Code Example for Creating a PBE Object

PBEAlgorithmIdentifier pbeAlgID = 
    new PBEAlgorithmIdentifier(PBEAlgorithmIdentifier.pbeWithMD5AndDES_CBC, salt, 1024);
pbeEnc.initialize(pbeAlgID);
PBE pbeDec = PBE.getInstance(pbeAlgID);

Leave a Reply

Your email address will not be published.