目录
- 概述
- 1 JCA
- 2 JCE
- 3 加密服务提供程序(CSP)
- 3.1 JDK可用的Provider列表
- 3.1.1 JDK Provider算法列表
- 3.2 添加Bouncy Castle Provider
- 3.2.1 动态添加
- 3.2.2 静态添加
- 3.2.3 Bouncy Castle Provider算法列表
- 4 Engine类和算法
- 4.1 引擎类的使用示例-AES加密解密
- 4.2 引擎类支持的算法列表
概述
Java安全体系结构总共分为4个部分:
- JCA( Java Cryptography Architecture, Java加密体系结构):JCA提供基本的加密框架, 如证书、 数字签名、消息摘要和密钥对产生器。
- JCE( Java Cryptography Extension, Java加密扩展包):JCE在JCA的基础上作了扩展, 提供了各种加密算法、 消息摘要算法和密钥管理等功能。JCE的实现主要在javax.crypto包( 及其子包) 中
- JSSE( Java Secure Sockets Extension, Java安全套接字扩展包):JSSE提供了基于SSL( Secure Sockets Layer,安全套接字层) 的加密功能。 在网络的传输过程中, 信息会经过多个主机(很有可能其中一台就被窃听) , 最终传送给接收者, 这是不安全的。这种确保网络通信安全的服务就是由JSSE来提供的。
- JAAS( Java Authentication and Authentication Service, Java鉴别与安全服务):JAAS提供了在Java平台上进行用户身份鉴别的功能。
1 JCA
JCA和JCE是Java平台提供的用于安全和加密服务的两组API。它们并不执行任何算法,它们只是连接应用和实际算法实现程序的一组接口。
官方链接: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html
JCA( Java Cryptography Architecture, Java加密体系结构)围绕以下原则设计:
- 实现独立性:应用程序不需要实现安全算法。相反,他们可以从Java平台请求安全服务。安全服务在提供程序中实现,它们通过标准接口插入Java平台。应用程序可能依赖多个独立提供程序来实现安全功能。
- 实现互操作性:提供程序可跨应用程序进行互操作。具体而言,应用程序未绑定到特定提供程序,并且提供程序未绑定到特定应用程序。
- 算法可扩展性:Java平台包括许多内置提供程序,这些提供程序实现了当今广泛使用的基本安全服务集。但是,某些应用程序可能依赖于尚未实施的新兴标准或专有服务。Java平台支持安装实现此类服务的自定义提供程序。
JCA相关代码位于JDK的rt.jar中的java.security包及其子包中。
2 JCE
软件开发商可以根据JCE接口( 又称安全提供者接口) 将各种算法实现后,打包成一个Provider( 安全提供者) , 动态地加载到Java运行环境中。
java.security.Provider是所有安全提供程序的基类。
根据美国出口限制规定, JCA可出口, 但JCE对部分国家是限制出口的。 因此, 要实现一个完整的安全结构,就需要一个或多个第三方厂商提供的JCE产品, 称为安全提供者。 BouncyCastle JCE就是其中的一个安全提供者。
JCE相关代码位于JDK的jce.jar中的javax.crypto包及其子包中。
3 加密服务提供程序(CSP)
加密服务提供程序Cryptographic Service Provider (CSP),是指实现一个或多个密码服务(如数字签名算法,消息摘要算法和密钥转换服务)的包或一组包。java.security.Provider是所有安全提供程序的基类。 每个CSP都包含这个类的一个实例,它包含了提供者的名字,并列出了它实现的所有安全服务/算法。 当需要特定算法的实例时,JCA框架会咨询提供者的数据库,如果找到合适的匹配项,则创建该实例。
Provider包含一个包(或一组包),为声明的加密算法提供具体的实现。 每个JDK安装都默认安装并配置了一个或多个提供程序。 其他提供者可以静态或动态添加(参见Provider和Security类)。 客户端可以配置其运行时环境来指定提供程序的首选顺序。 首选顺序是在没有请求特定提供者时提供者搜索请求的服务的顺序。
要使用JCA,应用程序只需要请求特定类型的对象(如MessageDigest)和特定的算法或服务(如“SHA-256”算法),并从一个已安装的提供者获取实现。 或者,程序可以请求来自特定提供者的对象。 每个提供者都有一个名字来引用它。
应用程序需要一个“AES”算法的javax.crypto.Cipher实例,并不关心使用哪个提供者。应用程序调用Cipher引擎类的getInstance()工厂方法,然后请求JCA框架查找支持“AES”的第一个提供程序实例。该框架会咨询每个已安装的提供者,并获取提供者类的提供者实例。
3.1 JDK可用的Provider列表
每个JDK安装都默认安装并配置了一个或多个provider包。
JDK中的加密库出于历史原因,由几个不同的提供者实现,可以运行如下程序查看JDK可用的Provider列表:
public static void printAllSecurityProviders() {
for (Provider provider : Security.getProviders())
{
System.out.println("Provider: " + provider.getName() + " (ver " + provider.getVersion() + ")");
}
}在JDK8中输出如下:
Provider: SUN (ver 1.8)
Provider: SunRsaSign (ver 1.8)
Provider: SunEC (ver 1.8)
Provider: SunJSSE (ver 1.8)
Provider: SunJCE (ver 1.8)
Provider: SunJGSS (ver 1.8)
Provider: SunSASL (ver 1.8)
Provider: XMLDSig (ver 1.8)
Provider: SunPCSC (ver 1.8)
Provider: SunMSCAPI (ver 1.8)
Provider: BC (ver 1.72)3.1.1 JDK Provider算法列表
可以运行如下程序查看JDK的JCE默认提供的所有的算法列表:
// 输出MarkDown格式的表格,具体内容见下表
public static String printAllSecurityProvidersInMdTable() {
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append("Provider Name|Provider Version|Algorithm Type|Algorithm Name\r\n");
stringBuilder.append("|:-|:-|:-|:-\r\n");
Map<String, Map<String, String>> providers2Algorithms = Arrays.stream(Security.getProviders())
.collect(Collectors.toMap(provider -> provider.getName() + "@" + provider.getVersion(), provider -> provider.getServices().stream().collect(Collectors.toMap(service -> service.getType(), service -> service.getAlgorithm(), (algorithm1, algorithm2) -> algorithm1 + "@" + algorithm2))));
providers2Algorithms.entrySet().stream().sorted(Comparator.comparing(Map.Entry::getKey)).forEachOrdered(entryProvider -> {
String[] provider = entryProvider.getKey().split("@");
Map<String, String> algoType2AlgoName = entryProvider.getValue();
int[] rowNumber = {0};
algoType2AlgoName.entrySet().stream().sorted(Comparator.comparing(Map.Entry::getKey)).forEachOrdered(entryAlgorithm -> {
StringBuilder algorithmCellStr = new StringBuilder();
int[] numberOfAlgorithm = {1};
Arrays.stream(entryAlgorithm.getValue().split("@")).sorted(String::compareTo).forEachOrdered(algorithm -> {
algorithmCellStr.append(algorithm);
if (0 == numberOfAlgorithm[0] % 1) {
algorithmCellStr.append("<br>");
}
numberOfAlgorithm[0]++;
});
stringBuilder.append(String.format("|%s|%s|%s|%s\r\n", 0 == rowNumber[0] ? provider[0] : "", 0 == rowNumber[0] ? provider[1] : "", entryAlgorithm.getKey(), algorithmCellStr.toString()));
rowNumber[0]++;
});
});
return stringBuilder.toString();
}
// 输出纯文本格式
public static void printAllSecurityProviders() {
for (Provider provider : Security.getProviders())
{
System.out.println("Provider: " + provider.getName() + " (ver " + provider.getVersion() + ")");
System.out.print(" Algorithms: ");
ArrayList<String> algos = new ArrayList<String>();
for (Provider.Service service : provider.getServices())
{
algos.add(String.format( "%s (%s)", service.getAlgorithm(), service.getType()));
}
java.util.Collections.sort(algos);
String algorsStr = algos.toString();
algorsStr = algorsStr.substring(1, algorsStr.length()-1);
System.out.println(algorsStr);
System.out.println();
}
}在JDK8中输出如下:
Provider Name | Provider Version | Algorithm Type | Algorithm Name |
SUN | 1.8 | AlgorithmParameterGenerator | DSA |
AlgorithmParameters | DSA | ||
CertPathBuilder | PKIX | ||
CertPathValidator | PKIX | ||
CertStore | Collection LDAP com.sun.security.IndexedCollection | ||
CertificateFactory | X.509 | ||
Configuration | JavaLoginConfig | ||
KeyFactory | DSA | ||
KeyPairGenerator | DSA | ||
KeyStore | CaseExactJKS DKS JKS | ||
MessageDigest | MD2 MD5 SHA SHA-224 SHA-256 SHA-384 SHA-512 | ||
Policy | JavaPolicy | ||
SecureRandom | SHA1PRNG | ||
Signature | NONEwithDSA SHA1withDSA SHA224withDSA SHA256withDSA | ||
SunEC | 1.8 | AlgorithmParameters | EC |
KeyAgreement | ECDH | ||
KeyFactory | EC | ||
KeyPairGenerator | EC | ||
Signature | NONEwithECDSA SHA1withECDSA SHA224withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA | ||
SunJCE | 1.8 | AlgorithmParameterGenerator | DiffieHellman |
AlgorithmParameters | AES Blowfish DES DESede DiffieHellman GCM OAEP PBE PBES2 PBEWithHmacSHA1AndAES_128 PBEWithHmacSHA1AndAES_256 PBEWithHmacSHA224AndAES_128 PBEWithHmacSHA224AndAES_256 PBEWithHmacSHA256AndAES_128 PBEWithHmacSHA256AndAES_256 PBEWithHmacSHA384AndAES_128 PBEWithHmacSHA384AndAES_256 PBEWithHmacSHA512AndAES_128 PBEWithHmacSHA512AndAES_256 PBEWithMD5AndDES PBEWithMD5AndTripleDES PBEWithSHA1AndDESede PBEWithSHA1AndRC2_128 PBEWithSHA1AndRC2_40 PBEWithSHA1AndRC4_128 PBEWithSHA1AndRC4_40 RC2 | ||
Cipher | AES AESWrap AESWrap_128 AESWrap_192 AESWrap_256 AES_128/CBC/NoPadding AES_128/CFB/NoPadding AES_128/ECB/NoPadding AES_128/GCM/NoPadding AES_128/OFB/NoPadding AES_192/CBC/NoPadding AES_192/CFB/NoPadding AES_192/ECB/NoPadding AES_192/GCM/NoPadding AES_192/OFB/NoPadding AES_256/CBC/NoPadding AES_256/CFB/NoPadding AES_256/ECB/NoPadding AES_256/GCM/NoPadding AES_256/OFB/NoPadding ARCFOUR Blowfish DES DESede DESedeWrap PBEWithHmacSHA1AndAES_128 PBEWithHmacSHA1AndAES_256 PBEWithHmacSHA224AndAES_128 PBEWithHmacSHA224AndAES_256 PBEWithHmacSHA256AndAES_128 PBEWithHmacSHA256AndAES_256 PBEWithHmacSHA384AndAES_128 PBEWithHmacSHA384AndAES_256 PBEWithHmacSHA512AndAES_128 PBEWithHmacSHA512AndAES_256 PBEWithMD5AndDES PBEWithMD5AndTripleDES PBEWithSHA1AndDESede PBEWithSHA1AndRC2_128 PBEWithSHA1AndRC2_40 PBEWithSHA1AndRC4_128 PBEWithSHA1AndRC4_40 RC2 RSA | ||
KeyAgreement | DiffieHellman | ||
KeyFactory | DiffieHellman | ||
KeyGenerator | AES ARCFOUR Blowfish DES DESede HmacMD5 HmacSHA1 HmacSHA224 HmacSHA256 HmacSHA384 HmacSHA512 RC2 SunTls12Prf SunTlsKeyMaterial SunTlsMasterSecret SunTlsPrf SunTlsRsaPremasterSecret | ||
KeyPairGenerator | DiffieHellman | ||
KeyStore | JCEKS | ||
Mac | HmacMD5 HmacPBESHA1 HmacSHA1 HmacSHA224 HmacSHA256 HmacSHA384 HmacSHA512 PBEWithHmacSHA1 PBEWithHmacSHA224 PBEWithHmacSHA256 PBEWithHmacSHA384 PBEWithHmacSHA512 SslMacMD5 SslMacSHA1 | ||
SecretKeyFactory | DES DESede PBEWithHmacSHA1AndAES_128 PBEWithHmacSHA1AndAES_256 PBEWithHmacSHA224AndAES_128 PBEWithHmacSHA224AndAES_256 PBEWithHmacSHA256AndAES_128 PBEWithHmacSHA256AndAES_256 PBEWithHmacSHA384AndAES_128 PBEWithHmacSHA384AndAES_256 PBEWithHmacSHA512AndAES_128 PBEWithHmacSHA512AndAES_256 PBEWithMD5AndDES PBEWithMD5AndTripleDES PBEWithSHA1AndDESede PBEWithSHA1AndRC2_128 PBEWithSHA1AndRC2_40 PBEWithSHA1AndRC4_128 PBEWithSHA1AndRC4_40 PBKDF2WithHmacSHA1 PBKDF2WithHmacSHA224 PBKDF2WithHmacSHA256 PBKDF2WithHmacSHA384 PBKDF2WithHmacSHA512 | ||
SunJGSS | 1.8 | GssApiMechanism | 1.2.840.113554.1.2.2 1.3.6.1.5.5.2 |
SunJSSE | 1.8 | KeyFactory | RSA |
KeyManagerFactory | NewSunX509 SunX509 | ||
KeyPairGenerator | RSA | ||
KeyStore | PKCS12 | ||
SSLContext | Default TLS TLSv1 TLSv1.1 TLSv1.2 | ||
Signature | MD2withRSA MD5andSHA1withRSA MD5withRSA SHA1withRSA | ||
TrustManagerFactory | PKIX SunX509 | ||
SunMSCAPI | 1.8 | Cipher | RSA RSA/ECB/PKCS1Padding |
KeyPairGenerator | RSA | ||
KeyStore | Windows-MY Windows-ROOT | ||
SecureRandom | Windows-PRNG | ||
Signature | MD2withRSA MD5withRSA NONEwithRSA SHA1withRSA SHA256withRSA SHA384withRSA SHA512withRSA | ||
SunPCSC | 1.8 | TerminalFactory | PC/SC |
SunRsaSign | 1.8 | KeyFactory | RSA |
KeyPairGenerator | RSA | ||
Signature | MD2withRSA MD5withRSA SHA1withRSA SHA224withRSA SHA256withRSA SHA384withRSA SHA512withRSA | ||
SunSASL | 1.8 | SaslClientFactory | CRAM-MD5 DIGEST-MD5 EXTERNAL GSSAPI NTLM PLAIN |
SaslServerFactory | CRAM-MD5 DIGEST-MD5 GSSAPI NTLM | ||
XMLDSig | 1.8 | KeyInfoFactory | DOM |
TransformService | http://www.w3.org/2000/09/xmldsig#base64http://www.w3.org/2000/09/xmldsig#enveloped-signature http://www.w3.org/2001/10/xml-exc-c14n# http://www.w3.org/2001/10/xml-exc-c14n#WithComments http://www.w3.org/2002/06/xmldsig-filter2 http://www.w3.org/2006/12/xml-c14n11 http://www.w3.org/2006/12/xml-c14n11#WithComments http://www.w3.org/TR/1999/REC-xpath-19991116 http://www.w3.org/TR/1999/REC-xslt-19991116 http://www.w3.org/TR/2001/REC-xml-c14n-20010315 http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments | ||
XMLSignatureFactory | DOM |
其中SunJCE的实现如下:
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package com.sun.crypto.provider;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.SecureRandom;
public final class SunJCE extends Provider {
private static final long serialVersionUID = 6812507587804302833L;
private static final String info = "SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)";
private static final String OID_PKCS12_RC4_128 = "1.2.840.113549.1.12.1.1";
private static final String OID_PKCS12_RC4_40 = "1.2.840.113549.1.12.1.2";
private static final String OID_PKCS12_DESede = "1.2.840.113549.1.12.1.3";
private static final String OID_PKCS12_RC2_128 = "1.2.840.113549.1.12.1.5";
private static final String OID_PKCS12_RC2_40 = "1.2.840.113549.1.12.1.6";
private static final String OID_PKCS5_MD5_DES = "1.2.840.113549.1.5.3";
private static final String OID_PKCS5_PBKDF2 = "1.2.840.113549.1.5.12";
private static final String OID_PKCS5_PBES2 = "1.2.840.113549.1.5.13";
private static final String OID_PKCS3 = "1.2.840.113549.1.3.1";
static final boolean debug = false;
private static volatile SunJCE instance = null;
static SecureRandom getRandom() {
return SunJCE.SecureRandomHolder.RANDOM;
}
public SunJCE() {
super("SunJCE", 1.8D, "SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)");
AccessController.doPrivileged(new PrivilegedAction<Object>() {
public Object run() {
SunJCE.this.put("Cipher.RSA", "com.sun.crypto.provider.RSACipher");
SunJCE.this.put("Cipher.RSA SupportedModes", "ECB");
SunJCE.this.put("Cipher.RSA SupportedPaddings", "NOPADDING|PKCS1PADDING|OAEPPADDING|OAEPWITHMD5ANDMGF1PADDING|OAEPWITHSHA1ANDMGF1PADDING|OAEPWITHSHA-1ANDMGF1PADDING|OAEPWITHSHA-224ANDMGF1PADDING|OAEPWITHSHA-256ANDMGF1PADDING|OAEPWITHSHA-384ANDMGF1PADDING|OAEPWITHSHA-512ANDMGF1PADDING");
SunJCE.this.put("Cipher.RSA SupportedKeyClasses", "java.security.interfaces.RSAPublicKey|java.security.interfaces.RSAPrivateKey");
SunJCE.this.put("Cipher.DES", "com.sun.crypto.provider.DESCipher");
SunJCE.this.put("Cipher.DES SupportedModes", "ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64");
SunJCE.this.put("Cipher.DES SupportedPaddings", "NOPADDING|PKCS5PADDING|ISO10126PADDING");
SunJCE.this.put("Cipher.DES SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher");
SunJCE.this.put("Alg.Alias.Cipher.TripleDES", "DESede");
SunJCE.this.put("Cipher.DESede SupportedModes", "ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64");
SunJCE.this.put("Cipher.DESede SupportedPaddings", "NOPADDING|PKCS5PADDING|ISO10126PADDING");
SunJCE.this.put("Cipher.DESede SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.DESedeWrap", "com.sun.crypto.provider.DESedeWrapCipher");
SunJCE.this.put("Cipher.DESedeWrap SupportedModes", "CBC");
SunJCE.this.put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING");
SunJCE.this.put("Cipher.DESedeWrap SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.PBEWithMD5AndDES", "com.sun.crypto.provider.PBEWithMD5AndDESCipher");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("Cipher.PBEWithMD5AndTripleDES", "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher");
SunJCE.this.put("Cipher.PBEWithSHA1AndDESede", "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("Cipher.PBEWithSHA1AndRC2_40", "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("Cipher.PBEWithSHA1AndRC2_128", "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("Cipher.PBEWithSHA1AndRC4_40", "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("Cipher.PBEWithSHA1AndRC4_128", "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128");
SunJCE.this.put("Alg.Alias.Cipher.OID.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("Alg.Alias.Cipher.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA1AndAES_128", "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA224AndAES_128", "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA256AndAES_128", "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA384AndAES_128", "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA512AndAES_128", "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_128");
SunJCE.this.put("Cipher.PBEWithHmacSHA1AndAES_256", "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_256");
SunJCE.this.put("Cipher.PBEWithHmacSHA224AndAES_256", "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_256");
SunJCE.this.put("Cipher.PBEWithHmacSHA256AndAES_256", "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_256");
SunJCE.this.put("Cipher.PBEWithHmacSHA384AndAES_256", "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_256");
SunJCE.this.put("Cipher.PBEWithHmacSHA512AndAES_256", "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_256");
SunJCE.this.put("Cipher.Blowfish", "com.sun.crypto.provider.BlowfishCipher");
SunJCE.this.put("Cipher.Blowfish SupportedModes", "ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64");
SunJCE.this.put("Cipher.Blowfish SupportedPaddings", "NOPADDING|PKCS5PADDING|ISO10126PADDING");
SunJCE.this.put("Cipher.Blowfish SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.AES", "com.sun.crypto.provider.AESCipher$General");
SunJCE.this.put("Alg.Alias.Cipher.Rijndael", "AES");
SunJCE.this.put("Cipher.AES SupportedModes", "ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|GCM|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128");
SunJCE.this.put("Cipher.AES SupportedPaddings", "NOPADDING|PKCS5PADDING|ISO10126PADDING");
SunJCE.this.put("Cipher.AES SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.AES_128/ECB/NoPadding", "com.sun.crypto.provider.AESCipher$AES128_ECB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.1", "AES_128/ECB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.1", "AES_128/ECB/NoPadding");
SunJCE.this.put("Cipher.AES_128/CBC/NoPadding", "com.sun.crypto.provider.AESCipher$AES128_CBC_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.2", "AES_128/CBC/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.2", "AES_128/CBC/NoPadding");
SunJCE.this.put("Cipher.AES_128/OFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES128_OFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.3", "AES_128/OFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.3", "AES_128/OFB/NoPadding");
SunJCE.this.put("Cipher.AES_128/CFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES128_CFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.4", "AES_128/CFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.4", "AES_128/CFB/NoPadding");
SunJCE.this.put("Cipher.AES_128/GCM/NoPadding", "com.sun.crypto.provider.AESCipher$AES128_GCM_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.6", "AES_128/GCM/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.6", "AES_128/GCM/NoPadding");
SunJCE.this.put("Cipher.AES_192/ECB/NoPadding", "com.sun.crypto.provider.AESCipher$AES192_ECB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.21", "AES_192/ECB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.21", "AES_192/ECB/NoPadding");
SunJCE.this.put("Cipher.AES_192/CBC/NoPadding", "com.sun.crypto.provider.AESCipher$AES192_CBC_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.22", "AES_192/CBC/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.22", "AES_192/CBC/NoPadding");
SunJCE.this.put("Cipher.AES_192/OFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES192_OFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.23", "AES_192/OFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.23", "AES_192/OFB/NoPadding");
SunJCE.this.put("Cipher.AES_192/CFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES192_CFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.24", "AES_192/CFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.24", "AES_192/CFB/NoPadding");
SunJCE.this.put("Cipher.AES_192/GCM/NoPadding", "com.sun.crypto.provider.AESCipher$AES192_GCM_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.26", "AES_192/GCM/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.26", "AES_192/GCM/NoPadding");
SunJCE.this.put("Cipher.AES_256/ECB/NoPadding", "com.sun.crypto.provider.AESCipher$AES256_ECB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.41", "AES_256/ECB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.41", "AES_256/ECB/NoPadding");
SunJCE.this.put("Cipher.AES_256/CBC/NoPadding", "com.sun.crypto.provider.AESCipher$AES256_CBC_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.42", "AES_256/CBC/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.42", "AES_256/CBC/NoPadding");
SunJCE.this.put("Cipher.AES_256/OFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES256_OFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.43", "AES_256/OFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.43", "AES_256/OFB/NoPadding");
SunJCE.this.put("Cipher.AES_256/CFB/NoPadding", "com.sun.crypto.provider.AESCipher$AES256_CFB_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.44", "AES_256/CFB/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.44", "AES_256/CFB/NoPadding");
SunJCE.this.put("Cipher.AES_256/GCM/NoPadding", "com.sun.crypto.provider.AESCipher$AES256_GCM_NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.46", "AES_256/GCM/NoPadding");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.46", "AES_256/GCM/NoPadding");
SunJCE.this.put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher$General");
SunJCE.this.put("Cipher.AESWrap SupportedModes", "ECB");
SunJCE.this.put("Cipher.AESWrap SupportedPaddings", "NOPADDING");
SunJCE.this.put("Cipher.AESWrap SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.AESWrap_128", "com.sun.crypto.provider.AESWrapCipher$AES128");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.5", "AESWrap_128");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.5", "AESWrap_128");
SunJCE.this.put("Cipher.AESWrap_192", "com.sun.crypto.provider.AESWrapCipher$AES192");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.25", "AESWrap_192");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.25", "AESWrap_192");
SunJCE.this.put("Cipher.AESWrap_256", "com.sun.crypto.provider.AESWrapCipher$AES256");
SunJCE.this.put("Alg.Alias.Cipher.2.16.840.1.101.3.4.1.45", "AESWrap_256");
SunJCE.this.put("Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.45", "AESWrap_256");
SunJCE.this.put("Cipher.RC2", "com.sun.crypto.provider.RC2Cipher");
SunJCE.this.put("Cipher.RC2 SupportedModes", "ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64");
SunJCE.this.put("Cipher.RC2 SupportedPaddings", "NOPADDING|PKCS5PADDING|ISO10126PADDING");
SunJCE.this.put("Cipher.RC2 SupportedKeyFormats", "RAW");
SunJCE.this.put("Cipher.ARCFOUR", "com.sun.crypto.provider.ARCFOURCipher");
SunJCE.this.put("Alg.Alias.Cipher.RC4", "ARCFOUR");
SunJCE.this.put("Cipher.ARCFOUR SupportedModes", "ECB");
SunJCE.this.put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING");
SunJCE.this.put("Cipher.ARCFOUR SupportedKeyFormats", "RAW");
SunJCE.this.put("KeyGenerator.DES", "com.sun.crypto.provider.DESKeyGenerator");
SunJCE.this.put("KeyGenerator.DESede", "com.sun.crypto.provider.DESedeKeyGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.TripleDES", "DESede");
SunJCE.this.put("KeyGenerator.Blowfish", "com.sun.crypto.provider.BlowfishKeyGenerator");
SunJCE.this.put("KeyGenerator.AES", "com.sun.crypto.provider.AESKeyGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.Rijndael", "AES");
SunJCE.this.put("KeyGenerator.RC2", "com.sun.crypto.provider.KeyGeneratorCore$RC2KeyGenerator");
SunJCE.this.put("KeyGenerator.ARCFOUR", "com.sun.crypto.provider.KeyGeneratorCore$ARCFOURKeyGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR");
SunJCE.this.put("KeyGenerator.HmacMD5", "com.sun.crypto.provider.HmacMD5KeyGenerator");
SunJCE.this.put("KeyGenerator.HmacSHA1", "com.sun.crypto.provider.HmacSHA1KeyGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.7", "HmacSHA1");
SunJCE.this.put("Alg.Alias.KeyGenerator.1.2.840.113549.2.7", "HmacSHA1");
SunJCE.this.put("KeyGenerator.HmacSHA224", "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA224");
SunJCE.this.put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.8", "HmacSHA224");
SunJCE.this.put("Alg.Alias.KeyGenerator.1.2.840.113549.2.8", "HmacSHA224");
SunJCE.this.put("KeyGenerator.HmacSHA256", "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA256");
SunJCE.this.put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.9", "HmacSHA256");
SunJCE.this.put("Alg.Alias.KeyGenerator.1.2.840.113549.2.9", "HmacSHA256");
SunJCE.this.put("KeyGenerator.HmacSHA384", "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA384");
SunJCE.this.put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.10", "HmacSHA384");
SunJCE.this.put("Alg.Alias.KeyGenerator.1.2.840.113549.2.10", "HmacSHA384");
SunJCE.this.put("KeyGenerator.HmacSHA512", "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA512");
SunJCE.this.put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.11", "HmacSHA512");
SunJCE.this.put("Alg.Alias.KeyGenerator.1.2.840.113549.2.11", "HmacSHA512");
SunJCE.this.put("KeyPairGenerator.DiffieHellman", "com.sun.crypto.provider.DHKeyPairGenerator");
SunJCE.this.put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("AlgorithmParameterGenerator.DiffieHellman", "com.sun.crypto.provider.DHParameterGenerator");
SunJCE.this.put("Alg.Alias.AlgorithmParameterGenerator.DH", "DiffieHellman");
SunJCE.this.put("Alg.Alias.AlgorithmParameterGenerator.OID.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("Alg.Alias.AlgorithmParameterGenerator.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("KeyAgreement.DiffieHellman", "com.sun.crypto.provider.DHKeyAgreement");
SunJCE.this.put("Alg.Alias.KeyAgreement.DH", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyAgreement.OID.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyAgreement.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("KeyAgreement.DiffieHellman SupportedKeyClasses", "javax.crypto.interfaces.DHPublicKey|javax.crypto.interfaces.DHPrivateKey");
SunJCE.this.put("AlgorithmParameters.DiffieHellman", "com.sun.crypto.provider.DHParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("AlgorithmParameters.DES", "com.sun.crypto.provider.DESParameters");
SunJCE.this.put("AlgorithmParameters.DESede", "com.sun.crypto.provider.DESedeParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede");
SunJCE.this.put("AlgorithmParameters.PBE", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("AlgorithmParameters.PBEWithMD5AndDES", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("AlgorithmParameters.PBEWithMD5AndTripleDES", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("AlgorithmParameters.PBEWithSHA1AndDESede", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("AlgorithmParameters.PBEWithSHA1AndRC2_40", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("AlgorithmParameters.PBEWithSHA1AndRC2_128", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("AlgorithmParameters.PBEWithSHA1AndRC4_40", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("AlgorithmParameters.PBEWithSHA1AndRC4_128", "com.sun.crypto.provider.PBEParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("AlgorithmParameters.PBES2", "com.sun.crypto.provider.PBES2Parameters$General");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.5.13", "PBES2");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.5.13", "PBES2");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA1AndAES_128", "com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_128");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA224AndAES_128", "com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_128");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA256AndAES_128", "com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_128");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA384AndAES_128", "com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_128");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA512AndAES_128", "com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_128");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA1AndAES_256", "com.sun.crypto.provider.PBES2Parameters$HmacSHA1AndAES_256");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA224AndAES_256", "com.sun.crypto.provider.PBES2Parameters$HmacSHA224AndAES_256");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA256AndAES_256", "com.sun.crypto.provider.PBES2Parameters$HmacSHA256AndAES_256");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA384AndAES_256", "com.sun.crypto.provider.PBES2Parameters$HmacSHA384AndAES_256");
SunJCE.this.put("AlgorithmParameters.PBEWithHmacSHA512AndAES_256", "com.sun.crypto.provider.PBES2Parameters$HmacSHA512AndAES_256");
SunJCE.this.put("AlgorithmParameters.Blowfish", "com.sun.crypto.provider.BlowfishParameters");
SunJCE.this.put("AlgorithmParameters.AES", "com.sun.crypto.provider.AESParameters");
SunJCE.this.put("Alg.Alias.AlgorithmParameters.Rijndael", "AES");
SunJCE.this.put("AlgorithmParameters.GCM", "com.sun.crypto.provider.GCMParameters");
SunJCE.this.put("AlgorithmParameters.RC2", "com.sun.crypto.provider.RC2Parameters");
SunJCE.this.put("AlgorithmParameters.OAEP", "com.sun.crypto.provider.OAEPParameters");
SunJCE.this.put("KeyFactory.DiffieHellman", "com.sun.crypto.provider.DHKeyFactory");
SunJCE.this.put("Alg.Alias.KeyFactory.DH", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyFactory.OID.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("Alg.Alias.KeyFactory.1.2.840.113549.1.3.1", "DiffieHellman");
SunJCE.this.put("SecretKeyFactory.DES", "com.sun.crypto.provider.DESKeyFactory");
SunJCE.this.put("SecretKeyFactory.DESede", "com.sun.crypto.provider.DESedeKeyFactory");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede");
SunJCE.this.put("SecretKeyFactory.PBEWithMD5AndDES", "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.5.3", "PBEWithMD5AndDES");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.PBE", "PBEWithMD5AndDES");
SunJCE.this.put("SecretKeyFactory.PBEWithMD5AndTripleDES", "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndTripleDES");
SunJCE.this.put("SecretKeyFactory.PBEWithSHA1AndDESede", "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.3", "PBEWithSHA1AndDESede");
SunJCE.this.put("SecretKeyFactory.PBEWithSHA1AndRC2_40", "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWithSHA1AndRC2_40");
SunJCE.this.put("SecretKeyFactory.PBEWithSHA1AndRC2_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWithSHA1AndRC2_128");
SunJCE.this.put("SecretKeyFactory.PBEWithSHA1AndRC4_40", "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.2", "PBEWithSHA1AndRC4_40");
SunJCE.this.put("SecretKeyFactory.PBEWithSHA1AndRC4_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.1", "PBEWithSHA1AndRC4_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA1AndAES_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA224AndAES_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA256AndAES_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA384AndAES_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA512AndAES_128", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA1AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA224AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA256AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256");
SunJCE.this.put("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256");
SunJCE.this.put("SecretKeyFactory.PBKDF2WithHmacSHA1", "com.sun.crypto.provider.PBKDF2Core$HmacSHA1");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.OID.1.2.840.113549.1.5.12", "PBKDF2WithHmacSHA1");
SunJCE.this.put("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.5.12", "PBKDF2WithHmacSHA1");
SunJCE.this.put("SecretKeyFactory.PBKDF2WithHmacSHA224", "com.sun.crypto.provider.PBKDF2Core$HmacSHA224");
SunJCE.this.put("SecretKeyFactory.PBKDF2WithHmacSHA256", "com.sun.crypto.provider.PBKDF2Core$HmacSHA256");
SunJCE.this.put("SecretKeyFactory.PBKDF2WithHmacSHA384", "com.sun.crypto.provider.PBKDF2Core$HmacSHA384");
SunJCE.this.put("SecretKeyFactory.PBKDF2WithHmacSHA512", "com.sun.crypto.provider.PBKDF2Core$HmacSHA512");
SunJCE.this.put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5");
SunJCE.this.put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1");
SunJCE.this.put("Alg.Alias.Mac.OID.1.2.840.113549.2.7", "HmacSHA1");
SunJCE.this.put("Alg.Alias.Mac.1.2.840.113549.2.7", "HmacSHA1");
SunJCE.this.put("Mac.HmacSHA224", "com.sun.crypto.provider.HmacCore$HmacSHA224");
SunJCE.this.put("Alg.Alias.Mac.OID.1.2.840.113549.2.8", "HmacSHA224");
SunJCE.this.put("Alg.Alias.Mac.1.2.840.113549.2.8", "HmacSHA224");
SunJCE.this.put("Mac.HmacSHA256", "com.sun.crypto.provider.HmacCore$HmacSHA256");
SunJCE.this.put("Alg.Alias.Mac.OID.1.2.840.113549.2.9", "HmacSHA256");
SunJCE.this.put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256");
SunJCE.this.put("Mac.HmacSHA384", "com.sun.crypto.provider.HmacCore$HmacSHA384");
SunJCE.this.put("Alg.Alias.Mac.OID.1.2.840.113549.2.10", "HmacSHA384");
SunJCE.this.put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384");
SunJCE.this.put("Mac.HmacSHA512", "com.sun.crypto.provider.HmacCore$HmacSHA512");
SunJCE.this.put("Alg.Alias.Mac.OID.1.2.840.113549.2.11", "HmacSHA512");
SunJCE.this.put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512");
SunJCE.this.put("Mac.HmacPBESHA1", "com.sun.crypto.provider.HmacPKCS12PBESHA1");
SunJCE.this.put("Mac.PBEWithHmacSHA1", "com.sun.crypto.provider.PBMAC1Core$HmacSHA1");
SunJCE.this.put("Mac.PBEWithHmacSHA224", "com.sun.crypto.provider.PBMAC1Core$HmacSHA224");
SunJCE.this.put("Mac.PBEWithHmacSHA256", "com.sun.crypto.provider.PBMAC1Core$HmacSHA256");
SunJCE.this.put("Mac.PBEWithHmacSHA384", "com.sun.crypto.provider.PBMAC1Core$HmacSHA384");
SunJCE.this.put("Mac.PBEWithHmacSHA512", "com.sun.crypto.provider.PBMAC1Core$HmacSHA512");
SunJCE.this.put("Mac.SslMacMD5", "com.sun.crypto.provider.SslMacCore$SslMacMD5");
SunJCE.this.put("Mac.SslMacSHA1", "com.sun.crypto.provider.SslMacCore$SslMacSHA1");
SunJCE.this.put("Mac.HmacMD5 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacSHA1 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacSHA224 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacSHA256 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.PBEWithHmacSHA1 SupportedKeyFormatS", "RAW");
SunJCE.this.put("Mac.PBEWithHmacSHA224 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.PBEWithHmacSHA256 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.PBEWithHmacSHA384 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.PBEWithHmacSHA512 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.SslMacMD5 SupportedKeyFormats", "RAW");
SunJCE.this.put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW");
SunJCE.this.put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore");
SunJCE.this.put("KeyGenerator.SunTlsPrf", "com.sun.crypto.provider.TlsPrfGenerator$V10");
SunJCE.this.put("KeyGenerator.SunTls12Prf", "com.sun.crypto.provider.TlsPrfGenerator$V12");
SunJCE.this.put("KeyGenerator.SunTlsMasterSecret", "com.sun.crypto.provider.TlsMasterSecretGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.SunTls12MasterSecret", "SunTlsMasterSecret");
SunJCE.this.put("Alg.Alias.KeyGenerator.SunTlsExtendedMasterSecret", "SunTlsMasterSecret");
SunJCE.this.put("KeyGenerator.SunTlsKeyMaterial", "com.sun.crypto.provider.TlsKeyMaterialGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.SunTls12KeyMaterial", "SunTlsKeyMaterial");
SunJCE.this.put("KeyGenerator.SunTlsRsaPremasterSecret", "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator");
SunJCE.this.put("Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret", "SunTlsRsaPremasterSecret");
return null;
}
});
if (instance == null) {
instance = this;
}
}
static SunJCE getInstance() {
return instance == null ? new SunJCE() : instance;
}
private static class SecureRandomHolder {
static final SecureRandom RANDOM = new SecureRandom();
private SecureRandomHolder() {
}
}
}代码位于sunjce_provider.jar中的com.sun.crypto.provider包下
3.2 添加Bouncy Castle Provider
有一些算法JDK中的Provider并没有提供,用户可以静态或动态添加其他provider。
除了jdk自带的加解密程序,另外两个主要的加解密算法的提供者为bouncy castle和apache common codec,它们提供了额外的算法以及在JDK基础上提高了易用性。其中bouncy castle就提供了Provider的扩展,补充了JDK没有实现的一些算法。
下面我们就以bouncy castle为例,看看如何添加新的Provider扩展:
3.2.1 动态添加
- 首先添加POM依赖或直接下载jar包
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.72</version>
</dependency>- 添加Provider实现类
static {
Security.addProvider(new BouncyCastleProvider());
}- 在实例化组件时显式指定Provider
// 第二个参数就是中bouncy castle提供的Provider的名字
Cipher.getInstance("AES/CBC/NoPadding", "BC");3.2.2 静态添加
修改JDK的配置文件:%JDK_HOME%\jre\lib\security\java.security,添加最后一行:
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=sun.security.ec.SunEC
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.9=sun.security.smartcardio.SunPCSC
security.provider.10=sun.security.mscapi.SunMSCAPI
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider3.2.3 Bouncy Castle Provider算法列表
添加了Bouncy Castle Provider之后,就可以使用上一节的程序输出“BC” provider支持的算法列表了:
Provider Name | Provider Version | Algorithm Type | Algorithm Name |
BC | 1.72 | AlgorithmParameterGenerator | 1.2.804.2.1.1.1.1.1.3.5.1 1.2.804.2.1.1.1.1.1.3.5.2 1.2.804.2.1.1.1.1.1.3.5.3 1.2.840.113549.3.2 1.3.6.1.4.1.188.7.1.1.2 AES ARIA ARIACCM ARIAGCM CAMELLIA CAST5 CCM DES DESEDE DH DSA DSTU7624 ELGAMAL GCM GOST28147 GOST3410 IDEA NOEKEON OID.1.2.804.2.1.1.1.1.1.3.5.1 OID.1.2.804.2.1.1.1.1.1.3.5.2 OID.1.2.804.2.1.1.1.1.1.3.5.3 RC2 SEED SHACAL-2 SM4 Shacal2 |
AlgorithmParameters | 1.2.804.2.1.1.1.1.1.3.5.1 1.2.804.2.1.1.1.1.1.3.5.2 1.2.804.2.1.1.1.1.1.3.5.3 1.2.840.113549.3.2 1.3.6.1.4.1.188.7.1.1.2 AES ARIA BLOWFISH CAMELLIA CAST5 CAST6 CCM CHACHA20-POLY1305 CHACHA7539 DES DESEDE DH DSA DSTU7624 EC ECGOST3410 ECGOST3410-2012 ECIES ELGAMAL GCM GOST28147 GOST3410 Grainv1 HC128 HC256 IDEA IES NOEKEON OAEP OID.1.2.804.2.1.1.1.1.1.3.5.1 OID.1.2.804.2.1.1.1.1.1.3.5.2 OID.1.2.804.2.1.1.1.1.1.3.5.3 PBKDF1 PBKDF2 PKCS12PBE PSS RC2 RC5 RC5-64 RC6 RIJNDAEL SALSA20 SEED SHACAL-2 SKIPJACK SM4 Serpent Shacal2 TEA Threefish-1024 Threefish-256 Threefish-512 Tnepres Twofish XSALSA20 XTEA ZUC-128 ZUC-256 | ||
CertPathBuilder | PKIX RFC3280 RFC3281 | ||
CertPathValidator | PKIX RFC3280 RFC3281 | ||
CertStore | Collection LDAP Multi | ||
CertificateFactory | X.509 | ||
Cipher | 1.2.392.200011.61.1.1.1.2 1.2.392.200011.61.1.1.1.3 1.2.392.200011.61.1.1.1.4 1.2.410.200004.1.4 1.2.410.200046.1.1.1 1.2.410.200046.1.1.11 1.2.410.200046.1.1.12 1.2.410.200046.1.1.13 1.2.410.200046.1.1.14 1.2.410.200046.1.1.2 1.2.410.200046.1.1.3 1.2.410.200046.1.1.4 1.2.410.200046.1.1.6 1.2.410.200046.1.1.7 1.2.410.200046.1.1.8 1.2.410.200046.1.1.9 1.2.643.2.2.13.0 1.2.643.2.2.13.1 1.2.643.2.2.21 1.2.804.2.1.1.1.1.1.3.1.1 1.2.804.2.1.1.1.1.1.3.1.2 1.2.804.2.1.1.1.1.1.3.1.3 1.2.804.2.1.1.1.1.1.3.2.1 1.2.804.2.1.1.1.1.1.3.2.2 1.2.804.2.1.1.1.1.1.3.2.3 1.2.804.2.1.1.1.1.1.3.3.1 1.2.804.2.1.1.1.1.1.3.3.2 1.2.804.2.1.1.1.1.1.3.3.3 1.2.804.2.1.1.1.1.1.3.5.1 1.2.804.2.1.1.1.1.1.3.5.2 1.2.804.2.1.1.1.1.1.3.5.3 1.2.804.2.1.1.1.1.1.3.6.1 1.2.804.2.1.1.1.1.1.3.6.2 1.2.804.2.1.1.1.1.1.3.6.3 1.2.804.2.1.1.1.1.1.3.8.1 1.2.804.2.1.1.1.1.1.3.8.2 1.2.804.2.1.1.1.1.1.3.8.3 1.2.840.113533.7.66.10 1.2.840.113549.1.1.1 1.2.840.113549.1.1.7 1.2.840.113549.1.9.16.3.6 1.2.840.113549.3.2 1.2.840.113549.3.7 1.3.14.3.2.7 1.3.6.1.4.1.11591.13.2.1 1.3.6.1.4.1.11591.13.2.2 1.3.6.1.4.1.11591.13.2.21 1.3.6.1.4.1.11591.13.2.22 1.3.6.1.4.1.11591.13.2.23 1.3.6.1.4.1.11591.13.2.24 1.3.6.1.4.1.11591.13.2.3 1.3.6.1.4.1.11591.13.2.4 1.3.6.1.4.1.11591.13.2.41 1.3.6.1.4.1.11591.13.2.42 1.3.6.1.4.1.11591.13.2.43 1.3.6.1.4.1.11591.13.2.44 1.3.6.1.4.1.188.7.1.1.2 1.3.6.1.4.1.3029.1.1.2 2.16.840.1.101.3.4.1.1 2.16.840.1.101.3.4.1.2 2.16.840.1.101.3.4.1.21 2.16.840.1.101.3.4.1.22 2.16.840.1.101.3.4.1.23 2.16.840.1.101.3.4.1.24 2.16.840.1.101.3.4.1.3 2.16.840.1.101.3.4.1.4 2.16.840.1.101.3.4.1.41 2.16.840.1.101.3.4.1.42 2.16.840.1.101.3.4.1.43 2.16.840.1.101.3.4.1.44 2.5.8.1.1 AES AESRFC3211WRAP AESRFC5649WRAP AESWRAP AESWRAPPAD ARC4 ARIA ARIACCM ARIAGCM ARIARFC3211WRAP ARIAWRAP ARIAWRAPPAD BLOWFISH BROKENPBEWITHMD5ANDDES BROKENPBEWITHSHA1ANDDES CAMELLIA CAMELLIARFC3211WRAP CAMELLIAWRAP CAST5 CAST6 CCM CHACHA CHACHA20-POLY1305 CHACHA7539 DES DESEDE DESEDERFC3211WRAP DESEDEWRAP DESRFC3211WRAP DHIES DHIESWITHDESEDE-CBC DHIESwithAES-CBC DSTU7624 DSTU7624-128 DSTU7624-128KW DSTU7624-256 DSTU7624-256KW DSTU7624-512 DSTU7624-512KW DSTU7624KW ECIES ECIESwithAES-CBC ECIESwithDESEDE-CBC ECIESwithSHA1 ECIESwithSHA1andAES-CBC ECIESwithSHA1andDESEDE-CBC ECIESwithSHA256 ECIESwithSHA256andAES-CBC ECIESwithSHA256andDESEDE-CBC ECIESwithSHA384 ECIESwithSHA384andAES-CBC ECIESwithSHA384andDESEDE-CBC ECIESwithSHA512 ECIESwithSHA512andAES-CBC ECIESwithSHA512andDESEDE-CBC ELGAMAL ELGAMAL/PKCS1 ETSIKEMWITHSHA256 GCM GOST28147 GOST3412-2015 GOST3412-2015/CBC GOST3412-2015/CFB GOST3412-2015/CFB8 GOST3412-2015/CTR GOST3412-2015/OFB Grain128 Grainv1 HC128 HC256 IDEA IES IESWITHDESEDE-CBC IESwithAES-CBC NOEKEON OID.1.2.392.200011.61.1.1.1.2 OID.1.2.392.200011.61.1.1.1.3 OID.1.2.392.200011.61.1.1.1.4 OID.1.2.410.200004.1.4 OID.1.2.410.200046.1.1.1 OID.1.2.410.200046.1.1.11 OID.1.2.410.200046.1.1.12 OID.1.2.410.200046.1.1.13 OID.1.2.410.200046.1.1.14 OID.1.2.410.200046.1.1.2 OID.1.2.410.200046.1.1.3 OID.1.2.410.200046.1.1.4 OID.1.2.410.200046.1.1.6 OID.1.2.410.200046.1.1.7 OID.1.2.410.200046.1.1.8 OID.1.2.410.200046.1.1.9 OID.1.2.804.2.1.1.1.1.1.3.1.1 OID.1.2.804.2.1.1.1.1.1.3.1.2 OID.1.2.804.2.1.1.1.1.1.3.1.3 OID.1.2.804.2.1.1.1.1.1.3.2.1 OID.1.2.804.2.1.1.1.1.1.3.2.2 OID.1.2.804.2.1.1.1.1.1.3.2.3 OID.1.2.804.2.1.1.1.1.1.3.3.1 OID.1.2.804.2.1.1.1.1.1.3.3.2 OID.1.2.804.2.1.1.1.1.1.3.3.3 OID.1.2.804.2.1.1.1.1.1.3.5.1 OID.1.2.804.2.1.1.1.1.1.3.5.2 OID.1.2.804.2.1.1.1.1.1.3.5.3 OID.1.2.804.2.1.1.1.1.1.3.6.1 OID.1.2.804.2.1.1.1.1.1.3.6.2 OID.1.2.804.2.1.1.1.1.1.3.6.3 OID.1.2.804.2.1.1.1.1.1.3.8.1 OID.1.2.804.2.1.1.1.1.1.3.8.2 OID.1.2.804.2.1.1.1.1.1.3.8.3 OID.1.2.840.113533.7.66.10 OID.1.2.840.113549.1.1.1 OID.1.2.840.113549.1.1.7 OID.1.2.840.113549.1.9.16.3.6 OID.1.2.840.113549.3.2 OID.1.2.840.113549.3.7 OID.1.3.14.3.2.7 OID.1.3.6.1.4.1.11591.13.2.1 OID.1.3.6.1.4.1.11591.13.2.2 OID.1.3.6.1.4.1.11591.13.2.21 OID.1.3.6.1.4.1.11591.13.2.22 OID.1.3.6.1.4.1.11591.13.2.23 OID.1.3.6.1.4.1.11591.13.2.24 OID.1.3.6.1.4.1.11591.13.2.3 OID.1.3.6.1.4.1.11591.13.2.4 OID.1.3.6.1.4.1.11591.13.2.41 OID.1.3.6.1.4.1.11591.13.2.42 OID.1.3.6.1.4.1.11591.13.2.43 OID.1.3.6.1.4.1.11591.13.2.44 OID.1.3.6.1.4.1.188.7.1.1.2 OID.1.3.6.1.4.1.3029.1.1.2 OID.2.16.840.1.101.3.4.1.1 OID.2.16.840.1.101.3.4.1.2 OID.2.16.840.1.101.3.4.1.21 OID.2.16.840.1.101.3.4.1.22 OID.2.16.840.1.101.3.4.1.23 OID.2.16.840.1.101.3.4.1.24 OID.2.16.840.1.101.3.4.1.3 OID.2.16.840.1.101.3.4.1.4 OID.2.16.840.1.101.3.4.1.41 OID.2.16.840.1.101.3.4.1.42 OID.2.16.840.1.101.3.4.1.43 OID.2.16.840.1.101.3.4.1.44 OID.2.5.8.1.1 OLDPBEWITHSHAANDTWOFISH-CBC PBEWITHMD2ANDDES PBEWITHMD5AND128BITAES-CBC-OPENSSL PBEWITHMD5AND192BITAES-CBC-OPENSSL PBEWITHMD5AND256BITAES-CBC-OPENSSL PBEWITHMD5ANDDES PBEWITHMD5ANDRC2 PBEWITHSHA1ANDDES PBEWITHSHA1ANDRC2 PBEWITHSHA256AND128BITAES-CBC-BC PBEWITHSHA256AND192BITAES-CBC-BC PBEWITHSHA256AND256BITAES-CBC-BC PBEWITHSHAAND128BITAES-CBC-BC PBEWITHSHAAND128BITRC2-CBC PBEWITHSHAAND128BITRC4 PBEWITHSHAAND192BITAES-CBC-BC PBEWITHSHAAND2-KEYTRIPLEDES-CBC PBEWITHSHAAND256BITAES-CBC-BC PBEWITHSHAAND3-KEYTRIPLEDES-CBC PBEWITHSHAAND40BITRC2-CBC PBEWITHSHAAND40BITRC4 PBEWITHSHAANDIDEA-CBC PBEWITHSHAANDTWOFISH-CBC RC2 RC2WRAP RC5 RC5-64 RC6 RIJNDAEL RSA RSA/1 RSA/2 RSA/ISO9796-1 RSA/OAEP RSA/PKCS1 RSA/RAW SALSA20 SEED SEEDWRAP SHACAL-2 SKIPJACK SM2 SM2WITHBLAKE2B SM2WITHBLAKE2S SM2WITHMD5 SM2WITHRIPEMD160 SM2WITHSHA1 SM2WITHSHA224 SM2WITHSHA256 SM2WITHSHA384 SM2WITHSHA512 SM2WITHWHIRLPOOL SM4 Serpent Shacal2 TEA Threefish-1024 Threefish-256 Threefish-512 Tnepres Twofish VMPC VMPC-KSA3 XIES XIESwithAES-CBC XIESwithSHA1 XIESwithSHA1andAES-CBC XIESwithSHA256 XIESwithSHA256andAES-CBC XIESwithSHA384 XIESwithSHA384andAES-CBC XIESwithSHA512 XIESwithSHA512andAES-CBC XSALSA20 XTEA ZUC-128 ZUC-256 | ||
KeyAgreement | 0.4.0.127.0.7.1.1.5.1.1.1 0.4.0.127.0.7.1.1.5.1.1.2 0.4.0.127.0.7.1.1.5.1.1.3 0.4.0.127.0.7.1.1.5.1.1.4 0.4.0.127.0.7.1.1.5.1.1.5 0.4.0.127.0.7.1.1.5.1.1.6 1.2.840.113549.1.9.16.3.10 1.2.840.113549.1.9.16.3.5 1.3.101.110 1.3.101.111 1.3.132.1.11.0 1.3.132.1.11.1 1.3.132.1.11.2 1.3.132.1.11.3 1.3.132.1.14.0 1.3.132.1.14.1 1.3.132.1.14.2 1.3.132.1.14.3 1.3.132.1.15.0 1.3.132.1.15.1 1.3.132.1.15.2 1.3.132.1.15.3 1.3.133.16.840.63.0.16 1.3.133.16.840.63.0.2 1.3.133.16.840.63.0.3 DH DHUWITHSHA1CKDF DHUWITHSHA1KDF DHUWITHSHA224CKDF DHUWITHSHA224KDF DHUWITHSHA256CKDF DHUWITHSHA256KDF DHUWITHSHA384CKDF DHUWITHSHA384KDF DHUWITHSHA512CKDF DHUWITHSHA512KDF DHWITHSHA1KDF DHWITHSHA224KDF DHWITHSHA256KDF DHWITHSHA384KDF DHWITHSHA512KDF ECCDH ECCDHU ECCDHUWITHSHA1CKDF ECCDHUWITHSHA1KDF ECCDHUWITHSHA224CKDF ECCDHUWITHSHA224KDF ECCDHUWITHSHA256CKDF ECCDHUWITHSHA256KDF ECCDHUWITHSHA384CKDF ECCDHUWITHSHA384KDF ECCDHUWITHSHA512CKDF ECCDHUWITHSHA512KDF ECCDHWITHSHA1CKDF ECCDHWITHSHA1KDF ECCDHWITHSHA224KDF ECCDHWITHSHA256CKDF ECCDHWITHSHA256KDF ECCDHWITHSHA384CKDF ECCDHWITHSHA384KDF ECCDHWITHSHA512CKDF ECCDHWITHSHA512KDF ECDH ECDHC ECDHWITHSHA1KDF ECDHWITHSHA224KDF ECDHWITHSHA256KDF ECDHWITHSHA384KDF ECDHWITHSHA512KDF ECGOST3410 ECGOST3410-2012-256 ECGOST3410-2012-512 ECKAEGWITHRIPEMD160KDF ECKAEGWITHSHA1KDF ECKAEGWITHSHA224KDF ECKAEGWITHSHA256KDF ECKAEGWITHSHA384KDF ECKAEGWITHSHA512KDF ECMQV ECMQVWITHSHA1CKDF ECMQVWITHSHA1KDF ECMQVWITHSHA224CKDF ECMQVWITHSHA224KDF ECMQVWITHSHA256CKDF ECMQVWITHSHA256KDF ECMQVWITHSHA384CKDF ECMQVWITHSHA384KDF ECMQVWITHSHA512CKDF ECMQVWITHSHA512KDF MQVWITHSHA1CKDF MQVWITHSHA1KDF MQVWITHSHA224CKDF MQVWITHSHA224KDF MQVWITHSHA256CKDF MQVWITHSHA256KDF MQVWITHSHA384CKDF MQVWITHSHA384KDF MQVWITHSHA512CKDF MQVWITHSHA512KDF OID.0.4.0.127.0.7.1.1.5.1.1.1 OID.0.4.0.127.0.7.1.1.5.1.1.2 OID.0.4.0.127.0.7.1.1.5.1.1.3 OID.0.4.0.127.0.7.1.1.5.1.1.4 OID.0.4.0.127.0.7.1.1.5.1.1.5 OID.0.4.0.127.0.7.1.1.5.1.1.6 OID.1.2.840.113549.1.9.16.3.10 OID.1.2.840.113549.1.9.16.3.5 OID.1.3.101.110 OID.1.3.101.111 OID.1.3.132.1.11.0 OID.1.3.132.1.11.1 OID.1.3.132.1.11.2 OID.1.3.132.1.11.3 OID.1.3.132.1.14.0 OID.1.3.132.1.14.1 OID.1.3.132.1.14.2 OID.1.3.132.1.14.3 OID.1.3.133.16.840.63.0.2 OID.1.3.133.16.840.63.0.3 X25519 X25519UWITHSHA256KDF X25519WITHSHA256CKDF X25519WITHSHA256KDF X25519WITHSHA384CKDF X25519WITHSHA512CKDF X448 X448UWITHSHA512KDF X448WITHSHA256CKDF X448WITHSHA384CKDF X448WITHSHA512CKDF X448WITHSHA512KDF XDH | ||
KeyFactory | 1.3.6.1.4.1.18227.2.1 1.3.6.1.4.1.22554.4.2 2.16.840.1.114027.80.4.1 COMPOSITE DH DSA DSTU4145 EC ECDH ECDHC ECDSA ECGOST3410 ECGOST3410-2012 ECMQV ED25519 ED448 EDDSA ELGAMAL EXTERNAL GOST3410 LMS OID.1.3.6.1.4.1.18227.2.1 OID.1.3.6.1.4.1.22554.4.2 OID.2.16.840.1.114027.80.4.1 RSA RSASSA-PSS SPHINCSPLUS X.509 X25519 X448 XDH | ||
KeyGenerator | 1.2.392.200011.61.1.1.1.2 1.2.392.200011.61.1.1.1.3 1.2.392.200011.61.1.1.1.4 1.2.392.200011.61.1.1.3.2 1.2.392.200011.61.1.1.3.3 1.2.392.200011.61.1.1.3.4 1.2.410.200004.1.4 1.2.410.200004.7.1.1.1 1.2.410.200046.1.1.1 1.2.410.200046.1.1.11 1.2.410.200046.1.1.12 1.2.410.200046.1.1.13 1.2.410.200046.1.1.14 1.2.410.200046.1.1.2 1.2.410.200046.1.1.3 1.2.410.200046.1.1.34 1.2.410.200046.1.1.35 1.2.410.200046.1.1.36 1.2.410.200046.1.1.37 1.2.410.200046.1.1.38 1.2.410.200046.1.1.39 1.2.410.200046.1.1.4 1.2.410.200046.1.1.40 1.2.410.200046.1.1.41 1.2.410.200046.1.1.42 1.2.410.200046.1.1.43 1.2.410.200046.1.1.44 1.2.410.200046.1.1.45 1.2.410.200046.1.1.6 1.2.410.200046.1.1.7 1.2.410.200046.1.1.8 1.2.410.200046.1.1.9 1.2.804.2.1.1.1.1.1.3.1.1 1.2.804.2.1.1.1.1.1.3.1.2 1.2.804.2.1.1.1.1.1.3.1.3 1.2.804.2.1.1.1.1.1.3.10.1 1.2.804.2.1.1.1.1.1.3.10.2 1.2.804.2.1.1.1.1.1.3.10.3 1.2.804.2.1.1.1.1.1.3.2.1 1.2.804.2.1.1.1.1.1.3.2.2 1.2.804.2.1.1.1.1.1.3.2.3 1.2.804.2.1.1.1.1.1.3.3.1 1.2.804.2.1.1.1.1.1.3.3.2 1.2.804.2.1.1.1.1.1.3.3.3 1.2.804.2.1.1.1.1.1.3.5.1 1.2.804.2.1.1.1.1.1.3.5.2 1.2.804.2.1.1.1.1.1.3.5.3 1.2.804.2.1.1.1.1.1.3.6.1 1.2.804.2.1.1.1.1.1.3.6.2 1.2.804.2.1.1.1.1.1.3.6.3 1.2.804.2.1.1.1.1.1.3.7.1 1.2.804.2.1.1.1.1.1.3.7.2 1.2.804.2.1.1.1.1.1.3.7.3 1.2.804.2.1.1.1.1.1.3.8.1 1.2.804.2.1.1.1.1.1.3.8.2 1.2.804.2.1.1.1.1.1.3.8.3 1.2.840.113549.3.2 1.2.840.113549.3.7 1.3.6.1.4.1.188.7.1.1.2 2.16.840.1.101.3.4.1.1 2.16.840.1.101.3.4.1.2 2.16.840.1.101.3.4.1.21 2.16.840.1.101.3.4.1.22 2.16.840.1.101.3.4.1.23 2.16.840.1.101.3.4.1.24 2.16.840.1.101.3.4.1.25 2.16.840.1.101.3.4.1.26 2.16.840.1.101.3.4.1.27 2.16.840.1.101.3.4.1.28 2.16.840.1.101.3.4.1.3 2.16.840.1.101.3.4.1.4 2.16.840.1.101.3.4.1.41 2.16.840.1.101.3.4.1.42 2.16.840.1.101.3.4.1.43 2.16.840.1.101.3.4.1.44 2.16.840.1.101.3.4.1.45 2.16.840.1.101.3.4.1.46 2.16.840.1.101.3.4.1.47 2.16.840.1.101.3.4.1.48 2.16.840.1.101.3.4.1.5 2.16.840.1.101.3.4.1.6 2.16.840.1.101.3.4.1.7 2.16.840.1.101.3.4.1.8 2.16.840.1.101.3.4.2 2.16.840.1.101.3.4.22 2.16.840.1.101.3.4.42 AES AES-GMAC AESWRAP AESWRAPPAD ARC4 ARIA ARIA-GMAC BLOWFISH CAMELLIA CAMELLIA-GMAC CAST5 CAST6 CAST6-GMAC CHACHA CHACHA7539 DES DESEDE DESEDEWRAP DSTU7624 GOST28147 GOST3412-2015 Grain128 Grainv1 HC128 HC256 HMACDSTU7564-256 HMACDSTU7564-384 HMACDSTU7564-512 HMACGOST3411 HMACGOST3411-2012-256 HMACGOST3411-2012-512 HMACKECCAK224 HMACKECCAK256 HMACKECCAK288 HMACKECCAK384 HMACKECCAK512 HMACMD2 HMACMD4 HMACMD5 HMACRIPEMD128 HMACRIPEMD160 HMACRIPEMD256 HMACRIPEMD320 HMACSHA1 HMACSHA224 HMACSHA256 HMACSHA3-224 HMACSHA3-256 HMACSHA3-384 HMACSHA3-512 HMACSHA384 HMACSHA512 HMACSHA512/224 HMACSHA512/256 HMACSM3 HMACSkein-1024-1024 HMACSkein-1024-384 HMACSkein-1024-512 HMACSkein-256-128 HMACSkein-256-160 HMACSkein-256-224 HMACSkein-256-256 HMACSkein-512-128 HMACSkein-512-160 HMACSkein-512-224 HMACSkein-512-256 HMACSkein-512-384 HMACSkein-512-512 HMACTIGER HMACWHIRLPOOL IDEA KMAC128 KMAC256 NOEKEON NOEKEON-GMAC OID.1.2.392.200011.61.1.1.1.2 OID.1.2.392.200011.61.1.1.1.3 OID.1.2.392.200011.61.1.1.1.4 OID.1.2.392.200011.61.1.1.3.2 OID.1.2.392.200011.61.1.1.3.3 OID.1.2.392.200011.61.1.1.3.4 OID.1.2.410.200004.1.4 OID.1.2.410.200004.7.1.1.1 OID.1.2.410.200046.1.1.1 OID.1.2.410.200046.1.1.11 OID.1.2.410.200046.1.1.12 OID.1.2.410.200046.1.1.13 OID.1.2.410.200046.1.1.14 OID.1.2.410.200046.1.1.2 OID.1.2.410.200046.1.1.3 OID.1.2.410.200046.1.1.34 OID.1.2.410.200046.1.1.35 OID.1.2.410.200046.1.1.36 OID.1.2.410.200046.1.1.37 OID.1.2.410.200046.1.1.38 OID.1.2.410.200046.1.1.39 OID.1.2.410.200046.1.1.4 OID.1.2.410.200046.1.1.40 OID.1.2.410.200046.1.1.41 OID.1.2.410.200046.1.1.42 OID.1.2.410.200046.1.1.43 OID.1.2.410.200046.1.1.44 OID.1.2.410.200046.1.1.45 OID.1.2.410.200046.1.1.6 OID.1.2.410.200046.1.1.7 OID.1.2.410.200046.1.1.8 OID.1.2.410.200046.1.1.9 OID.1.2.804.2.1.1.1.1.1.3.1.1 OID.1.2.804.2.1.1.1.1.1.3.1.2 OID.1.2.804.2.1.1.1.1.1.3.1.3 OID.1.2.804.2.1.1.1.1.1.3.10.1 OID.1.2.804.2.1.1.1.1.1.3.10.2 OID.1.2.804.2.1.1.1.1.1.3.10.3 OID.1.2.804.2.1.1.1.1.1.3.2.1 OID.1.2.804.2.1.1.1.1.1.3.2.2 OID.1.2.804.2.1.1.1.1.1.3.2.3 OID.1.2.804.2.1.1.1.1.1.3.3.1 OID.1.2.804.2.1.1.1.1.1.3.3.2 OID.1.2.804.2.1.1.1.1.1.3.3.3 OID.1.2.804.2.1.1.1.1.1.3.5.1 OID.1.2.804.2.1.1.1.1.1.3.5.2 OID.1.2.804.2.1.1.1.1.1.3.5.3 OID.1.2.804.2.1.1.1.1.1.3.6.1 OID.1.2.804.2.1.1.1.1.1.3.6.2 OID.1.2.804.2.1.1.1.1.1.3.6.3 OID.1.2.804.2.1.1.1.1.1.3.7.1 OID.1.2.804.2.1.1.1.1.1.3.7.2 OID.1.2.804.2.1.1.1.1.1.3.7.3 OID.1.2.804.2.1.1.1.1.1.3.8.1 OID.1.2.804.2.1.1.1.1.1.3.8.2 OID.1.2.804.2.1.1.1.1.1.3.8.3 OID.1.3.6.1.4.1.188.7.1.1.2 OID.2.16.840.1.101.3.4.1.1 OID.2.16.840.1.101.3.4.1.2 OID.2.16.840.1.101.3.4.1.21 OID.2.16.840.1.101.3.4.1.22 OID.2.16.840.1.101.3.4.1.23 OID.2.16.840.1.101.3.4.1.24 OID.2.16.840.1.101.3.4.1.25 OID.2.16.840.1.101.3.4.1.26 OID.2.16.840.1.101.3.4.1.27 OID.2.16.840.1.101.3.4.1.28 OID.2.16.840.1.101.3.4.1.3 OID.2.16.840.1.101.3.4.1.4 OID.2.16.840.1.101.3.4.1.41 OID.2.16.840.1.101.3.4.1.42 OID.2.16.840.1.101.3.4.1.43 OID.2.16.840.1.101.3.4.1.44 OID.2.16.840.1.101.3.4.1.45 OID.2.16.840.1.101.3.4.1.46 OID.2.16.840.1.101.3.4.1.47 OID.2.16.840.1.101.3.4.1.48 OID.2.16.840.1.101.3.4.1.5 OID.2.16.840.1.101.3.4.1.6 OID.2.16.840.1.101.3.4.1.7 OID.2.16.840.1.101.3.4.1.8 POLY1305 POLY1305-AES POLY1305-ARIA POLY1305-CAMELLIA POLY1305-CAST6 POLY1305-NOEKEON POLY1305-RC6 POLY1305-SEED POLY1305-SERPENT POLY1305-SM4 POLY1305-Twofish RC2 RC5 RC5-64 RC6 RC6-GMAC RIJNDAEL SALSA20 SEED SEED-CMAC SEED-GMAC SERPENT-GMAC SHACAL-2 SIPHASH SIPHASH128 SKIPJACK SM4 SM4-CMAC SM4-GMAC Serpent Shacal2 Skein-MAC-1024-1024 Skein-MAC-1024-384 Skein-MAC-1024-512 Skein-MAC-256-128 Skein-MAC-256-160 Skein-MAC-256-224 Skein-MAC-256-256 Skein-MAC-512-128 Skein-MAC-512-160 Skein-MAC-512-224 Skein-MAC-512-256 Skein-MAC-512-384 Skein-MAC-512-512 TEA TNEPRES-GMAC Threefish-1024 Threefish-256 Threefish-512 Tnepres Twofish Twofish-GMAC VMPC VMPC-KSA3 XSALSA20 XTEA ZUC-128 ZUC-256 | ||
KeyPairGenerator | DH DSA DSTU4145 EC ECDH ECDHC ECDHWITHSHA1KDF ECDSA ECGOST3410 ECGOST3410-2012 ECIES ECMQV ED25519 ED448 EDDSA ELGAMAL GOST3410 LMS OID.1.3.101.110 OID.1.3.101.111 OID.1.3.101.112 OID.1.3.101.113 RSA RSASSA-PSS SPHINCSPLUS X25519 X448 XDH | ||
KeyStore | BCFKS BCFKS-DEF BCPKCS12 BKS BouncyCastle FIPS FIPS-DEF IBCFKS IBCFKS-DEF IFIPS IFIPS-DEF PKCS12 PKCS12-3DES-3DES PKCS12-3DES-40RC2 PKCS12-DEF PKCS12-DEF-3DES-3DES PKCS12-DEF-3DES-40RC2 | ||
Mac | AES-GMAC AESCCMMAC AESCMAC ARIA-GMAC BLOWFISHCMAC CAMELLIA-GMAC CAST6-GMAC DESCMAC DESEDECMAC DESEDEMAC DESEDEMAC/CFB8 DESEDEMAC64 DESEDEMAC64WITHISO7816-4PADDING DESMAC DESMAC/CFB8 DESMAC64 DESMAC64WITHISO7816-4PADDING DESWITHISO9797 DSTU7624-128GMAC DSTU7624-256GMAC DSTU7624-512GMAC DSTU7624GMAC GOST28147MAC GOST3412MAC HMACDSTU7564-256 HMACDSTU7564-384 HMACDSTU7564-512 HMACGOST3411 HMACGOST3411-2012-256 HMACGOST3411-2012-512 HMACKECCAK224 HMACKECCAK256 HMACKECCAK288 HMACKECCAK384 HMACKECCAK512 HMACMD2 HMACMD4 HMACMD5 HMACRIPEMD128 HMACRIPEMD160 HMACRIPEMD256 HMACRIPEMD320 HMACSHA1 HMACSHA224 HMACSHA256 HMACSHA3-224 HMACSHA3-256 HMACSHA3-384 HMACSHA3-512 HMACSHA384 HMACSHA512 HMACSHA512/224 HMACSHA512/256 HMACSM3 HMACSkein-1024-1024 HMACSkein-1024-384 HMACSkein-1024-512 HMACSkein-256-128 HMACSkein-256-160 HMACSkein-256-224 HMACSkein-256-256 HMACSkein-512-128 HMACSkein-512-160 HMACSkein-512-224 HMACSkein-512-256 HMACSkein-512-384 HMACSkein-512-512 HMACTIGER HMACWHIRLPOOL IDEAMAC IDEAMAC/CFB8 ISO9797ALG3MAC ISO9797ALG3WITHISO7816-4PADDING KMAC128 KMAC256 NOEKEON-GMAC OLDHMACSHA384 OLDHMACSHA512 PBEWITHHMACRIPEMD160 PBEWITHHMACSHA PBEWITHHMACSHA1 PBEWITHHMACSHA224 PBEWITHHMACSHA256 PBEWITHHMACSHA384 PBEWITHHMACSHA512 POLY1305 POLY1305-AES POLY1305-ARIA POLY1305-CAMELLIA POLY1305-CAST6 POLY1305-NOEKEON POLY1305-RC6 POLY1305-SEED POLY1305-SERPENT POLY1305-SM4 POLY1305-Twofish RC2MAC RC2MAC/CFB8 RC5MAC RC5MAC/CFB8 RC6-GMAC SEED-CMAC SEED-GMAC SERPENT-GMAC SIPHASH-2-4 SIPHASH-4-8 SIPHASH128-2-4 SIPHASH128-4-8 SKIPJACKMAC SKIPJACKMAC/CFB8 SM4-CMAC SM4-GMAC Shacal-2CMAC Skein-MAC-1024-1024 Skein-MAC-1024-384 Skein-MAC-1024-512 Skein-MAC-256-128 Skein-MAC-256-160 Skein-MAC-256-224 Skein-MAC-256-256 Skein-MAC-512-128 Skein-MAC-512-160 Skein-MAC-512-224 Skein-MAC-512-256 Skein-MAC-512-384 Skein-MAC-512-512 TNEPRES-GMAC Threefish-1024CMAC Threefish-256CMAC Threefish-512CMAC Twofish-GMAC VMPCMAC ZUC-128 ZUC-256 ZUC-256-32 ZUC-256-64 | ||
MessageDigest | 1.0.10118.3.0.55 1.2.804.2.1.1.1.1.2.2.1 1.2.804.2.1.1.1.1.2.2.2 1.2.804.2.1.1.1.1.2.2.3 2.16.840.1.101.3.4.2.10 2.16.840.1.101.3.4.2.11 2.16.840.1.101.3.4.2.12 2.16.840.1.101.3.4.2.7 2.16.840.1.101.3.4.2.8 2.16.840.1.101.3.4.2.9 BLAKE2B-160 BLAKE2B-256 BLAKE2B-384 BLAKE2B-512 BLAKE2S-128 BLAKE2S-160 BLAKE2S-224 BLAKE2S-256 BLAKE3-256 DSTU7564-256 DSTU7564-384 DSTU7564-512 GOST3411 GOST3411-2012-256 GOST3411-2012-512 HARAKA-256 HARAKA-512 KECCAK-224 KECCAK-256 KECCAK-288 KECCAK-384 KECCAK-512 MD2 MD4 MD5 OID.1.0.10118.3.0.55 OID.1.2.804.2.1.1.1.1.2.2.1 OID.1.2.804.2.1.1.1.1.2.2.2 OID.1.2.804.2.1.1.1.1.2.2.3 OID.2.16.840.1.101.3.4.2.10 OID.2.16.840.1.101.3.4.2.11 OID.2.16.840.1.101.3.4.2.12 OID.2.16.840.1.101.3.4.2.7 OID.2.16.840.1.101.3.4.2.8 OID.2.16.840.1.101.3.4.2.9 PARALLELHASH128-256 PARALLELHASH256-512 RIPEMD128 RIPEMD160 RIPEMD256 RIPEMD320 SHA-1 SHA-224 SHA-256 SHA-384 SHA-512 SHA-512/224 SHA-512/256 SHA3-224 SHA3-256 SHA3-384 SHA3-512 SHAKE128-256 SHAKE256-512 SM3 Skein-1024-1024 Skein-1024-384 Skein-1024-512 Skein-256-128 Skein-256-160 Skein-256-224 Skein-256-256 Skein-512-128 Skein-512-160 Skein-512-224 Skein-512-256 Skein-512-384 Skein-512-512 TIGER TUPLEHASH128-256 TUPLEHASH256-512 WHIRLPOOL | ||
SecretKeyFactory | 1.3.14.3.2.17 1.3.6.1.4.1.11591.4.11 2.16.840.1.101.3.4.1 AES ARIA CAMELLIA DES DESEDE OID.1.3.14.3.2.17 OID.1.3.6.1.4.1.11591.4.11 OID.2.16.840.1.101.3.4.1 PBEWITHHMACGOST3411 PBEWITHHMACRIPEMD160 PBEWITHHMACSHA1 PBEWITHHMACSHA256 PBEWITHHMACTIGER PBEWITHMD2ANDDES PBEWITHMD2ANDRC2 PBEWITHMD5AND128BITAES-CBC-OPENSSL PBEWITHMD5AND192BITAES-CBC-OPENSSL PBEWITHMD5AND256BITAES-CBC-OPENSSL PBEWITHMD5ANDDES PBEWITHMD5ANDRC2 PBEWITHSHA1ANDDES PBEWITHSHA1ANDRC2 PBEWITHSHA256AND128BITAES-CBC-BC PBEWITHSHA256AND192BITAES-CBC-BC PBEWITHSHA256AND256BITAES-CBC-BC PBEWITHSHAAND128BITAES-CBC-BC PBEWITHSHAAND128BITRC2-CBC PBEWITHSHAAND128BITRC4 PBEWITHSHAAND192BITAES-CBC-BC PBEWITHSHAAND2-KEYTRIPLEDES-CBC PBEWITHSHAAND256BITAES-CBC-BC PBEWITHSHAAND3-KEYTRIPLEDES-CBC PBEWITHSHAAND40BITRC2-CBC PBEWITHSHAAND40BITRC4 PBEWITHSHAANDIDEA-CBC PBEWITHSHAANDTWOFISH-CBC PBKDF-OPENSSL PBKDF2 PBKDF2WITHASCII PBKDF2WITHHMACGOST3411 PBKDF2WITHHMACSHA224 PBKDF2WITHHMACSHA256 PBKDF2WITHHMACSHA3-224 PBKDF2WITHHMACSHA3-256 PBKDF2WITHHMACSHA3-384 PBKDF2WITHHMACSHA3-512 PBKDF2WITHHMACSHA384 PBKDF2WITHHMACSHA512 PBKDF2WITHHMACSM3 SCRYPT SEED TLS10KDF TLS11KDF TLS12WITHSHA256KDF TLS12WITHSHA384KDF TLS12WITHSHA512KDF | ||
SecureRandom | DEFAULT NONCEANDIV | ||
Signature | 1.3.6.1.5.5.7.6.30 1.3.6.1.5.5.7.6.31 DDSA DETDSA DSA DSTU4145 ECDDSA ECDSA ECGOST3410 ECGOST3410-2012-256 ECGOST3410-2012-512 ED25519 ED448 EDDSA GOST3410 GOST3411-2012-256WITHECGOST3410-2012-256 GOST3411-2012-512WITHECGOST3410-2012-512 GOST3411WITHDSTU4145 GOST3411WITHDSTU4145LE GOST3411WITHECGOST3410 LMS MD2WITHRSA MD4WITHRSA MD5WITHRSA MD5WITHRSA/ISO9796-2 NONEWITHDSA NONEwithECDSA OID.1.3.6.1.5.5.7.6.30 OID.1.3.6.1.5.5.7.6.31 RAWRSASSA-PSS RIPEMD128WITHRSA RIPEMD128WITHRSA/X9.31 RIPEMD160WITHDSA RIPEMD160WITHECDSA RIPEMD160WITHPLAIN-ECDSA RIPEMD160WITHRSA RIPEMD160WITHRSA/X9.31 RIPEMD160withRSA/ISO9796-2 RIPEMD256WITHRSA RMD128WITHRSA RMD128WITHRSA/X9.31 RMD160WITHRSA RMD160WITHRSA/X9.31 RMD256WITHRSA RSA RSASSA-PSS SHA1WITHCVC-ECDSA SHA1WITHDDSA SHA1WITHDETDSA SHA1WITHECDDSA SHA1WITHECNR SHA1WITHPLAIN-ECDSA SHA1WITHRSA SHA1WITHRSA/ISO9796-2 SHA1WITHRSA/X9.31 SHA1WITHRSAANDMGF1 SHA1WITHRSAANDSHAKE128 SHA1WITHRSAANDSHAKE256 SHA224WITHCVC-ECDSA SHA224WITHDDSA SHA224WITHDETDSA SHA224WITHDSA SHA224WITHECDDSA SHA224WITHECDSA SHA224WITHECNR SHA224WITHPLAIN-ECDSA SHA224WITHRSA SHA224WITHRSA/ISO9796-2 SHA224WITHRSA/X9.31 SHA224WITHRSAANDMGF1 SHA224WITHRSAANDSHAKE128 SHA224WITHRSAANDSHAKE256 SHA256WITHCVC-ECDSA SHA256WITHDDSA SHA256WITHDETDSA SHA256WITHDSA SHA256WITHECDDSA SHA256WITHECDSA SHA256WITHECNR SHA256WITHPLAIN-ECDSA SHA256WITHRSA SHA256WITHRSA/ISO9796-2 SHA256WITHRSA/X9.31 SHA256WITHRSAANDMGF1 SHA256WITHRSAANDSHAKE128 SHA256WITHRSAANDSHAKE256 SHA256WITHSM2 SHA3-224WITHDDSA SHA3-224WITHDSA SHA3-224WITHECDDSA SHA3-224WITHECDSA SHA3-224WITHPLAIN-ECDSA SHA3-224WITHRSA SHA3-224WITHRSAANDMGF1 SHA3-224WITHRSAANDSHAKE128 SHA3-224WITHRSAANDSHAKE256 SHA3-256WITHDDSA SHA3-256WITHDSA SHA3-256WITHECDDSA SHA3-256WITHECDSA SHA3-256WITHPLAIN-ECDSA SHA3-256WITHRSA SHA3-256WITHRSAANDMGF1 SHA3-256WITHRSAANDSHAKE128 SHA3-256WITHRSAANDSHAKE256 SHA3-384WITHDDSA SHA3-384WITHDSA SHA3-384WITHECDDSA SHA3-384WITHECDSA SHA3-384WITHPLAIN-ECDSA SHA3-384WITHRSA SHA3-384WITHRSAANDMGF1 SHA3-384WITHRSAANDSHAKE128 SHA3-384WITHRSAANDSHAKE256 SHA3-512WITHDDSA SHA3-512WITHDSA SHA3-512WITHECDDSA SHA3-512WITHECDSA SHA3-512WITHPLAIN-ECDSA SHA3-512WITHRSA SHA3-512WITHRSAANDMGF1 SHA3-512WITHRSAANDSHAKE128 SHA3-512WITHRSAANDSHAKE256 SHA384WITHCVC-ECDSA SHA384WITHDDSA SHA384WITHDETDSA SHA384WITHDSA SHA384WITHECDDSA SHA384WITHECDSA SHA384WITHECNR SHA384WITHPLAIN-ECDSA SHA384WITHRSA SHA384WITHRSA/ISO9796-2 SHA384WITHRSA/X9.31 SHA384WITHRSAANDMGF1 SHA384WITHRSAANDSHAKE128 SHA384WITHRSAANDSHAKE256 SHA512(224)WITHRSA SHA512(224)WITHRSA/ISO9796-2 SHA512(224)WITHRSA/X9.31 SHA512(224)WITHRSAANDMGF1 SHA512(224)WITHRSAANDSHAKE128 SHA512(224)WITHRSAANDSHAKE256 SHA512(256)WITHRSA SHA512(256)WITHRSA/ISO9796-2 SHA512(256)WITHRSA/X9.31 SHA512(256)WITHRSAANDMGF1 SHA512(256)WITHRSAANDSHAKE128 SHA512(256)WITHRSAANDSHAKE256 SHA512WITHCVC-ECDSA SHA512WITHDDSA SHA512WITHDETDSA SHA512WITHDSA SHA512WITHECDDSA SHA512WITHECDSA SHA512WITHECNR SHA512WITHPLAIN-ECDSA SHA512WITHRSA SHA512WITHRSA/ISO9796-2 SHA512WITHRSA/X9.31 SHA512WITHRSAANDMGF1 SHA512WITHRSAANDSHAKE128 SHA512WITHRSAANDSHAKE256 SHAKE128WITHECDSA SHAKE128WITHRSAPSS SHAKE256WITHECDSA SHAKE256WITHRSAPSS SM3WITHSM2 SPHINCSPLUS WhirlpoolWITHRSA/ISO9796-2 WhirlpoolWITHRSA/X9.31 | ||
X509Store | ATTRIBUTECERTIFICATE/COLLECTION ATTRIBUTECERTIFICATE/LDAP CERTIFICATE/COLLECTION CERTIFICATE/LDAP CERTIFICATEPAIR/COLLECTION CERTIFICATEPAIR/LDAP CRL/COLLECTION CRL/LDAP | ||
X509StreamParser | ATTRIBUTECERTIFICATE CERTIFICATE CERTIFICATEPAIR CRL |
4 Engine类和算法
引擎类为特定类型的密码服务提供接口,而不依赖于特定的密码算法或提供者。 引擎需要提供如下功能:
- 加密,数字签名,消息摘要等
- 密钥和算法参数
- 密钥库或证书
引擎类 | 功能 |
SecureRandom | 用于生成随机或伪随机数字。 |
MessageDigest | 用于计算指定数据的消息摘要(散列)。 |
Signature | 使用密钥初始化,这些签名用于签署数据并验证数字签 |
Cipher | 用密钥初始化,用于加密/解密数据。存在各种类型的算法 |
Message Authentication Codes(MAC) | 与MessageDigests一样,它们也会生成散列值,但是首先使用密钥初始化以保护消息的完整性。 |
KeyFactory | 用于将Key类型的现有不透明密钥转换为密钥规范(底层密钥材料的透明表示),反之亦然。 |
SecretKeyFactory | 用于将SecretKey类型的现有不透明加密密钥转换为密钥规范(底层密钥材料的透明表示),反之亦然。 SecretKeyFactorys是专门的KeyFactorys,只能创建密钥(对称)。 |
KeyPairGenerator | 用于生成一对适用于指定算法的公钥和私钥。 |
KeyGenerator | 用于生成与指定算法一起使用的新密钥。 |
KeyAgreement | 由两方或多方使用,商定和建立一个特定的密钥,用于特定的密码操作。 |
AlgorithmParameters | 用于存储特定算法的参数,包括参数编码和解码。 |
AlgorithmParameterGenerator | 用于生成适合于指定算法的一组AlgorithmParameters。 |
KeyStore | 用于创建和管理密钥库。密钥库是密钥的数据库。密钥库中的私钥具有与其关联的证书链,用于验证相应的公钥。密钥库还包含来自可信实体的证书。 |
CertificateFactory | 用于创建公钥证书和证书吊销列表(CRL)。 |
CertPathBuilder | 用于构建证书链(也称为证书路径)。 |
CertPathValidator | 用于验证证书链。 |
CertStore | 用于从存储库中检索证书和CRL。 |
4.1 引擎类的使用示例-AES加密解密
下面是一个简单的基于引擎类的AES加解密的实现:
/**
* @param data 明文
* @param key 密钥,长度16
* @param iv 偏移量,长度16
* @return 密文
* @Description AES算法加密明文
*/
public static String AesEncrypt(String data, String key, String iv) {
try {
//AES/CBC/NoPadding
Cipher cipher = Cipher.getInstance(“AES/CBC/NoPadding”);
int blockSize = cipher.getBlockSize();
byte[] dataBytes = data.getBytes();
int plaintextLength = dataBytes.length;
if (plaintextLength % blockSize != 0) {
plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
}
byte[] plaintext = new byte[plaintextLength];
System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
// CBC模式,需要一个向量iv,可增加加密算法的强度
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
// 加密后直接转string可能乱码,用BASE64做转码。
return encode(encrypted).trim();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* @param data 密文
* @param key 密钥,长度16
* @param iv 偏移量,长度16
* @return 明文
* @Description AES算法解密
*/
public static String AesDecrypt(String data, String key, String iv) {
try {
//先用base64解密
byte[] encrypted1 = decode(data);
//AES/CBC/NoPadding
Cipher cipher = Cipher.getInstance(“AES/CBC/NoPadding”);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original);
return originalString.trim();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 编码
*
* @param byteArray
* @return
*/
public static String encode(byte[] byteArray) {
return new String(new org.apache.commons.codec.binary.Base64().encode(byteArray));
}
/**
* 解码
*
* @param base64EncodedString
* @return
*/
public static byte[] decode(String base64EncodedString) {
return new org.apache.commons.codec.binary.Base64().decode(base64EncodedString);
}Base64编解码需要添加Pom依赖:
<!--常用的加密解密方法-->
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>4.2 引擎类支持的算法列表
类 | 算法 |
AlgorithmParameterGenerator | DiffieHellman (1024) DSA (1024) |
AlgorithmParameters | AES DES DESede DiffieHellman DSA |
CertificateFactory | |
CertPath | |
CertPathBuilder | PKIX |
CertPathValidator | PKIX |
CertStore | |
Cipher | AES/CBC/NoPadding (128) AES/CBC/PKCS5Padding (128) AES/ECB/NoPadding (128) AES/ECB/PKCS5Padding (128) DES/CBC/NoPadding (56) DES/CBC/PKCS5Padding (56) DES/ECB/NoPadding (56) DES/ECB/PKCS5Padding (56) DESede/CBC/NoPadding (168) DESede/CBC/PKCS5Padding (168) DESede/ECB/NoPadding (168) DESede/ECB/PKCS5Padding (168) RSA/ECB/PKCS1Padding (1024, 2048) RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048) RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048) |
KeyAgreement | DiffieHellman ECDH ECMQV |
KeyFactory | DiffieHellman DSA RSA |
KeyGenerator | AES (128) DES (56) DESede (168) HmacSHA1 HmacSHA256 |
KeyPairGenerator | DiffieHellman (1024) DSA (1024) RSA (1024, 2048) |
KeyStore | |
Mac | HmacMD5 HmacSHA1 HmacSHA256 |
MessageDigest | MD5 SHA-1 SHA-256 |
SecretKeyFactory | DES DESede |
SecureRandom | NativePRNG NativePRNGBlocking NativePRNGNonBlocking PKCS11 SHA1PRNG Windows-PRNG |
Signature | SHA1withDSA SHA1withRSA SHA256withRSA |
SSLContext | TLSv1 |
