Encryption and decryption

1、 species

• hash Algorithm
• Symmetric encryption technology
• Asymmetric encryption technology

Algorithm signature can be used hash Algorithm ,
Internal communication can be encrypted symmetrically ,
Asymmetric encryption is used between friends and businesses

2、 Hash algorithm 、hash Algorithm

2.1、 md5

• MD5 It's using hash function , Its typical application is to generate a piece of information The information in this paper, , With To prevent from being tampered with
• MD5 Will output a length of 128bits A string of
• Four and MD4 The design consists of a few different steps ,（md2,md4 By md5 replace ,md6 failed ）
• Some algorithms may be the first 0 I'll lose （ Different codes , then eq Unequal pits ）

  /**
     * jdk The thread of is not safe ,MessageDigest
     * commons-codec ,DigestUtils.md5Hex , Security （ died of old age ）,
     * spring ,DigestUtils  Only md5,
     * Guava Some functions are actually ApacheCommon A subset of , Quite new 
     */
    public static final byte[] getMD53(String str) {
        Hasher hasher = Hashing.md5().newHasher();
    
        hasher.putString(str, Charset.forName("UTF-8"));
        byte[] md5 = hasher.hash().asBytes();
        return md5;
    }

2.2、 SHA1 Algorithm

• SHA1 Than MD5 Of More secure
• For lengths less than 2 ^ 64 Bit of news ,SHA1 Will produce a 160 Bit A summary of the news .
• be based on MD5、SHA1 Information summary features and Irreversible ( generally speaking ), Can be applied to check Document integrity as well as digital signature Such as the scene .
  SHA-1、SHA-2、SHA-224、SHA-256、SHA-384、SHA-512、SHA-512/224、SHA-512/256

 /**
     * md2
     * md5
     * SHA-1
     * sha256
     * SHA3-224
     * SHA3-256
     * SHA3-384
     * SHA3-512
     * SHA-384
     * SHA-512/224
     * SHA-512/256
		 still commons-codec Most fragrant 
     */
    public static String ccSHA1(String src) {
        if(StringUtils.isEmpty(src)){
            return null;
        }else{
            System.out.println("cc sha1 - 1 :" + DigestUtils.sha1Hex(src.getBytes()));
            System.out.println("cc sha1 - 2 :" + DigestUtils.sha1Hex(src));
            return DigestUtils.sha1Hex(src.getBytes());
        }
    }

2.3、HMAC Algorithm

• HMAC The sender and The receiving party All have key Calculate , Without this key The third party of , It is Can't calculate Out of the right Hash value , In this way, we can Prevent data from being tampered with .
• HMAC An example of the algorithm is Multithreaded environment Next is unsafe .
• But it needs to be in Multithreaded access when , Auxiliary classes for synchronization , Use ThreadLocal by Cache per thread An instance can avoid lock operation .
• MAC The following algorithms are available ：HmacMD5/HmacSHA1/HmacSHA256/HmacSHA384/HmacSHA512

2.4、 National secret sm3

2.5、base64

This is not an encryption algorithm ,jdk8 The fastest self-contained , Let's change the old one , The speed has been greatly improved

3、 Symmetric encryption

AES、DES、3DES All are symmetry Of Block encryption algorithm , encryption The process is Reversible
AES128、AES192、AES256 ( Default installed JDK Not yet in favor of AES256, You need to install the corresponding jce Patch upgrade jce1.7,jce1.8).

3.1、DES

• DES Encryption algorithm is a kind of Group password , With 64 Position as Group to data encryption , its Key length yes 56 position , Encryption and decryption use The same algorithm .

3.2、3DES

• Is based on DES Of Symmetric algorithm , Yes A piece of data use Three different keys Conduct Three encryption , Stronger

3.3、AES

• AES It is to replace DES Of ,AES Have a better Security 、 efficiency and flexibility
• AES Encryption algorithm is the key of cryptography Advanced encryption standard , The encryption algorithm adopts Symmetric block cipher , The minimum key length support is 128 position 、 192 position 、256 position , Group length 128 position , The algorithm shall be easy to implement in various hardware and software . This encryption algorithm is adopted by the federal government of the United States Block encryption standard .
• It's best for both parties to use the same code , Password or something , Different modes may have different codes

Pattern

• ECB Pattern （ Default ） Codebook mode Electronic Codebook Book
• CBC Pattern Password group link mode Cipher Block Chaining（ Both ends need to agree on the initial vector at the same time iv
• CFB Pattern ： Password feedback mode Cipher FeedBack）（ You can pass in non 16 Byte multiples of data , Suitable for streaming data , You also need to choose iv）
• CTR Pattern ： Calculator mode Counter（iv+1 The acquisition of is more responsible , Need to get instantaneous information iv

fill

• Fill mode NoPadding、PKCS5Padding（ Default ）
  *

4、 Asymmetric encryption

4.1、 RSA Algorithm

RSA Encryption algorithm is the most influential at present Public key encryption algorithm , And it's generally believed to be the present The best public key scheme One of
The first one can be used at the same time encryption and digital signature The algorithm of

4.2、ECC

5、 other

5.1、PKCS7

PKCS It's the United States RSA A set of public key cryptography standards developed by data security companies and their partners , This includes certificate applications 、 Certificate update 、 Certificate cancellation form issued 、 Extend certificate content and digital signature 、 A series of relevant standards on the format of digital envelopes

5.2、X509

X509 agreement , yes PKI The most widely used technology system 、 It is also the most basic international standard . Its main purpose is to define a standard format of digital certificates .
X509 and PKCS All follow ASN.1 The grammar of .
X509, Public key certificate , It only contains public key information and some basic information .
P7, Sign or encrypt . You can put it in x509, There is no signature or encrypted content at the same time .
P12, Contains the private key , At the same time, there can be a public key , Password protected .

6、 National secret