加密学教程(Cryptography Tuturials)
太阳火神的漂亮人生 (http://blog.csdn.net/opengl_es)
本文遵循“署名-非商业用途-保持一致”创作公用协议
Cryptography Tutorials - Herong‘s Tutorial Notes
Version 4.00
Dr. Herong Yang
Copyright ? 1998 - 2007 by Dr. Herong Yang. All rights reserved.
Table of Contents
About This Book
Terminology
Basic Concepts
- Cryptography
- Function
- Encryption
Cipher - DES Algorithm
- Block Cipher
- DES (Data Encryption Standard) Cipher Algorithm
- DES Key Schedule (Round Keys Generation) Algorithm
- DES Decryption Algorithm
DES Algorithm - Illustrated with Java Programs
- DESSubkeysTest.java - DES Key Schedule Algorithm Illustration
- DESCipherTest.java - DES Cipher Algorithm Illustration
DES Algorithm - Java Implementation
- CipherDES.java - A Simple Java Implementation of DES
- Test Cases of DES Encryption and Decryption
DES Algorithm - Java JCE SUN Implementation
- DES Java Implementation by Sun
- Using DES Algorithm in JDK JCE Package
- Test Cases of DES Encryption and Decryption
- What Is PKCS5Padding?
- JceSunDesPaddingTest.java - JCE DES Padding Testing Program
DES Algorithm - Operation Modes and JCE SUN Implementation
- DES Encryption Operation Modes
- What is ECB (Electronic CodeBook) Operation Mode?
- What is CBC (Cipher Block Chaining) Operation Mode?
- What is CFB (Cipher FeedBack) Operation Mode?
- What is OFB (Output FeedBack) Operation Mode?
- Sun Java Implementation of DES Operation Modes
- JceSunDesOperationModeTest.java - JCE DES Operation Mode Testing Program
- Test Cases of DES Operation Modes
DES Algorithm - Stream Cipher Modes and JCE SUN Implementation
- DES in Stream Cipher Modes
- CFB (Cipher FeedBack) Operation Mode as a Stream Cipher
- OFB (Output FeedBack) Operation Mode as a Stream Cipher
- Sun Java Implementation of DES Operation Modes
- JceSunDesStreamCipherTest.java - JCE DES Stream Cipher Mode Testing Program
- Test Cases of DES Stream Cipher Modes
DES Algorithm - PHP Implementation in mcrypt
- mcrypt Library for PHP
- mcrypt Encryption Functions
- des_mcrypt_operation_mode_test.php - mcrypt Operation Mode Test PHP Script
- Block Padding in mcrypt
- Other PHP Implementations of DES Algorithm
JDK/JCE - Cipher for Encryption and Decryption
- The Cipher Class
- JceSecretCipher.java - Cipher with Secret Key
- JcePublicCipher.java - Cipher with Private and Public Key Pair
Cipher - Blowfish Algorithm
- Block Cipher
- Blowfish Cipher Algorithm
- Blowfish Key Schedule (Sub-Keys Generation) Algorithm
- BlowfishJ - Java Implementation by Markus Hahn
- Blowfish Decryption Algorithm
- 8366 Hex Digits of PI
Message Digest - MD5 Algorithm
- What is MD5?
- MD5 Algorithm Overview
- MD5 Implementation in Java
- MD5 Implementation in PHP
- MD5 Implementation in Perl
Message Digest - SHA1 Algorithm
- What is SHA1?
- SHA1 Algorithm Overview
- SHA1 Implementation in Java
- SHA1 Implementation in PHP
- SHA1 Implementation in Perl
OpenSSL - Installation on Windows
- What is OpenSSL?
- Installing OpenSSL on Windows
OpenSSL - Generating RSA Private and Public Keys
- What is RSA?
- Generating RSA Key Pairs
- Viewing Components of RSA Keys
- Encrypting RSA Keys
OpenSSL - Generating Self-Signed Certificates
- What is a certificate?
- Generating Self-Signed Certificates
- Viewing Components of Certificates
OpenSSL - Signing Certificates from Others
- Why Certificates Need to Be Signed by CAs?
- Generating a Certificate Signing Request for Your Own Public Key
- Viewing Components of Certificate Signing Request
- Signing a Certificate Signing Request
OpenSSL - Certification Path and Validation
- What Is a Certification Path?
- Certification Path Validation
- Certification Path Testing with OpenSSL
keytool - JDK Tool to Manage Certificates Using ‘keystore‘
- Certificates and Certificate Chains
- What is "keystore"?
- "keytool" - Key and Certificate Management Tool
- "keytool" Example - Generating Key Pairs and Self-Signed Certificates
- "keytool" Example - Exporting and Import Certificates
- "keytool" Example - Cloning Certificates with New Identities
Using Certificates with Web Browsers
- Why Using Certificates with Browser?
- Exporting Certificates Out of Internet Explorer (IE)
- Importing Certificates into IE
- View Certificates in FireFox
- Importing Certificates into FireFox
‘OpenSSL‘ Signing CSR Generated by ‘keytool‘
- Using "OpenSSL" to Act as a CA (Certificate Authority)
- "OpenSSL" Generating CA‘s Private Key
- "OpenSSL" Self-signing CA‘s Public Key Certificate
- "keytool" Generating Maria‘s Private Key
- "keytool" Generating Maria‘s CSR (Certificate Sign Request)
- "OpenSSL" Signing Maria‘s CSR (Certificate Sign Request)
- "keytool" Managing Serial Numbers when Signing CSR
- "keytool" Importing CA‘s Certificate into Keystore Files
- "keytool" Importing Maria‘s Own Certificate
Migrating Keys from ‘keytool‘ to ‘OpenSSL‘
- "keytool" Generating Private and Public Key Pair
- "keytool" Exporting PrivateKeyEntry
- "keytool" Printing Certificate Details
- "OpenSSL" Viewing "keytool" Generated Certificates
- DumpKey.java - Dumping Private Keys Out of "keystore"
- "OpenSSL" Converting Keys from Binary to PEM
- "OpenSSL" Viewing "keytool" Keys
Certificate Formats - X.509, DER and PEM
- X.509 Certificate Standard
- PEM (Privacy Enhanced Mail) Encoding
- DER (Distinguished Encoding Rules) Encoding
- "keytool" Exporting Certificates in DER and PEM
- "OpenSSL" Verifying "keytool" Certificates
- "OpenSSL" Generating Certificates in DER and PEM
- "keytool" Viewing "OpenSSL" Certificates
- "keytool" Importing "OpenSSL" Certificates
Key Formats PKCS#8 and PKCS#12 and Migration
- What is PKCS#8?
- What is PKCS#12?
- "OpenSSL" Private Key in Traditional Format
- "OpenSSL" Private Key in PKCS#8 Format
- "OpenSSL" Key and Certificate in PKCS#12 Format
- "keytool" Converting PKCS12 to JKS
- Summary - Migrating "OpenSSL" Keys to "keytool"
- Summary - Migrating "keytool" Keys to "OpenSSL"
References
Key Words: blowfish, CA, certificate, certification path, cipher, CSR, decryption, DER, DES, digest, encryption, Java, JCE, JDK, keytool, MD5, message, OpenSSL, PEM, PKCS#8, PKCS#12, private key, public key, RSA, secret key, self-signed certificate, SHA1, SSL, X.509
Cryptography Tutorials - Herong‘s Tutorial Notes
Version 4.00
Dr. Herong Yang
Copyright ? 1998 - 2007 by Dr. Herong Yang. All rights reserved.
Table of Contents
About This Book
Terminology
Basic Concepts
- Cryptography
- Function
- Encryption
Cipher - DES Algorithm
- Block Cipher
- DES (Data Encryption Standard) Cipher Algorithm
- DES Key Schedule (Round Keys Generation) Algorithm
- DES Decryption Algorithm
DES Algorithm - Illustrated with Java Programs
- DESSubkeysTest.java - DES Key Schedule Algorithm Illustration
- DESCipherTest.java - DES Cipher Algorithm Illustration
DES Algorithm - Java Implementation
- CipherDES.java - A Simple Java Implementation of DES
- Test Cases of DES Encryption and Decryption
DES Algorithm - Java JCE SUN Implementation
- DES Java Implementation by Sun
- Using DES Algorithm in JDK JCE Package
- Test Cases of DES Encryption and Decryption
- What Is PKCS5Padding?
- JceSunDesPaddingTest.java - JCE DES Padding Testing Program
DES Algorithm - Operation Modes and JCE SUN Implementation
- DES Encryption Operation Modes
- What is ECB (Electronic CodeBook) Operation Mode?
- What is CBC (Cipher Block Chaining) Operation Mode?
- What is CFB (Cipher FeedBack) Operation Mode?
- What is OFB (Output FeedBack) Operation Mode?
- Sun Java Implementation of DES Operation Modes
- JceSunDesOperationModeTest.java - JCE DES Operation Mode Testing Program
- Test Cases of DES Operation Modes
DES Algorithm - Stream Cipher Modes and JCE SUN Implementation
- DES in Stream Cipher Modes
- CFB (Cipher FeedBack) Operation Mode as a Stream Cipher
- OFB (Output FeedBack) Operation Mode as a Stream Cipher
- Sun Java Implementation of DES Operation Modes
- JceSunDesStreamCipherTest.java - JCE DES Stream Cipher Mode Testing Program
- Test Cases of DES Stream Cipher Modes
DES Algorithm - PHP Implementation in mcrypt
- mcrypt Library for PHP
- mcrypt Encryption Functions
- des_mcrypt_operation_mode_test.php - mcrypt Operation Mode Test PHP Script
- Block Padding in mcrypt
- Other PHP Implementations of DES Algorithm
JDK/JCE - Cipher for Encryption and Decryption
- The Cipher Class
- JceSecretCipher.java - Cipher with Secret Key
- JcePublicCipher.java - Cipher with Private and Public Key Pair
Cipher - Blowfish Algorithm
- Block Cipher
- Blowfish Cipher Algorithm
- Blowfish Key Schedule (Sub-Keys Generation) Algorithm
- BlowfishJ - Java Implementation by Markus Hahn
- Blowfish Decryption Algorithm
- 8366 Hex Digits of PI
Message Digest - MD5 Algorithm
- What is MD5?
- MD5 Algorithm Overview
- MD5 Implementation in Java
- MD5 Implementation in PHP
- MD5 Implementation in Perl
Message Digest - SHA1 Algorithm
- What is SHA1?
- SHA1 Algorithm Overview
- SHA1 Implementation in Java
- SHA1 Implementation in PHP
- SHA1 Implementation in Perl
OpenSSL - Installation on Windows
- What is OpenSSL?
- Installing OpenSSL on Windows
OpenSSL - Generating RSA Private and Public Keys
- What is RSA?
- Generating RSA Key Pairs
- Viewing Components of RSA Keys
- Encrypting RSA Keys
OpenSSL - Generating Self-Signed Certificates
- What is a certificate?
- Generating Self-Signed Certificates
- Viewing Components of Certificates
OpenSSL - Signing Certificates from Others
- Why Certificates Need to Be Signed by CAs?
- Generating a Certificate Signing Request for Your Own Public Key
- Viewing Components of Certificate Signing Request
- Signing a Certificate Signing Request
OpenSSL - Certification Path and Validation
- What Is a Certification Path?
- Certification Path Validation
- Certification Path Testing with OpenSSL
keytool - JDK Tool to Manage Certificates Using ‘keystore‘
- Certificates and Certificate Chains
- What is "keystore"?
- "keytool" - Key and Certificate Management Tool
- "keytool" Example - Generating Key Pairs and Self-Signed Certificates
- "keytool" Example - Exporting and Import Certificates
- "keytool" Example - Cloning Certificates with New Identities
Using Certificates with Web Browsers
- Why Using Certificates with Browser?
- Exporting Certificates Out of Internet Explorer (IE)
- Importing Certificates into IE
- View Certificates in FireFox
- Importing Certificates into FireFox
‘OpenSSL‘ Signing CSR Generated by ‘keytool‘
- Using "OpenSSL" to Act as a CA (Certificate Authority)
- "OpenSSL" Generating CA‘s Private Key
- "OpenSSL" Self-signing CA‘s Public Key Certificate
- "keytool" Generating Maria‘s Private Key
- "keytool" Generating Maria‘s CSR (Certificate Sign Request)
- "OpenSSL" Signing Maria‘s CSR (Certificate Sign Request)
- "keytool" Managing Serial Numbers when Signing CSR
- "keytool" Importing CA‘s Certificate into Keystore Files
- "keytool" Importing Maria‘s Own Certificate
Migrating Keys from ‘keytool‘ to ‘OpenSSL‘
- "keytool" Generating Private and Public Key Pair
- "keytool" Exporting PrivateKeyEntry
- "keytool" Printing Certificate Details
- "OpenSSL" Viewing "keytool" Generated Certificates
- DumpKey.java - Dumping Private Keys Out of "keystore"
- "OpenSSL" Converting Keys from Binary to PEM
- "OpenSSL" Viewing "keytool" Keys
Certificate Formats - X.509, DER and PEM
- X.509 Certificate Standard
- PEM (Privacy Enhanced Mail) Encoding
- DER (Distinguished Encoding Rules) Encoding
- "keytool" Exporting Certificates in DER and PEM
- "OpenSSL" Verifying "keytool" Certificates
- "OpenSSL" Generating Certificates in DER and PEM
- "keytool" Viewing "OpenSSL" Certificates
- "keytool" Importing "OpenSSL" Certificates
Key Formats PKCS#8 and PKCS#12 and Migration
- What is PKCS#8?
- What is PKCS#12?
- "OpenSSL" Private Key in Traditional Format
- "OpenSSL" Private Key in PKCS#8 Format
- "OpenSSL" Key and Certificate in PKCS#12 Format
- "keytool" Converting PKCS12 to JKS
- Summary - Migrating "OpenSSL" Keys to "keytool"
- Summary - Migrating "keytool" Keys to "OpenSSL"
References
Key Words: blowfish, CA, certificate, certification path, cipher, CSR, decryption, DER, DES, digest, encryption, Java, JCE, JDK, keytool, MD5, message, OpenSSL, PEM, PKCS#8, PKCS#12, private key, public key, RSA, secret key, self-signed certificate, SHA1, SSL, X.509