JCA/JCE Java Crypto Architecture / Java Crypto Extensions Dušan Klinec deadcode.me Provider architecture Provider architecture MessageDigest. getInstance(“MD5”); Provider architecture MessageDigest. getInstance(“MD5”, “ProviderC”); JCA •  java.security.* •  SecureRandom - PRNG •  MessageDigest – SHA256, MD5, ... •  Signature – RSA, DSA •  KeyStore – PKCS12 •  KeyPairGenerator, KeyFactory, CertificateFactory, JCE •  javax.crypto.* •  Cipher – AES, RSA, ElGamal, RC4, Salsa20 •  Mac – HMACWithSHA256 •  KeyGenerator •  Implementation independence •  Implementation interoperability •  Algorithm extensibility Provider architecture Bouncy Castle Bouncy Castle BouncyCastle Bouncy Castle •  Implements a LOT OF ciphers, cipher suites, algorithms, modes, ASN.1, PEM, Certs, … •  Origin: Australian, former advantage (crypto regulations) •  Android •  getInstance() •  update() •  digest() •  reset() Provider architecture – Engine classes •  getInstance() •  init() •  update() •  doFinal() Provider architecture – Engine classes Provider architecture – Spi skeleton Provider architecture – Spi skeleton Provider architecture – Spi skeleton Strong cryptography •  Limits the strength of your crypto •  the size of the Key •  AES-256, RSA-2048 not available by default •  Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files Strong cryptography Strong cryptography Algorithm Key size DES 64 DESede * RC2 128 RC4 128 RC5 128 RSA * (KeyPairGenerator 1024) other 128 Download NetBeans project Case sensitive goo.gl/ntSDHP Pls open NetBeans Pls open Getting started Cipher – import missing Cipher – import missing Lighbulb helps Getting started CTRL+SHIFT+I Problem again Problem again The web Pls open – the guide Case sensitive goo.gl/4Ztqen Task01 - SecureRandom •  SecureRandom rnd = new SecureRandom() •  rnd.nextDouble() •  rnd.nextByte() •  rnd. .... SecureRandom - solution •  SecureRandom rnd = new SecureRandom(); •  rnd.nextBytes(buffer); •  System.out.println(Globals.bytesToHex(buffer)); Task02 - MessageDigest •  MessageDigest md5 = MessageDigest.getInstance(“MD5”); MessageDigest •  MessageDigest md5 = MessageDigest.getInstance(“MD5”); •  md5.update(inputBuffer, 0, bytesRead); •  md5.update(inputBuffer, 0, bytesRead); •  md5.update(inputBuffer, 0, bytesRead); •  byte[] md5hash = md5.digest() MessageDigest – incremental API MD5 md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.digest() byte[] hash MessageDigest – incremental API MessageDigest – solution Task03 - Cipher •  getInstance(“algorithm/mode/padding”); •  Default mode: ECB •  Default padding: PKCS5 Cipher Cipher •  init(mode, key, algorithmParameterSpec) •  Cipher.DECRYPT_MODE •  new SecretKeySpec(aesKey, "AES") •  new IvParameterSpec(iv) Cipher – Key vs KeySpec •  Key – opaque key, used in engine •  getAlgoritm(), getEncoded() •  KeySpec – key specification, transport & storage •  getP(), getQ(), getN() Cipher – Key vs KeySpec •  SecretKeySpec = Spec & Key in the same time Cipher – Key vs KeySpec Cipher – Key vs KeySpec •  Why separated? Cipher – Key vs KeySpec •  Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) Cipher – Key vs KeySpec •  Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) Handle=0x123330 Cipher – Key vs KeySpec •  Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) Handle=0x123330, endpoint=https://… Cloud encryption HSM Cipher – Key materials •  String vs. char[] •  String is immutable, cannot zero out •  Zero-out mutable byte[] after use to prevent key leakage to swap files (or Heartblead) Cipher – Key materials •  GC deallocates but does not zero-out – key still there •  Modern GC can copy, reorder mem (heap defrag), unable to properly delete keys from memory nowadays (Java does not specify behaviour, can differ). Cipher – Solution Key Factories •  KeySpec à Key •  Key à KeySpec •  KeyFactory – asymetric keys •  SecretKeyFactory – symmetric keys Key generators •  KeyGenerator – symmetric •  generateSecret() à SecretKey •  KeyPairGenerator – asymmetric •  generateKeyPair() à KeyPair Certificate Builder •  X509V3CertificateGenerator •  goo.gl/I9WLUD Diffie Hellman •  KeyPairGenerator •  KeyAgreement •  goo.gl/Lus40Y Thank you for your attention! Questions References / resources •  TBD