password.jpeg
https://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html#trans
Creating a Cipher Object
Cipher objects are obtained by using one of the Cipher getInstance() static factory methods. Here, the algorithm name is slightly different than with other engine classes, in that it specifies not just an algorithm name, but a "transformation". A transformation is a string that describes the operation (or set of operations) to be performed on the given input to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., AES), and may be followed by a mode and padding scheme.
Cipher
对象是通过使用
Cipher getInstance()
静态工厂方法获得的。这里,算法名称与其他引擎类略有不同,因为它不仅指定算法名称,而且指定“转换”。转换是描述要对给定输入执行的操作(或一组操作)以产生某些输出的字符串。转换总是包含加密算法(例如AES)的名称,然后可能是模式和填充方案。
A transformation is of the form:
"algorithm/mode/padding" or
"algorithm"
For example, the following are valid transformations:
"AES/CBC/PKCS5Padding"
"AES"
If just a transformation name is specified, the system will determine if there is an implementation of the requested transformation available in the environment, and if there is more than one, returns there is a preferred one.
If both a transformation name and a package provider are specified, the system will determine if there is an implementation of the requested transformation in the package requested, and throw an exception if there is not.
It is recommended to use a transformation that fully specifies the algorithm, mode, and padding. By not doing so, the provider will use a default. For example, the SunJCE and SunPKCS11 providers uses ECB
(默认模式) as the default mode, and PKCS5Padding
(默认对齐方式) as the default padding for many symmetric ciphers.
This means that in the case of the SunJCE provider:
Cipher c1 = Cipher.getInstance("AES/ECB/PKCS5Padding");
Cipher c1 = Cipher.getInstance("AES");
are equivalent statements.
因为默认模式和默认的对齐方式,上边的两条语句是等价的.
https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html
Cipher
Cipher The algorithms are specified as transformations. Implementations must support the key sizes in parentheses. AES/CBC/NoPadding (128)
AES/CBC/PKCS5Padding (128)
AES/ECB/NoPadding (128)
AES/ECB/PKCS5Padding (128)
DES/CBC/NoPadding (56)
DES/CBC/PKCS5Padding (56)
DES/ECB/NoPadding (56)
DES/ECB/PKCS5Padding (56)
DESede/CBC/NoPadding (168)
DESede/CBC/PKCS5Padding (168)
DESede/ECB/NoPadding (168)
DESede/ECB/PKCS5Padding (168)
RSA/ECB/PKCS1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-1AndMGF1Padding (1024, 2048)
RSA/ECB/OAEPWithSHA-256AndMGF1Padding (1024, 2048)