This section describes the java.security.KeyFactory class, which allows you to convert key spec objects back to key objects. Full process of reading and converting encoded key files back to key objects are also provided.
In the previous chapter, we learned how to write keys into files as encoded byte strings
generated by the java.security.Key.getEncoded() method.
Now we want to learn how to read those encoded type strings back and convert them into keys
using 3 classes: java.security.spec.PKCS8EncodedKeySpec, java.security.spec.X509EncodedKeySpec,
and java.security.KeyFactory.
PKCS8EncodedKeySpec and X509EncodedKeySpec classes are described in the previous section.
Here is a quick description of the KeyFactory class.
java.security.KeyFactory - A class to convert keys between Key objects and EncodedKeySpec objects.
Major methods offered:
getInstance() - Returns a KeyFactory object of the specified algorithm and the specified
security package provider. If not specified, the default security package provider will be used.
generatePrivate() - Generates a PrivateKey object based on the specified EncodedKeySpec object,
and returns it.
generatePublic() - Generates a PublicKey object based on the specified EncodedKeySpec object,
and returns it.
getKeySpec() - Converts a Key object to an EncodedKeySpec object, and returns it.
getAlgorithm() - Returns the algorithm name of this object.
getProvider() - Returns the provider as a provider object of this object.
To read an encoded byte string and convert it back a key, you need to follow these steps:
Read the encoded byte string from a file into a byte array.
Convert the byte array into a key spec object using the PKCS8EncodedKeySpec or X509EncodedKeySpec
constructor.
Then convert the key spec object into a key object using the generatePrivate()
or generatePublic() of a KeyFactory object of the correct encryption algorithm.
See the next section on how to write a sample program.
