JceSecretKeyTest.java - Secret Key Test Program

This section provides a quick tutorial example on how to write a sample program to generate a secret key for Blowfish, DES, or HmacMD5 encryption, save the secret key to a file, and read it back.

The following sample program shows you how to generate a secret key, write it a file, and read it back.

/* JceSecretKeyTest.java
 * Copyright (c) HerongYang.com. All Rights Reserved.
 */
import java.io.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
class JceSecretKeyTest {
   public static void main(String[] a) {
      if (a.length<3) {
         System.out.println("Usage:");
         System.out.println("java JceSecretKeyTest keySize output"
            +" algorithm");
         return;
      }
      int keySize = Integer.parseInt(a[0]);
      String output = a[1];
      String algorithm = a[2]; // Blowfish, DES, DESede, HmacMD5
      try {
         writeKey(keySize,output,algorithm);
         readKey(output,algorithm);
      } catch (Exception e) {
         System.out.println("Exception: "+e);
         return;
      }
   }
   private static void writeKey(int keySize, String output,
         String algorithm) throws Exception {
      KeyGenerator kg = KeyGenerator.getInstance(algorithm);
      kg.init(keySize);
      System.out.println();
      System.out.println("KeyGenerator Object Info: ");
      System.out.println("Algorithm = "+kg.getAlgorithm());
      System.out.println("Provider = "+kg.getProvider());
      System.out.println("Key Size = "+keySize);
      System.out.println("toString = "+kg.toString());

      SecretKey ky = kg.generateKey();
      String fl = output+".key";
      FileOutputStream fos = new FileOutputStream(fl);
      byte[] kb = ky.getEncoded();
      fos.write(kb);
      fos.close();
      System.out.println();
      System.out.println("SecretKey Object Info: ");
      System.out.println("Algorithm = "+ky.getAlgorithm());
      System.out.println("Saved File = "+fl);
      System.out.println("Size = "+kb.length);
      System.out.println("Format = "+ky.getFormat());
      System.out.println("toString = "+ky.toString());
   }
   private static void readKey(String input, String algorithm)
      throws Exception {
      String fl = input+".key";
      FileInputStream fis = new FileInputStream(fl);
      int kl = fis.available();
      byte[] kb = new byte[kl];
      fis.read(kb);
      fis.close();
      KeySpec ks = null;
      SecretKey ky = null;
      SecretKeyFactory kf = null;
      if (algorithm.equalsIgnoreCase("DES")) {
         ks = new DESKeySpec(kb);
         kf = SecretKeyFactory.getInstance("DES");
         ky = kf.generateSecret(ks);
      } else if (algorithm.equalsIgnoreCase("DESede")) {
         ks = new DESedeKeySpec(kb);
         kf = SecretKeyFactory.getInstance("DESede");
         ky = kf.generateSecret(ks);
      } else {
         ks = new SecretKeySpec(kb,algorithm);
         ky = new SecretKeySpec(kb,algorithm);
      }

      System.out.println();
      System.out.println("KeySpec Object Info: ");
      System.out.println("Saved File = "+fl);
      System.out.println("Length = "+kb.length);
      System.out.println("toString = "+ks.toString());

      System.out.println();
      System.out.println("SecretKey Object Info: ");
      System.out.println("Algorithm = "+ky.getAlgorithm());
      System.out.println("toString = "+ky.toString());
   }
}

Here is the result of my first test. It is done with JDK 1.8.

herong> java JceSecretKeyTest.java 56 bfish Blowfish

KeyGenerator Object Info:
Algorithm = Blowfish
Provider = SunJCE version 20
Key Size = 56
toString = javax.crypto.KeyGenerator@a8c488

SecretKey Object Info:
Algorithm = Blowfish
Saved File = bfish.key
Size = 7
Format = RAW
toString = javax.crypto.spec.SecretKeySpec@2685020e

KeySpec Object Info:
Saved File = bfish.key
Length = 7
toString = javax.crypto.spec.SecretKeySpec@2685020e

SecretKey Object Info:
Algorithm = Blowfish
toString = javax.crypto.spec.SecretKeySpec@2685020e

The program seems to be working:

In the second test, I wants to try DES algorithm:

herong> java JceSecretKeyTest 56 key2 DES

KeyGenerator Object Info:
Algorithm = DES
Provider = SunJCE version 20
Key Size = 56
toString = javax.crypto.KeyGenerator@998b08

SecretKey Object Info:
Algorithm = DES
Saved File = key2.key
Size = 8
Format = RAW
toString = com.sun.crypto.provider.DESKey@fffe7985

KeySpec Object Info:
Saved File = key2.key
Length = 8
toString = javax.crypto.spec.DESKeySpec@106082

SecretKey Object Info:
Algorithm = DES
toString = com.sun.crypto.provider.DESKey@fffe7985

Of course, you can continue testing with DESede and HmacMD5.

Table of Contents

 About This JDK Tutorial Book

 JDK (Java Development Kit)

 Java Date-Time API

 Date, Time and Calendar Classes

 Date and Time Object and String Conversion

 Number Object and Numeric String Conversion

 Locales, Localization Methods and Resource Bundles

 Calling and Importing Classes Defined in Unnamed Packages

 HashSet, Vector, HashMap and Collection Classes

 Character Set Encoding Classes and Methods

 Character Set Encoding Maps

 Encoding Conversion Programs for Encoded Text Files

 Java Logging

 Socket Network Communication

 Datagram Network Communication

 DOM (Document Object Model) - API for XML Files

 SAX (Simple API for XML)

 DTD (Document Type Definition) - XML Validation

 XSD (XML Schema Definition) - XML Validation

 XSL (Extensible Stylesheet Language)

 Message Digest Algorithm Implementations in JDK

 Private key and Public Key Pair Generation

 PKCS#8/X.509 Private/Public Encoding Standards

 Digital Signature Algorithm and Sample Program

 "keytool" Commands and "keystore" Files

 KeyStore and Certificate Classes

Secret Key Generation and Management

 javax.crypto.SecretKey - The Secret Key Interface

 javax.crypto.KeyGenerator - Generating Secret Keys

 Converting Secret Keys to and from Byte Arrays

JceSecretKeyTest.java - Secret Key Test Program

 Cipher - Encryption and Decryption

 The SSL (Secure Socket Layer) Protocol

 SSL Socket Communication Testing Programs

 SSL Client Authentication

 HTTPS (Hypertext Transfer Protocol Secure)

 Outdated Tutorials

 References

 Full Version in PDF/EPUB