JDK Tutorials - Herong's Tutorial Examples - v6.32, by Herong Yang
JceSecretKeyTest.java - Secret Key Test Program
This section provides a quick tutorial example on how to write a sample program to generate a secret key for Blowfish, DES, or HmacMD5 encryption, save the secret key to a file, and read it back.
The following sample program shows you how to generate a secret key, write it a file, and read it back.
/* JceSecretKeyTest.java * Copyright (c) HerongYang.com. All Rights Reserved. */ import java.io.*; import java.security.spec.*; import javax.crypto.*; import javax.crypto.spec.*; class JceSecretKeyTest { public static void main(String[] a) { if (a.length<3) { System.out.println("Usage:"); System.out.println("java JceSecretKeyTest keySize output" +" algorithm"); return; } int keySize = Integer.parseInt(a[0]); String output = a[1]; String algorithm = a[2]; // Blowfish, DES, DESede, HmacMD5 try { writeKey(keySize,output,algorithm); readKey(output,algorithm); } catch (Exception e) { System.out.println("Exception: "+e); return; } } private static void writeKey(int keySize, String output, String algorithm) throws Exception { KeyGenerator kg = KeyGenerator.getInstance(algorithm); kg.init(keySize); System.out.println(); System.out.println("KeyGenerator Object Info: "); System.out.println("Algorithm = "+kg.getAlgorithm()); System.out.println("Provider = "+kg.getProvider()); System.out.println("Key Size = "+keySize); System.out.println("toString = "+kg.toString()); SecretKey ky = kg.generateKey(); String fl = output+".key"; FileOutputStream fos = new FileOutputStream(fl); byte[] kb = ky.getEncoded(); fos.write(kb); fos.close(); System.out.println(); System.out.println("SecretKey Object Info: "); System.out.println("Algorithm = "+ky.getAlgorithm()); System.out.println("Saved File = "+fl); System.out.println("Size = "+kb.length); System.out.println("Format = "+ky.getFormat()); System.out.println("toString = "+ky.toString()); } private static void readKey(String input, String algorithm) throws Exception { String fl = input+".key"; FileInputStream fis = new FileInputStream(fl); int kl = fis.available(); byte[] kb = new byte[kl]; fis.read(kb); fis.close(); KeySpec ks = null; SecretKey ky = null; SecretKeyFactory kf = null; if (algorithm.equalsIgnoreCase("DES")) { ks = new DESKeySpec(kb); kf = SecretKeyFactory.getInstance("DES"); ky = kf.generateSecret(ks); } else if (algorithm.equalsIgnoreCase("DESede")) { ks = new DESedeKeySpec(kb); kf = SecretKeyFactory.getInstance("DESede"); ky = kf.generateSecret(ks); } else { ks = new SecretKeySpec(kb,algorithm); ky = new SecretKeySpec(kb,algorithm); } System.out.println(); System.out.println("KeySpec Object Info: "); System.out.println("Saved File = "+fl); System.out.println("Length = "+kb.length); System.out.println("toString = "+ks.toString()); System.out.println(); System.out.println("SecretKey Object Info: "); System.out.println("Algorithm = "+ky.getAlgorithm()); System.out.println("toString = "+ky.toString()); } }
Here is the result of my first test. It is done with JDK 1.8.
herong> java JceSecretKeyTest.java 56 bfish Blowfish KeyGenerator Object Info: Algorithm = Blowfish Provider = SunJCE version 20 Key Size = 56 toString = javax.crypto.KeyGenerator@a8c488 SecretKey Object Info: Algorithm = Blowfish Saved File = bfish.key Size = 7 Format = RAW toString = javax.crypto.spec.SecretKeySpec@2685020e KeySpec Object Info: Saved File = bfish.key Length = 7 toString = javax.crypto.spec.SecretKeySpec@2685020e SecretKey Object Info: Algorithm = Blowfish toString = javax.crypto.spec.SecretKeySpec@2685020e
The program seems to be working:
In the second test, I wants to try DES algorithm:
herong> java JceSecretKeyTest 56 key2 DES KeyGenerator Object Info: Algorithm = DES Provider = SunJCE version 20 Key Size = 56 toString = javax.crypto.KeyGenerator@998b08 SecretKey Object Info: Algorithm = DES Saved File = key2.key Size = 8 Format = RAW toString = com.sun.crypto.provider.DESKey@fffe7985 KeySpec Object Info: Saved File = key2.key Length = 8 toString = javax.crypto.spec.DESKeySpec@106082 SecretKey Object Info: Algorithm = DES toString = com.sun.crypto.provider.DESKey@fffe7985
Of course, you can continue testing with DESede and HmacMD5.
Table of Contents
Date, Time and Calendar Classes
Date and Time Object and String Conversion
Number Object and Numeric String Conversion
Locales, Localization Methods and Resource Bundles
Calling and Importing Classes Defined in Unnamed Packages
HashSet, Vector, HashMap and Collection Classes
Character Set Encoding Classes and Methods
Encoding Conversion Programs for Encoded Text Files
Datagram Network Communication
DOM (Document Object Model) - API for XML Files
DTD (Document Type Definition) - XML Validation
XSD (XML Schema Definition) - XML Validation
XSL (Extensible Stylesheet Language)
Message Digest Algorithm Implementations in JDK
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Digital Signature Algorithm and Sample Program
"keytool" Commands and "keystore" Files
KeyStore and Certificate Classes
►Secret Key Generation and Management
javax.crypto.SecretKey - The Secret Key Interface
javax.crypto.KeyGenerator - Generating Secret Keys
Converting Secret Keys to and from Byte Arrays
►JceSecretKeyTest.java - Secret Key Test Program
Cipher - Encryption and Decryption
The SSL (Secure Socket Layer) Protocol
SSL Socket Communication Testing Programs