JceSecretKeyTest.java - Secret Key Test Program

JDK (Java Development Kit) Tutorials

Dr. Herong Yang, Version 5.00

∟JceSecretKeyTest.java - Secret Key Test Program

This section provides a quick tutorial example on how to write a sample program to generate a secret key for Blowfish, DES, or HmacMD5 encryption, save the secret key to a file, and read it back.

The following sample program shows you how to generate a secret key, write it a file, and read it back.

/**
 * JceSecretKeyTest.java
 * Copyright (c) 2002 by Dr. Herong Yang
 */
import java.io.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
class JceSecretKeyTest {
   public static void main(String[] a) {
      if (a.length<3) {
         System.out.println("Usage:");
         System.out.println("java JceSecretKeyTest keySize output"
            +" algorithm");
         return;
      }
      int keySize = Integer.parseInt(a[0]);
      String output = a[1];
      String algorithm = a[2]; // Blowfish, DES, DESede, HmacMD5
      try {
         writeKey(keySize,output,algorithm);
         readKey(output,algorithm);
      } catch (Exception e) {
         System.out.println("Exception: "+e);
         return;
      }
   }
   private static void writeKey(int keySize, String output, 
         String algorithm) throws Exception {
      KeyGenerator kg = KeyGenerator.getInstance(algorithm);
      kg.init(keySize);
      System.out.println();
      System.out.println("KeyGenerator Object Info: ");
      System.out.println("Algorithm = "+kg.getAlgorithm());
      System.out.println("Provider = "+kg.getProvider());
      System.out.println("Key Size = "+keySize);
      System.out.println("toString = "+kg.toString());

      SecretKey ky = kg.generateKey();
      String fl = output+".key";
      FileOutputStream fos = new FileOutputStream(fl);
      byte[] kb = ky.getEncoded();
      fos.write(kb);
      fos.close();
      System.out.println();
      System.out.println("SecretKey Object Info: ");
      System.out.println("Algorithm = "+ky.getAlgorithm());
      System.out.println("Saved File = "+fl);
      System.out.println("Size = "+kb.length);
      System.out.println("Format = "+ky.getFormat());
      System.out.println("toString = "+ky.toString());
   }
   private static void readKey(String input, String algorithm) 
      throws Exception {
      String fl = input+".key";
      FileInputStream fis = new FileInputStream(fl);
      int kl = fis.available();
      byte[] kb = new byte[kl];
      fis.read(kb);
      fis.close();
      KeySpec ks = null;
      SecretKey ky = null;
      SecretKeyFactory kf = null;
      if (algorithm.equalsIgnoreCase("DES")) {
      	 ks = new DESKeySpec(kb);
         kf = SecretKeyFactory.getInstance("DES");
         ky = kf.generateSecret(ks);
      } else if (algorithm.equalsIgnoreCase("DESede")) {
      	 ks = new DESedeKeySpec(kb);
         kf = SecretKeyFactory.getInstance("DESede");
         ky = kf.generateSecret(ks);
      } else {
         ks = new SecretKeySpec(kb,algorithm);
         ky = new SecretKeySpec(kb,algorithm);
      }

      System.out.println();
      System.out.println("KeySpec Object Info: ");
      System.out.println("Saved File = "+fl);
      System.out.println("Length = "+kb.length);
      System.out.println("toString = "+ks.toString());

      System.out.println();
      System.out.println("SecretKey Object Info: ");
      System.out.println("Algorithm = "+ky.getAlgorithm());
      System.out.println("toString = "+ky.toString());
   }
}

Here is the result of my first test. It is done with JDK 1.4.1.

java -cp . JceSecretKeyTest 56 key1 Blowfish

KeyGenerator Object Info:
Algorithm = Blowfish
Provider = SunJCE version 1.42
Key Size = 56
toString = javax.crypto.KeyGenerator@a8c488

SecretKey Object Info:
Algorithm = Blowfish
Saved File = key1.key
Size = 7
Format = RAW
toString = javax.crypto.spec.SecretKeySpec@2685020e

KeySpec Object Info:
Saved File = key1.key
Length = 7
toString = javax.crypto.spec.SecretKeySpec@2685020e

SecretKey Object Info:
Algorithm = Blowfish
toString = javax.crypto.spec.SecretKeySpec@2685020e

The program seems to be working:

Since I am not specifying the provider name, the implementation of the Blowfish algorithm provided in the default security package was selected. Of course, Sun is the provider of the default security package.
The Blowfish key is only 7 bytes when "encoded" in RAW format.
When importing the blowfish key back from the 7 raw bytes, SecretKeyScep class is used instead of SecretKeyFactory class.

In the second test, I wants to try DES algorithm:

java -cp . JceSecretKeyTest 56 key2 DES

KeyGenerator Object Info:
Algorithm = DES
Provider = SunJCE version 1.42
Key Size = 56
toString = javax.crypto.KeyGenerator@998b08

SecretKey Object Info:
Algorithm = DES
Saved File = key2.key
Size = 8
Format = RAW
toString = com.sun.crypto.provider.DESKey@fffe7985

KeySpec Object Info:
Saved File = key2.key
Length = 8
toString = javax.crypto.spec.DESKeySpec@106082

SecretKey Object Info:
Algorithm = DES
toString = com.sun.crypto.provider.DESKey@fffe7985

Of course, you can continue testing with DESede and HmacMD5.

Last update: 2006.

Table of Contents

About This JDK Tutorial Book

Downloading and Installing JDK 1.3.1 on Windows

Downloading and Installing JDK 1.4.1 on Windows

Downloading and Installing JDK 1.5.0 on Windows

Downloading and Installing JDK 1.6.2 on Windows

Date, Time and Calendar Classes

Date and Time Object and String Conversion

Number Object and Numeric String Conversion

Locales, Localization Methods and Resource Bundles