JDK Tutorials - Herong's Tutorial Notes
Dr. Herong Yang, Version 4.32, 2006

JCA - Private and Public Key Pairs

Part:   1  2   3  4 

JDK Tutorials - Herong's Tutorial Notes © Dr. Herong Yang

Internationalization

Character Set and Encoding

Socket Communication

Document Object Model (DOM)

XSD Validation in Java

XSL - Transformer in Java

JCA - Private and Public Key Pairs

JCE - Secret Key

SSL (Secure Socket Layer)

SSL - Client Authentication

... Table of Contents

(Continued from previous part...)

Key Pair Sample Program - JcaKeyPair.java

The following sample program shows you how to invoke the key pair generation algorithms implemented by the default provider, Sun, and generate key pairs. 

/**
 * JcaKeyPair.java
 * Copyright (c) 2002 by Dr. Herong Yang
 */
import java.io.*;
import java.math.*;
import java.security.*;
import java.security.interfaces.*;
class JcaKeyPair {
   public static void main(String[] a) {
      if (a.length<3) {
         System.out.println("Usage:");
         System.out.println("java JcaKeyPair keySize output"
            +" algorithm");
         return;
      }
      int keySize = Integer.parseInt(a[0]);
      String output = a[1];
      String algorithm = a[2]; // RSA, DSA
      try {
         getKeys(keySize,output,algorithm);
      } catch (Exception e) {
         System.out.println("Exception: "+e);
         return;
      }
   }
   private static void getKeys(int keySize, String output, 
         String algorithm) throws Exception {
      KeyPairGenerator kg = KeyPairGenerator.getInstance(algorithm);
      kg.initialize(keySize);
      System.out.println();
      System.out.println("KeyPairGenerator Object Info: ");
      System.out.println("Algorithm = "+kg.getAlgorithm());
      System.out.println("Provider = "+kg.getProvider());
      System.out.println("Key Size = "+keySize);
      System.out.println("toString = "+kg.toString());
      KeyPair pair = kg.generateKeyPair();
      PrivateKey priKey = pair.getPrivate();
      PublicKey pubKey = pair.getPublic();
      String fl = output+".pri";
      FileOutputStream out = new FileOutputStream(fl);
      byte[] ky = priKey.getEncoded();
      out.write(ky);
      out.close();
      System.out.println();
      System.out.println("Private Key Info: ");
      System.out.println("Algorithm = "+priKey.getAlgorithm());
      System.out.println("Saved File = "+fl);
      System.out.println("Size = "+ky.length);
      System.out.println("Format = "+priKey.getFormat());
      System.out.println("toString = "+priKey.toString());
      fl = output+".pub";
      out = new FileOutputStream(fl);
      ky = pubKey.getEncoded();
      out.write(ky);
      out.close();
      System.out.println();
      System.out.println("Public Key Info: ");
      System.out.println("Algorithm = "+pubKey.getAlgorithm());
      System.out.println("Saved File = "+fl);
      System.out.println("Size = "+ky.length);
      System.out.println("Format = "+pubKey.getFormat());
      System.out.println("toString = "+pubKey.toString());
   }
}

Here is the result of my first test. It is done with JDK 1.3.1. 

javac -classpath . JcaKeyPair.java

java -cp . JcaKeyPair 512 dsa dsa

KeyPairGenerator Object Info:
Algorithm = DSA
Provider = SUN version 1.2
Key Size = 512
toString = sun.security.provider.DSAKeyPairGenerator@2f6684

Private Key Info:
Algorithm = DSA
Saved File = dsa.pri
Size = 201
Format = PKCS#8
toString = Sun DSA Private Key
parameters:
p:
fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3 ae1617ae
01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151 bdc43ee7 37592e17
q:
962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5
g:
678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d 14271b9e
35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a 6c416e50 be794ca4

x: 3a46e9a6da9a90ee7c7cfedad597e260988f4e6a

Public Key Info:
Algorithm = DSA
Saved File = dsa.pub
Size = 244
Format = X.509
toString = Sun DSA Public Key
Parameters:
p:
fca682ce 8e12caba 26efccf7 110e526d b078b05e decbcd1e b4a208f3 ae1617ae
01f35b91 a47e6df6 3413c5e1 2ed0899b cd132acd 50d99151 bdc43ee7 37592e17
q:
962eddcc 369cba8e bb260ee6 b6a126d9 346e38c5
g:
678471b2 7a9cf44e e91a49c5 147db1a9 aaf244f0 5a434d64 86931d2d 14271b9e
35030b71 fd73da17 9069b32e 2935630e 1c206235 4d0da20a 6c416e50 be794ca4

y:
e803dccb c3292909 c589b7ca c3a18e97 d09b5a84 5b90e26d 525f6cb2 d10e987a
4dc7309b 706e8901 eca22c15 9d172763 619067a7 ec2cf389 b73c6133 7630d9cd

The program seems to be working:

  • Since I am not specifying the provider name, the implementation of the DSA algorithm provided in the default security package was selected. Of course, Sun is the provider of the default security package.
  • The key pair generated from the generateKeyPair() method indeed has two keys, a private key and a public key.
  • The private key was written to a file using PKCS#8 format, and the public key was written to another file using X.509 format.

(Continued on next part...)

Part:   1  2   3  4 

Dr. Herong Yang, updated in 2006
JDK Tutorials - Herong's Tutorial Notes - JCA - Private and Public Key Pairs