JDK Tutorials - Herong's Tutorial Notes - JCE - Cipher

JDK Tutorials - Herong's Tutorial Notes

Dr. Herong Yang, Version 4.32, 2006

JCE - Cipher - Encryption and Decryption

Part: 1 2 3

JDK Tutorials - Herong's Tutorial Notes © Dr. Herong Yang

Internationalization

Character Set and Encoding

Socket Communication

Document Object Model (DOM)

XSD Validation in Java

XSL - Transformer in Java

JCA - Private and Public Key Pairs

JCE - Secret Key

SSL (Secure Socket Layer)

SSL - Client Authentication

... Table of Contents

(Continued from previous part...)

Converting Secret Keys to and from Byte Arrays

Converting a secret key to a byte array is supported by the SecretKey interface with the getEncoded() method. All secret key implementation classes use RAW the encoding format.

Converting a secret key from a byte array is not so easy. Two options are available:

Using the generic SecretKeySpec class to convert a byte array directly to a SecretKey object directly.
Using algorithm specific KeySpec implementations to convert a byte array to a KeySpec object first, then using SecretKeyFactory to convert a KeySpec object to a SecretKey object.

javax.crypto.spec.SecretKeySpec is a class represents a secret key in a generic fashion. It offers the following constructor and methods:

SecretKeySpec() - Convert a secret key from the specified byte array according to the specified algorithm and constructs a SecretKeySpec object based on the secret key.

getAlgorithm() - Returns the algorithm name used to generate the key.

getEncoded() - Returns the key as a byte array in its primary encoding format.

getFormat() - Returns the name of the primary encoding format of this key.

java.security.spec.KeySpec is an interface providing a grouping point for algorithm specific key specification implementations. There are two implementations for secret key algorithms:

javax.crypto.spec.DESKeySpec is a KeySpec implementation for DES algorithm. It offers DESKeySpec() to construct a KeySpec object from the specific byte array.

javax.crypto.spec.DESedeKeySpec is a KeySpec implementation for DESede algorithm. It offers DESedeKeySpec() to construct a KeySpec object from the specific byte array.

javax.crypto.spec.SecretKeyFactory is a class as a conversion tool between SecretKey objects and algorithm specific KeySpec objects. It offers the following methods:

getInstance() - Returns a SecretKeyFactory object of the specified algorithm and the specified security package provider. If not specified, the default security pacage provider will be used.

generateSecret() - Generates a SecretKey object from the specified KeySpec object, and returns it.

getKeySpec() - Converts a SecretKey object to a KeySpec object, and returns it.

getAlgorithm() - Returns the algorithm name of this object.

getProvider() - Returns the provider as a provider object of this object.

(Continued on next part...)

Part: 1 2 3

Dr. Herong Yang, updated in 2006

JDK Tutorials - Herong's Tutorial Notes - JCE - Cipher - Encryption and Decryption