Cryptography Tutorials - Herong's Tutorial Examples - v5.42, by Herong Yang
JceSecretKeyTest.java - Secret Key Test Program
This section provides a quick tutorial example on how to write a sample program to generate a secret key for Blowfish, DES, or HmacMD5 encryption, save the secret key to a file, and read it back.
The following sample program shows you how to generate a secret key, write it a file, and read it back.
/* JceSecretKeyTest.java * Copyright (c) HerongYang.com. All Rights Reserved. */ import java.io.*; import java.security.spec.*; import javax.crypto.*; import javax.crypto.spec.*; class JceSecretKeyTest { public static void main(String[] a) { if (a.length<3) { System.out.println("Usage:"); System.out.println("java JceSecretKeyTest keySize output" +" algorithm"); return; } int keySize = Integer.parseInt(a[0]); String output = a[1]; String algorithm = a[2]; // Blowfish, DES, DESede, HmacMD5 try { writeKey(keySize,output,algorithm); readKey(output,algorithm); } catch (Exception e) { System.out.println("Exception: "+e); return; } } private static void writeKey(int keySize, String output, String algorithm) throws Exception { KeyGenerator kg = KeyGenerator.getInstance(algorithm); kg.init(keySize); System.out.println(); System.out.println("KeyGenerator Object Info: "); System.out.println("Algorithm = "+kg.getAlgorithm()); System.out.println("Provider = "+kg.getProvider()); System.out.println("Key Size = "+keySize); System.out.println("toString = "+kg.toString()); SecretKey ky = kg.generateKey(); String fl = output+".key"; FileOutputStream fos = new FileOutputStream(fl); byte[] kb = ky.getEncoded(); fos.write(kb); fos.close(); System.out.println(); System.out.println("SecretKey Object Info: "); System.out.println("Algorithm = "+ky.getAlgorithm()); System.out.println("Saved File = "+fl); System.out.println("Size = "+kb.length); System.out.println("Format = "+ky.getFormat()); System.out.println("toString = "+ky.toString()); } private static void readKey(String input, String algorithm) throws Exception { String fl = input+".key"; FileInputStream fis = new FileInputStream(fl); int kl = fis.available(); byte[] kb = new byte[kl]; fis.read(kb); fis.close(); KeySpec ks = null; SecretKey ky = null; SecretKeyFactory kf = null; if (algorithm.equalsIgnoreCase("DES")) { ks = new DESKeySpec(kb); kf = SecretKeyFactory.getInstance("DES"); ky = kf.generateSecret(ks); } else if (algorithm.equalsIgnoreCase("DESede")) { ks = new DESedeKeySpec(kb); kf = SecretKeyFactory.getInstance("DESede"); ky = kf.generateSecret(ks); } else { ks = new SecretKeySpec(kb,algorithm); ky = new SecretKeySpec(kb,algorithm); } System.out.println(); System.out.println("KeySpec Object Info: "); System.out.println("Saved File = "+fl); System.out.println("Length = "+kb.length); System.out.println("toString = "+ks.toString()); System.out.println(); System.out.println("SecretKey Object Info: "); System.out.println("Algorithm = "+ky.getAlgorithm()); System.out.println("toString = "+ky.toString()); } }
Here is the result of my first test.
herong> javac JceSecretKeyTest.java herong> java JceSecretKeyTest 56 key1 Blowfish KeyGenerator Object Info: Algorithm = Blowfish Provider = SunJCE version 12 Key Size = 56 toString = javax.crypto.KeyGenerator@b09e89 SecretKey Object Info: Algorithm = Blowfish Saved File = key1.key Size = 7 Format = RAW toString = javax.crypto.spec.SecretKeySpec@2685016e KeySpec Object Info: Saved File = key1.key Length = 7 toString = javax.crypto.spec.SecretKeySpec@2685016e SecretKey Object Info: Algorithm = Blowfish toString = javax.crypto.spec.SecretKeySpec@2685016e
The program seems to be working:
In the second test, I wants to try DES algorithm:
herong> java JceSecretKeyTest 56 key2 DES KeyGenerator Object Info: Algorithm = DES Provider = SunJCE version 12 Key Size = 56 toString = javax.crypto.KeyGenerator@b09e89 SecretKey Object Info: Algorithm = DES Saved File = key2.key Size = 8 Format = RAW toString = com.sun.crypto.provider.DESKey@fffe7965 KeySpec Object Info: Saved File = key2.key Length = 8 toString = javax.crypto.spec.DESKeySpec@a401c2 SecretKey Object Info: Algorithm = DES toString = com.sun.crypto.provider.DESKey@fffe7965
Of course, you can continue testing with DESede and HmacMD5.
Table of Contents
Introduction to AES (Advanced Encryption Standard)
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
►Secret Key Generation and Management
javax.crypto.SecretKey - The Secret Key Interface
javax.crypto.KeyGenerator - Generating Secret Keys
Converting Secret Keys to and from Byte Arrays
►JceSecretKeyTest.java - Secret Key Test Program
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
Java Default Implementation of DSA
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"