Digital Edition

SYS-CON.TV
Frank's Java Code Stack #3 Working with KeyPair
Frank's Java Code Stack #3 Working with KeyPair

In Java Code Stack #1, we developed a Cipher class and used Secret Key Engine for building an encryption algorithm. As a reader pointed out, encryption using Public/Private key pair is the most widely used standard Java Cryptography Implementation. (Note: Secret Key is part of JCE and not a standard Java Security Implementation). So, let us build a class, which generates Public Key/Private Key Pair and uses its Private Key to digitally sign an Object and later verify the Object with a Public Key. We can sign any object whose class implements Serializable Interface. For simplicity, I'm using a String Object. I take this an opportunity to introduce SignedObject class for creating authentic Runtime Objects, which are crucial for secure applications.

Code:

1. import java.security.*;
2. import java.security.spec.*;
3. import java.io.*;
4. import java.math.*;

5. public class encKeys{
6. public static void main
7. (String ar[])throws Exception{
8. /* We need a Private and Public Key */
9 . PublicKey publicKey = null;
10. PrivateKey privateKey = null;
11. try {
12. /* Let us Generate a 1024-bit DSA key pair */
13. KeyPairGenerator keyGen =
14. KeyPairGenerator.getInstance("DSA");
15. keyGen.initialize(1024);
16. KeyPair keypair =
17. keyGen.genKeyPair();
18. privateKey = keypair.getPrivate();
19. publicKey = keypair.getPublic();
20.
21. /* Saving my Public Key */
22. FileOutputStream fos=
23. new FileOutputStream("MyPublicKey");
24. ObjectOutputStream oos=
25. new ObjectOutputStream(fos);
26. Class al=Class.forName
27. ("java.security.spec.DSAPublicKeySpec");
28.
29. KeyFactory kf=
30. KeyFactory.getInstance("DSA");
31. DSAPublicKeySpec ks=
32. (DSAPublicKeySpec)
33. kf.getKeySpec(publicKey,al);
34.
35. /* Writing the Public Key
36. P->Prime, Q->Sub Prime
37. G->Base, Y->Public key param */
38. oos.writeObject(ks.getY());
39. oos.writeObject(ks.getP());
40. oos.writeObject(ks.getQ());
41. oos.writeObject(ks.getG());
42. fos.close();
43.
44. } catch(NoSuchAlgorithmException e){
45. }
46.
47. /* Signing a String Object with
48. our Private Key */
49. SignedObject so = null;
50. try {
51. String test=new String("Original");
52.
53. Signature sig =
54. Signature.getInstance
55. (privateKey.getAlgorithm());
56. so = new SignedObject
57. (test, privateKey, sig);
58. } catch (Exception e) {}
59.
60. /* Verify the Object authenticity */
61. try {
62. /* Read the Public Key from file */
63. FileInputStream fis=
64. new FileInputStream
65. ("MyPublicKey");
66. ObjectInputStream ois=
67. new ObjectInputStream(fis);
68.
69. /* Read Y,P,Q,G Params */
70. DSAPublicKeySpec ks=
71. new DSAPublicKeySpec(
72. (BigInteger) ois.readObject(),
73. (BigInteger) ois.readObject(),
74. (BigInteger) ois.readObject(),
75. (BigInteger) ois.readObject());
76.
77. /* Generate the Public Key */
78. KeyFactory kf=
79. KeyFactory.getInstance("DSA");
80. PublicKey pk=
81. kf.generatePublic(ks);
82.
83. fis.close();
84.
85. /* Verify the Object signature */
86. Signature sig = Signature.getInstance
87. (publicKey.getAlgorithm());
88. boolean done = so.verify(pk, sig);
89.
90. if(done){
91. System.out.println("Object verified!
92. "+(String)so.getObject());
93. }
94. } catch (Exception e) {}
95. }}

A SignedObject contains a serializable Object and its signature. The signed object is a "deep copy" of the original object. So, change in the original object has no effect on the copy, thus protecting the integrity of the object.

Assignment:
Try generating Key Object from a set of DSA Parameters.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Informative...But want to know if any other algorithm uses IV while writing Encrypted text. And what about the Export restriction for these APIs?




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

Technological progress can be expressed as layers of abstraction - higher layers are built on top of...
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical ...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience w...
NanoVMs is the only production ready unikernel infrastructure solution on the market today. Unikerne...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the m...
SUSE is a German-based, multinational, open-source software company that develops and sells Linux pr...
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are rep...
When building large, cloud-based applications that operate at a high scale, it’s important to mainta...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, disc...
Big Switch's mission is to disrupt the status quo of networking with order of magnitude improvements...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism...
Dynatrace is an application performance management software company with products for the informatio...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
All in Mobile is a mobile app agency that helps enterprise companies and next generation startups bu...
Yottabyte is a software-defined data center (SDDC) company headquartered in Bloomfield Township, Oak...
Serveless Architectures brings the ability to independently scale, deploy and heal based on workload...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it wil...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the c...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...