Digital Edition

Frank's Java Code Stack #3 Working with KeyPair
Frank's Java Code Stack #3 Working with KeyPair

In Java Code Stack #1, we developed a Cipher class and used Secret Key Engine for building an encryption algorithm. As a reader pointed out, encryption using Public/Private key pair is the most widely used standard Java Cryptography Implementation. (Note: Secret Key is part of JCE and not a standard Java Security Implementation). So, let us build a class, which generates Public Key/Private Key Pair and uses its Private Key to digitally sign an Object and later verify the Object with a Public Key. We can sign any object whose class implements Serializable Interface. For simplicity, I'm using a String Object. I take this an opportunity to introduce SignedObject class for creating authentic Runtime Objects, which are crucial for secure applications.


1. import*;
2. import*;
3. import*;
4. import java.math.*;

5. public class encKeys{
6. public static void main
7. (String ar[])throws Exception{
8. /* We need a Private and Public Key */
9 . PublicKey publicKey = null;
10. PrivateKey privateKey = null;
11. try {
12. /* Let us Generate a 1024-bit DSA key pair */
13. KeyPairGenerator keyGen =
14. KeyPairGenerator.getInstance("DSA");
15. keyGen.initialize(1024);
16. KeyPair keypair =
17. keyGen.genKeyPair();
18. privateKey = keypair.getPrivate();
19. publicKey = keypair.getPublic();
21. /* Saving my Public Key */
22. FileOutputStream fos=
23. new FileOutputStream("MyPublicKey");
24. ObjectOutputStream oos=
25. new ObjectOutputStream(fos);
26. Class al=Class.forName
27. ("");
29. KeyFactory kf=
30. KeyFactory.getInstance("DSA");
31. DSAPublicKeySpec ks=
32. (DSAPublicKeySpec)
33. kf.getKeySpec(publicKey,al);
35. /* Writing the Public Key
36. P->Prime, Q->Sub Prime
37. G->Base, Y->Public key param */
38. oos.writeObject(ks.getY());
39. oos.writeObject(ks.getP());
40. oos.writeObject(ks.getQ());
41. oos.writeObject(ks.getG());
42. fos.close();
44. } catch(NoSuchAlgorithmException e){
45. }
47. /* Signing a String Object with
48. our Private Key */
49. SignedObject so = null;
50. try {
51. String test=new String("Original");
53. Signature sig =
54. Signature.getInstance
55. (privateKey.getAlgorithm());
56. so = new SignedObject
57. (test, privateKey, sig);
58. } catch (Exception e) {}
60. /* Verify the Object authenticity */
61. try {
62. /* Read the Public Key from file */
63. FileInputStream fis=
64. new FileInputStream
65. ("MyPublicKey");
66. ObjectInputStream ois=
67. new ObjectInputStream(fis);
69. /* Read Y,P,Q,G Params */
70. DSAPublicKeySpec ks=
71. new DSAPublicKeySpec(
72. (BigInteger) ois.readObject(),
73. (BigInteger) ois.readObject(),
74. (BigInteger) ois.readObject(),
75. (BigInteger) ois.readObject());
77. /* Generate the Public Key */
78. KeyFactory kf=
79. KeyFactory.getInstance("DSA");
80. PublicKey pk=
81. kf.generatePublic(ks);
83. fis.close();
85. /* Verify the Object signature */
86. Signature sig = Signature.getInstance
87. (publicKey.getAlgorithm());
88. boolean done = so.verify(pk, sig);
90. if(done){
91. System.out.println("Object verified!
92. "+(String)so.getObject());
93. }
94. } catch (Exception e) {}
95. }}

A SignedObject contains a serializable Object and its signature. The signed object is a "deep copy" of the original object. So, change in the original object has no effect on the copy, thus protecting the integrity of the object.

Try generating Key Object from a set of DSA Parameters.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Informative...But want to know if any other algorithm uses IV while writing Encrypted text. And what about the Export restriction for these APIs?

Subscribe to the World's Most Powerful Newsletters


As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
The standardization of container runtimes and images has sparked the creation of an almost overwhelm...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will ...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
@DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novem...
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based ...
DXWorldEXPO LLC announced today that Dez Blanchfield joined the faculty of CloudEXPO's "10-Year Anni...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO an...
"We started a Master of Science in business analytics - that's the hot topic. We serve the business ...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterpris...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectur...
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its ...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to ...
"NetApp is known as a data management leader but we do a lot more than just data management on-prem ...
We call it DevOps but much of the time there’s a lot more discussion about the needs and concerns of...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...