Digital Edition

SYS-CON.TV
Frank's Java Code Stack #3 Working with KeyPair
Frank's Java Code Stack #3 Working with KeyPair

In Java Code Stack #1, we developed a Cipher class and used Secret Key Engine for building an encryption algorithm. As a reader pointed out, encryption using Public/Private key pair is the most widely used standard Java Cryptography Implementation. (Note: Secret Key is part of JCE and not a standard Java Security Implementation). So, let us build a class, which generates Public Key/Private Key Pair and uses its Private Key to digitally sign an Object and later verify the Object with a Public Key. We can sign any object whose class implements Serializable Interface. For simplicity, I'm using a String Object. I take this an opportunity to introduce SignedObject class for creating authentic Runtime Objects, which are crucial for secure applications.

Code:

1. import java.security.*;
2. import java.security.spec.*;
3. import java.io.*;
4. import java.math.*;

5. public class encKeys{
6. public static void main
7. (String ar[])throws Exception{
8. /* We need a Private and Public Key */
9 . PublicKey publicKey = null;
10. PrivateKey privateKey = null;
11. try {
12. /* Let us Generate a 1024-bit DSA key pair */
13. KeyPairGenerator keyGen =
14. KeyPairGenerator.getInstance("DSA");
15. keyGen.initialize(1024);
16. KeyPair keypair =
17. keyGen.genKeyPair();
18. privateKey = keypair.getPrivate();
19. publicKey = keypair.getPublic();
20.
21. /* Saving my Public Key */
22. FileOutputStream fos=
23. new FileOutputStream("MyPublicKey");
24. ObjectOutputStream oos=
25. new ObjectOutputStream(fos);
26. Class al=Class.forName
27. ("java.security.spec.DSAPublicKeySpec");
28.
29. KeyFactory kf=
30. KeyFactory.getInstance("DSA");
31. DSAPublicKeySpec ks=
32. (DSAPublicKeySpec)
33. kf.getKeySpec(publicKey,al);
34.
35. /* Writing the Public Key
36. P->Prime, Q->Sub Prime
37. G->Base, Y->Public key param */
38. oos.writeObject(ks.getY());
39. oos.writeObject(ks.getP());
40. oos.writeObject(ks.getQ());
41. oos.writeObject(ks.getG());
42. fos.close();
43.
44. } catch(NoSuchAlgorithmException e){
45. }
46.
47. /* Signing a String Object with
48. our Private Key */
49. SignedObject so = null;
50. try {
51. String test=new String("Original");
52.
53. Signature sig =
54. Signature.getInstance
55. (privateKey.getAlgorithm());
56. so = new SignedObject
57. (test, privateKey, sig);
58. } catch (Exception e) {}
59.
60. /* Verify the Object authenticity */
61. try {
62. /* Read the Public Key from file */
63. FileInputStream fis=
64. new FileInputStream
65. ("MyPublicKey");
66. ObjectInputStream ois=
67. new ObjectInputStream(fis);
68.
69. /* Read Y,P,Q,G Params */
70. DSAPublicKeySpec ks=
71. new DSAPublicKeySpec(
72. (BigInteger) ois.readObject(),
73. (BigInteger) ois.readObject(),
74. (BigInteger) ois.readObject(),
75. (BigInteger) ois.readObject());
76.
77. /* Generate the Public Key */
78. KeyFactory kf=
79. KeyFactory.getInstance("DSA");
80. PublicKey pk=
81. kf.generatePublic(ks);
82.
83. fis.close();
84.
85. /* Verify the Object signature */
86. Signature sig = Signature.getInstance
87. (publicKey.getAlgorithm());
88. boolean done = so.verify(pk, sig);
89.
90. if(done){
91. System.out.println("Object verified!
92. "+(String)so.getObject());
93. }
94. } catch (Exception e) {}
95. }}

A SignedObject contains a serializable Object and its signature. The signed object is a "deep copy" of the original object. So, change in the original object has no effect on the copy, thus protecting the integrity of the object.

Assignment:
Try generating Key Object from a set of DSA Parameters.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Informative...But want to know if any other algorithm uses IV while writing Encrypted text. And what about the Export restriction for these APIs?




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

A valuable conference experience generates new contacts, sales leads, potential strategic partners a...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, ...
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st I...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22n...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT...
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by Fi...
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...