Home.... | log in.... | Pub my question! | Sign-up....

Assymetric cipher

I need to be able to generate a public/private key pair to use for encryption and decryption. I also need to be able to store these keys in files.

I have tried using Cryptix JCE to generate RSA keys, but I can't figure out how to retrieve the private key in a file. Can anyone help me out?

If someone has a suggestion other that Cryptix, let me know.

Thanks in advance.

Liz

[412 byte] By [LizD] at [2007-9-26 2:38:59]

«« Editable Table Header
»» Problems With Classpath(Linux) -Very Frustrated-

# 1

The Wrox press book "Professional Java Security" from Garms and Somerfield has some samples. The code is at http://www.wrox.com/Books/Book_down.asp?sub_section=1&isbn=1861004257&subject=Java&subject_id=13

Click the paragraph (one big link) to download. It's a good book -- I recommend it.

If you simply want to store raw keys to files, you can always just write the byte[] returned by key.getEncoded() to a file. Be aware, however, that you must restrict who has read access to that file for the private key. The book gives an example of how to do this securely.

Also, check out www.bouncycastle.org for another open source JCE provider.

HTH,

Matthew

adamsmt at 2007-6-29 10:10:42 >

top of Java-index,Security,Cryptography...

# 2

Thanks.

I have tried writing the keys out like this:

Privatekey priv = keypair.getprivate();

byte [] keyTemp = priv.getEncoded();

FileOutputStream out = new FileOutputStream("private.prk");

out.write(keyTemp);

out.close();

But how do I read it back in?

Liz

LizD at 2007-6-29 10:10:42 >

# 3

you can serialize the key output and read it back in thru ObjectInputStream casting it to PrivateKey--see below.inkey = new ObjectInputStream(new FileInputStream(pubKeyfile));prvKey = (PrivateKey)inkey.readObject(); hope this helps.

mbongcojr at 2007-6-29 10:10:42 >

# 4

If I try writing the key to file using byte [] keyTemp = priv.getEncoded();

FileOutputStream out = new FileOutputStream("private.prk");

out.write(keyTemp);

out.close();

I can't read it in using, ObjectInputStream in = new ObjectInputStream(new FileInputStream(keyname));

PrivateKey privateKey =(PrivateKey)in.readObject();

in.close();

Here I get a "java.io.StreamCorruptedException: InputStream does not contain a serialized object"

exception.

I also tried wrting the key to a file using PrivateKey priv = keypair.getPrivate();

ObjectOutputStream out = new ObjectOutputStream(new FileOutputStream("private.prk"));

out.writeObject(priv);

I can read it in with the above code without getting an exception, but when I try to use it to decrypt or anything, I get a Null Pointer Exception. The key returned from the file is not null, I've check many, many times.

The thing is, this method works fine for the public key. Only the private key causes problems. Please help.

Liz

LizD at 2007-6-29 10:10:42 >

# 5

I got the answer by using the book mentioned above. Ended up switching to Bouncy Castle though.Thanks

LizD at 2007-6-29 10:10:42 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

Assymetric cipher

Security New Topic

Security Hot Topic

Security

All Classified