Examples of java.security.spec.KeySpec

• java.security.spec.KeySpec
  A (transparent) specification of the key material that constitutes a cryptographic key.

  If the key is stored on a hardware device, its specification may contain information that helps identify the key on the device.

  A key may be specified in an algorithm-specific way, or in an algorithm-independent encoding format (such as ASN.1). For example, a DSA private key may be specified by its components x, p, q, and g (see {@link DSAPrivateKeySpec}), or it may be specified using its DER encoding (see {@link PKCS8EncodedKeySpec}).

  This interface contains no methods or constants. Its only purpose is to group (and provide type safety for) all key specifications. All key specifications must implement this interface. @author Jan Luehe @version 1.18, 11/17/05 @see java.security.Key @see java.security.KeyFactory @see EncodedKeySpec @see X509EncodedKeySpec @see PKCS8EncodedKeySpec @see DSAPrivateKeySpec @see DSAPublicKeySpec @since 1.2

        catch (Exception e)
        {
            fail("unexpected exception.", e);
        }

        KeySpec ks = null;
        SecretKey secKey = null;
        byte[] bb = new byte[24];

        try
        {
            skF.getKeySpec(null, null);

            fail("failed exception test - no exception thrown");
        }
        catch (InvalidKeySpecException e)
        {
            // ignore okay
        }
        catch (Exception e)
        {
            fail("failed exception test.", e);
        }
        try
        {
            ks = (KeySpec)new DESedeKeySpec(bb);
            skF.getKeySpec(null, ks.getClass());

            fail("failed exception test - no exception thrown");
        }
        catch (InvalidKeySpecException e)
        {

    {
        int         keyType = dIn.read();
        String      format = dIn.readUTF();
        String      algorithm = dIn.readUTF();
        byte[]      enc = new byte[dIn.readInt()];
        KeySpec     spec;

        dIn.readFully(enc);

        if (format.equals("PKCS#8") || format.equals("PKCS8"))
        {

        if (!DEFSupported) {
            fail(NotSupportMsg);
            return;
        }
        byte[] bb = new byte[24];
        KeySpec ks = (defaultAlgorithm.equals(defaultAlgorithm2) ? (KeySpec)new DESKeySpec(bb) :
            (KeySpec)new DESedeKeySpec(bb));
        KeySpec rks = null;
        SecretKeySpec secKeySpec = new SecretKeySpec(bb, defaultAlgorithm);
        SecretKey secKey = null;
        SecretKeyFactory[] skF = createSKFac();
        assertNotNull("SecretKeyFactory object were not created", skF);
        for (int i = 0; i < skF.length; i++) {

        KeyPair keys = keyGen.generateKeyPair();
        if (keepalive != null) {
          keepalive.interrupt();
        }

        KeySpec privateKeySpec = fact.getKeySpec(keys.getPrivate(),
            getPrivateKeySpecClass(keyfactAlgs[i]));
        PrivateKey privateKey = fact.generatePrivate(privateKeySpec);
        boolean samePrivate = Arrays.equals(keys.getPrivate()
            .getEncoded(), privateKey.getEncoded());
        assertTrue(

        KeepAlive keepalive = createKeepAlive(keyfactAlgs[i]);
        KeyPair keys = keyGen.generateKeyPair();
        if (keepalive != null) {
          keepalive.interrupt();
        }
        KeySpec publicKeySpec = fact.getKeySpec(keys.getPublic(),
            getPublicKeySpecClass(keyfactAlgs[i]));
        PublicKey publicKey = fact.generatePublic(publicKeySpec);
        boolean samePublic = Arrays.equals(keys.getPublic()
            .getEncoded(), publicKey.getEncoded());
        assertTrue(

        KeepAlive keepalive = createKeepAlive(keyfactAlgs[i]);
        KeyPair keys = keyGen.generateKeyPair();
        if (keepalive != null) {
          keepalive.interrupt();
        }
        KeySpec privateKeySpec = fact.getKeySpec(keys.getPrivate(),
            getPrivateKeySpecClass(keyfactAlgs[i]));
        KeySpec publicKeySpec = fact.getKeySpec(keys.getPublic(),
            getPublicKeySpecClass(keyfactAlgs[i]));
        PrivateKey privateKey = fact.generatePrivate(privateKeySpec);
        PublicKey publicKey = fact.generatePublic(publicKeySpec);
        boolean samePublic = Arrays.equals(keys.getPublic()
            .getEncoded(), publicKey.getEncoded());
        boolean samePrivate = Arrays.equals(keys.getPrivate()
            .getEncoded(), privateKey.getEncoded());
        assertTrue(
            "generatePrivate generated different key for algorithm "
                + keyfactAlgs[i], samePrivate);
        assertTrue(
            "generatePublic generated different key for algorithm "
                + keyfactAlgs[i], samePublic);
        KeySpec encodedSpec = fact.getKeySpec(keys.getPublic(),
            X509EncodedKeySpec.class);
        assertTrue("improper key spec for encoded public key",
            encodedSpec.getClass().equals(X509EncodedKeySpec.class));
        encodedSpec = fact.getKeySpec(keys.getPrivate(),
            PKCS8EncodedKeySpec.class);
        assertTrue("improper key spec for encoded private key",
            encodedSpec.getClass()
                .equals(PKCS8EncodedKeySpec.class));
      } catch (NoSuchAlgorithmException e) {
        fail("getInstance did not find algorithm " + keyfactAlgs[i]);
      } catch (NoSuchProviderException e) {
        fail("getInstance did not find provider " + providerName);

    }

    private static PublicKey getPublicKey()
            throws InvalidKeySpecException, NoSuchAlgorithmException {
        KeyFactory kf = KeyFactory.getInstance("DSA");
        KeySpec kspec = new DSAPublicKeySpec(new BigInteger(DSA_Y),
                        new BigInteger(DSA_P),
                        new BigInteger(DSA_Q),
                        new BigInteger(DSA_G));
        return kf.generatePublic(kspec);
    }

  /* =============================================================== */
  private void Initialise(String passPhrase) {
    try {
      // Create the key
      KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), this.salt, this.iterationCount);
      SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
      this.ecipher = Cipher.getInstance(key.getAlgorithm());
      this.dcipher = Cipher.getInstance(key.getAlgorithm());
      // Prepare the parameter to the ciphers
      AlgorithmParameterSpec paramSpec = new PBEParameterSpec(this.salt, this.iterationCount);

        char[] passwordChars = password.toString(Charset.forName( "utf8" ) ).toCharArray();

        byte[] saltBytes = new byte[ salt.readableBytes() ];
        salt.readBytes( saltBytes );

        KeySpec keySpec = new PBEKeySpec( passwordChars, saltBytes, iterations, keyLen * 8 );

        SecretKey secretKey = factory.generateSecret(keySpec);

        byte[] keyBytes = secretKey.getEncoded();
        return Unpooled.copiedBuffer( keyBytes );

    if (saltValue == null || saltValue.length() == 0)
      throw new ManifoldCFException("Missing required SALT value");

    SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
    KeySpec keySpec = new PBEKeySpec(passCode.toCharArray(), saltValue.getBytes(), 1024, 128);
    SecretKey secretKey = factory.generateSecret(keySpec);

    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    SecretKeySpec key = new SecretKeySpec(secretKey.getEncoded(), "AES");
    IvParameterSpec parameterSpec = new IvParameterSpec(iv);