Networking with Java Carl Gunter ( gunter@cis ) Arvind Easwaran ( arvinde@saul ) Michael May ( mjmay@saul )

Networking with Java

Carl Gunter ( gunter@cis )

Arvind Easwaran ( arvinde@saul )

Michael May ( mjmay@saul )

Basics OOP, I/O, Exceptions

Threads Sockets

Connection oriented Connectionless

Cryptography API Security API JCA (JCE)

Topics

Java Basics

Data encapsulation Inheritance

Simple Multiple

Polymorphism Parametric Sub type

Information hiding Objects and Classes

OOP

Objects and Classes Class Abstract entity

representing structure Consists of declarations/definitions for

variables and methods Object Instance of a class

Consists of actual data and methods that operate on them

Many instances of the same class The real data structure on which

operations are performed

Java Classes

Java programs are a collection of class declarations

One class in each file with the file having the same name as the class

Each class defines a collection of data and function members

Object in Java – A Class ! All classes in Java are descendants

of the class Object Class descendency

Trace back through the inheritance chain

All chains lead to the class Object Object class is default inheritance

when not specified

Java Package

Archival of portable objects for reuse Similar to a “library” Steps for making/using a package

Make an object “public” Add “package” statement to object definition Compile object source code (compiler will store

compiled code according to package statement)

Import object into other code via “import” statement

Packages Methods are grouped within classes A class is declared to be part of a package using the package

keyword Classes are imported using the import keyword

package srd.math;

public class ComplexNumber{ private double m_dReal; private double m_dImag;

// constructors public ComplexNumber(double dR, double dI){ m_dReal = dR; m_dImag = dI; }

Class and MethodAccess Control Modifiers

Access ControlModifier

Class or InterfaceAccessibility

Member (Field or Method)Accessibility

Public All All if class or interface isaccessible; interface membersalways public

Protected N/A Same package OR subclass

“default”(Package private)

Same package Same package

Private N/A Only same class (notsubclass)

Constructors

A method for creating an instance of a class Same name as class it is contained in “NO” return type or return values Instance variable initialization can be done here At least one public constructor in every class Constructors (and all methods) can be

overloaded Default constructor is always a “no argument” No default constructor is provided if the

programmer supplies at least one

Constants using Final

NO change in value through the lifetime of the variable

Similar to the const keyword in C Variables declared with final

Can be initialized in a constructor, but must be assigned a value in every constructor of the class

Building Composite Objects

Objects with objects as instance variables

Building up complex classes is good object oriented design Reuse of existing classes To detect bugs incrementally Debugging with test drivers as

classes are developed

Symbolic Constants No global constants in Java Static members of a class give similar

functionality Examples:

public final static float PI = 3.1415926;where “final indicates this value cannot be altered

Static variable identifier can be a class if PI definition above is contained in class

Math, it can be referenced as Math.PI

Static Initializers Sometimes a static data member needs to be initialized too

class BankAccount{ static private int m_nNextAccountNumber = 100001;}

Sometimes initialization requires more steps

class TelephoneConnection{ static final int m_nNUMBERCHANNELS = 64; static Channel[] m_channel;}

Java provides a special construct for this purpose

class TelephoneConnection{ static final int m_nNUMBERCHANNELS = 64; static Channel[] m_channel;

static{ for (int i = 0; i < m_nNUMBERCHANNELS; i++){ m_channel[i] = new Channel(i); } } }

Class extension - Inheritance Classes can be defined as extensions

(subclasses) of already-defined classes Inherits methods,variables from the parent May contain additional attribute fields May provide additional functionality by

providing new methods May provide replacement functionality by

overriding methods in the superclass Often, a subclass constructor executes the

parent constructor by invoking super(…)

Overloading methods void fn(TV mytv, Radio myradio){ mytv.ChangeChannel(); // tune the TV myradio.ChangeChannel(); // tune the radio } Current class assumed when no qualification Overloading based on different types of arguments

double fn(BankAccount baMyAccount){ baMyAccount.Rate(8.0); // sets the rate return baMyAccount.Rate(); // queries the rate }

No overloading based on return value

this keyword A class declaration is like a template for

making objects The code is shared by all objects of the

class Each object has its own values for the data

members The object itself is an implicit parameter

to each method In the class declarations, one can use

the keyword “this” to refer to the object itself explicitly

Java I/O - Streams All modern I/O is stream-based A stream is a connection to a source

of data or to a destination for data (sometimes both)

Different streams have different characteristics A file has a definite length, and

therefore an end Keyboard input has no specific end

How to do I/O

import java.io.*;

Open the stream Use the stream (read, write, or

both) Close the stream

Why Java I/O is hard

Java I/O is very powerful, with an overwhelming number of options

Any given kind of I/O is not particularly difficult Buffered Formatted etc

The trick is to find your way through the maze of possibilities

It’s all about picking the right one

Opening a stream When you open a stream, you are

making a connection to an external entity

The entity to which you wish to write data to or read data from

Streams encapsulate complexity of external entity

Streams also provide flexibility in usage of data – Different types

Example - Opening a stream

A FileReader is a used to connect to a file that will be used for input FileReader fileReader =

new FileReader(fileName); The fileName specifies where the

(external) file is to be found You never use fileName again;

instead, you use fileReader

Using a stream

Some streams can be used only for input, others only for output, still others for both

Using a stream means doing input from it or output to it

But it’s not usually that simple One needs to manipulate the data in

some way as it comes in or goes out

Example of using a stream int ch;

ch = fileReader.read( ); The fileReader.read() method reads one

character and returns it as an integer, or -1 if there are no more characters to read (EOF)

The meaning of the integer depends on the file encoding (ASCII, Unicode, other)

Closing A stream is an expensive resource There is a limit on the number of streams

that you can have open at one time You should not have more than one

stream open on the same file You must close a stream before you can

open it again Always close your streams!

Serialization

You can also read and write objects to files

Object I/O goes by the awkward name of serialization

Serialization can be very difficult objects may contain references to other

objects Java makes serialization (almost) easy

Conditions for serializability

If an object is to be serialized The class must be declared as public Class must implement Serializable The class must have a no-argument

constructor All fields of the class must be

serializable Either primitive types or serializable

objects

Exceptions Historically, programs would provide a

message and halt on errors Hardly acceptable in today’s interactive

environment In Java, methods “throw” exceptions

when such errors occur Method which invoked the method

encountering the error can either “catch” the exception, or pass it up the heirarchy

General exception handling

If you write code including methods from which an exception may be thrown, here is an outline of what to dotry

{ < suspect code > }catch (Exception e) { < action to take > }

Exception Example package srd.math;

import java.lang.Exception;

public class ComplexNumber{ // ... other data and methods as before

// division operator written to use exceptions public ComplexNumber Divide(double d) throws Exception{ if (d == 0.0){ throw new Exception("Divide by zero in ComplexNumber.divide"); } return new ComplexNumber(m_dReal / d, m_dImag / d); }}

Java Threads

Multitasking v/s Multithreading

Multitasking refers to a computer's ability to perform multiple jobs concurrently

A thread is a single sequence of execution within a program

Multithreading refers to multiple threads of control within a single program each program can run multiple threads of

control within it

Threads - Need

To maintain responsiveness of an application during a long running task

To enable cancellation of separable tasks

Some problems are intrinsically parallel

Some APIs and systems demand it Swings Animation

Example - Animation

Suppose you set up Buttons and attach Listeners to those buttons

Then your code goes into a loop doing the animation

Who’s listening ? Not this code; it’s busy doing the

animation sleep(ms) doesn’t help!

Application Thread

When we execute an application The JVM creates a Thread object

whose task is defined by the main() method

It starts the thread The thread executes the statements

of the program one by one until the method returns and the thread dies

Multiple Threads Each thread has its private run-time stack If two threads execute the same method,

each will have its own copy of the local variables the methods uses

All threads see the same dynamic memory, heap

Two different threads can act on the same object and same static fields concurrently Race conditions Deadlocks

Creating Threads

There are two ways to create our own Thread object

1. Sub classing the Thread class and instantiating a new object of that class

2. Implementing the Runnable interface In both cases the run() method

should be implemented

Example – Sub classpublic class ThreadExample extends Thread {

public void run () {

for (int i = 1; i <= 100; i++) {

System.out.println(“Thread: ” + i);

} } }

Thread Methods

void start() Creates new thread and makes it runnable This method can be called only once

void run() The new thread begins its life inside this

method

void stop() The thread is being terminated

Thread Methods (Continued)

yield() Causes currently executing thread object to

temporarily pause and allow other threads to execute

Allows only threads of the same priority to run

sleep(int m)/sleep(int m,int n)   The thread sleeps for m milliseconds, plus n

nanoseconds

Example - Implementing Runnable

public class RunnableExample implements Runnable {

public void run () {

for (int i = 1; i <= 100; i++) {

System.out.println (“Runnable: ” + i);

} } }

Why two mechanisms ?

Java supports simple inheritance A class can have only one super

class But it can implement many

interfaces Allows threads to run , regardless

of inheritanceExample – an applet that is also a thread

Starting the Threads

public class ThreadsStartExample {

public static void main (String argv[]) {

new ThreadExample ().start ();

new Thread(new RunnableExample ()).start ();

} }

Scheduling Threads

I/O operation completes

start()

Currently executedthread

Ready queue

Newly createdthreads

Alive

Thread State Diagram

New Thread Dead Thread

Running

Runnable

new ThreadExample();

run() method returns

while (…) { … }

Blocked Object.wait()Thread.sleep()blocking IO callwaiting on a monitor

thread.start();

Example

public class PrintThread1 extends Thread {

String name;

public PrintThread1(String name) {

this.name = name; }

public void run() {

for (int i=1; i<500 ; i++) {

try {

sleep((long)(Math.random() * 100));

} catch (InterruptedException ie) { }

System.out.print(name); } }

Example (cont)

public static void main(String args[]) {

PrintThread1 a = new PrintThread1("*");

PrintThread1 b = new PrintThread1("-");

PrintThread1 c = new PrintThread1("=");

a.start();

b.start();

c.start();

} }

Scheduling

Thread scheduling is the mechanism used to determine how runnable threads are allocated CPU time

Priority is taken into consideration Thread-scheduling mechanisms

preemptive or nonpreemptive

Preemptive Scheduling Preemptive scheduling

Scheduler preempts a running thread to allow different threads to execute

Nonpreemptive scheduling Scheduler never interrupts a running thread

The nonpreemptive scheduler relies on the running thread to yield control of the CPU so that other threads may execute

Java Scheduling Scheduler is preemptive and based on priority

of threads Uses fixed-priority scheduling

Threads are scheduled according to their priority w.r.t. other threads in the ready queue

The highest priority runnable thread is always selected for execution

When multiple threads have equally high priorities, only one of those threads is guaranteed to be executing

Java threads are guaranteed to be preemptive but not time sliced

Thread Priority Every thread has a priority When a thread is created, it inherits

the priority of the thread that created it

The priority values range from 1 to 10, in increasing priority

The priority can be adjusted using setPriority() and getPriority() methods

Pre defined priority constants MIN_PRIORITY=1 MAX_PRIORITY=10 NORM_PRIORITY=5

ThreadGroup

The ThreadGroup class is used to create groups of similar threads. Why is this needed?

“Thread groups are best viewed as an unsuccessful experiment, and you may simply ignore their existence.”

Joshua Bloch, software architect at Sun

Race Condition

Race conditions Outcome of a program is affected by the

order in which the program's threads are allocated CPU time

Two threads are simultaneously modifying a single object

Both threads “race” to store their value Outcome depends on which one wins the

“race”

Monitors Each object has a “monitor” that is a

token used to determine which application thread has control of a particular object instance

In execution of a synchronized method (or block), access to the object monitor must be gained before the execution Synchronized method – Method that executes

critical section Access to the object monitor is queued This avoids “Race Conditions”

Example

public class BankAccount {

private float balance;

public synchronized void deposit(float amount) {

balance += amount;} public synchronized void withdraw(float

amount) { balance -= amount;} }

Static Synchronized Methods

Marking a static method as synchronized, associates a monitor with the class itself

The execution of synchronized static methods of the same class is mutually exclusive. Why?

Example

public class PrintThread2 extends Thread {

String name;

public PrintThread2(String name) {

this.name = name; }

public static synchronized void print(String name) {

for (int i=1; i<500 ; i++) {

try {

Thread.sleep((long)(Math.random() * 100));

} catch (InterruptedException ie) { }

System.out.print(str); } }

Example (cont)

public void run() {

print(name); }

public static void main(String args[]) {

PrintThread2 a = new PrintThread2("*“);

PrintThread2 b = new PrintThread2("-“);

PrintThread2 c = new PrintThread2("=“);

a.start();

b.start();

c.start(); } }

Synchronized Statements A monitor can be assigned to a block It can be used to monitor access to a data

element that is not an object, e.g., array Example:

void arrayShift(byte[] array, int count) {

synchronized(array) {

System.arraycopy (array, count,array,

0, array.size - count); } }

The wait() Method The wait() method is part of the

java.lang.Object interface It requires a lock on the object’s

monitor to execute It must be called from a

synchronized method, or from a synchronized segment of code Why?

The wait() Method

wait() causes the current thread to wait until another thread invokes the notify() method or the notifyAll() method for this object

Upon call for wait(), the thread releases ownership of this monitor and waits until another thread notifies the waiting threads of the object

The wait() Method

wait() is also similar to yield() Both take the current thread off the

execution stack and force it to be rescheduled

However, wait() is not automatically put back into the scheduler queue notify() must be called in order to get a

thread back into the scheduler’s queue

Things Thread should NOT do

The Thread controls its own destiny Deprecated methods

myThread.stop( ) myThread.suspend( ) myThread.resume( )

Outside control turned out to be a Bad Idea

Don’t do this!

Controlling another Thread

Don’t use the deprecated methods! Instead, put a request where the

other Thread can find it boolean okToRun = true;

animation.start( ); public void run( ) {

while (controller.okToRun) {…}

Java Sockets

Why Java Sockets ?

Why use sockets to communicate with remote objects when RMI is available? To communicate with non-java objects and

programs Not all software on networks is written in Java

To communicate as efficiently as possible Convenience of RPC and RMI extract a price in

the form of processing overhead  A well-designed socket interface between

programs can outperform them       

What Is a Socket ? Server side

Server has a socket bound to a specific port number The server just waits, listening to the socket for a client to make a

connection request If everything goes well, the server accepts the connection Upon acceptance, the server gets a new socket bound to a

different port Client-side

The client knows the hostname of the machine on which the server is running and the port number to which the server is connected

To make a connection request, the client tries to rendezvous with the server on the server's machine and port

if the connection is accepted, a socket is successfully created and the client can use the socket to communicate with the server

The client and server can now communicate by writing to or reading from their sockets.  

Socket Communication There are two forms of socket communication, connection

oriented and connectionless TCP (Transmission Control Protocol)

TCP is a connection oriented, transport layer protocol that works on top of IP

Provides a permanent connection oriented virtual circuit Circuit has to be established before data transfer can

begin The client will send out a send a number of initialization

packets to the server so that the circuit path through the network can be established

A host will usually establish two streams, one for incoming and one for out going data

Other mechanisms to ensure that data integrity is maintained

Packets are numbered to avoid lost packets and incorrect ordering

Socket Communication OverviewUDP (User Datagram Protocol) UDP is a connectionless transport layer protocol that

also sits on top of IP Provides no data integrity mechanisms except for

checksum Simply packages it’s data into, what is known as a

Datagram, along with the destination address and port number

If the destination host is alive and listening it will receive the Datagram

No guaranteed delivery, there is a possibility that datagrams will be lost corrupted or delivered in the wrong order

Protocol has few built-in facilities thereby resulting in very low management overhead

Lack of "permanent" connection also means UDP can adapt better to network failures

Examples - DNS lookups, PING

Network byte ordering Standard way in which bytes are

ordered for network communication Network byte order says that the high-

byte (the byte on the right) should be written first and low-byte (the byte on the left) last

For example, the following byte representation of an integer, 10 12 45 32 should be written 32 45 12 10 when sending it across the network

Socket communication: Java Classes

Classes listed below are from java.net and java.io packages

Obtaining Internet address information Class InetAddress

This class provides methods to access host names and IP addresses

The following methods are provided to create InetAddress objects

Static InetAddress getLocalHost() throws UnknownHostException

Static InetAddress getByName(String host) throws UnknownHostException

The host name can be either a pneumonic identifier such as "www.Java.com" or an IP address such as 121.1.28.54

Socket Class

Class Socket These constructors allow the Socket connection to be

established Socket(String host, int port) throws IOException

This creates a Socket and connects to the specified host and port Host can be a host name or IP address and port must be in a

range of 1-65535 Socket(InetAddress address, int port) throws

IOException This creates a Socket and connects to the specified port The port must be in a range of 1-65535

InetAddress getInetAddress() This method returns the IP address of a remote host

int getPort() This method returns the port number of the remote host

int getLocalPort() The local port number is returned by this method

I/O Streams InputStream getInputStream()throws

IOException Returns an InputStream that allows the Socket to

receive data across the TCP connection An InputStream can be buffered or standard

OutputStream getOutputStream()throws IOException Returns an OutputStream that allows the Socket

to send data across the TCP connection An OutputStream should be buffered to avoid lost

bytes, especially when the Socket is closed void close() throws IOException

Closes the Socket, releasing any network resources

Exceptions

IOException Generic I/O error that can be thrown by

many of the methods SecurityException

Thrown if the Java security manager has restricted the desired action

Applets may not open sockets to any host other than the originating host, i.e. the web server

Any attempt to open a socket to a destination other than the host address will cause this exception to be thrown

TCP Client Connections - Sample Code

// Input and output streams for TCP socketprotected DataInputStream in;protected DataOutputStream out;protected Socket connect (int port) throws IOException{

// Connect methodoutput.appendText ("\nHi\n");Socket socket = new Socket (server, port);OutputStream rawOut =

socket.getOutputStream();InputStream rawIn = socket.getInputStream ();BufferedOutputStream buffOut = newBufferedOutputStream (rawOut);out = new DataOutputStream (buffOut);in = new DataInputStream (rawIn);return socket; }

ServerSocket Class The ServerSocket class creates a Socket for each client

connection ServerSocket(int port, int count) throws IOException

Constructs a ServerSocket that listens on the specified port of the local machine

Argument 1 is mandatory, but argument 2, the outstanding connection requests parameter, may be omitted

Default of 50 is used Socket accept() throws IOException

This method blocks until a client makes a connection to the port on which the ServerSocket is listening

void close() throws IOException This method closes the ServerSocket It does not close any of the currently accepted

connections int getLocalPort()

Returns the integer value of the port on which ServerSocket is listening

TCP Server Connections - Code Example

static Socket accept (int port) throws IOException {// Setup ServerSocket

ServerSocket server = new ServerSocket (port);Socket ClientSocket = server.accept ();// Extract the address of the connected userSystem.out.println ("Accepted from " + ClientSocket.getInetAddress ());server.close ();// return the client sock so that communication can beginreturn ClientSocket;} }

Datagram Communication

When using Datagram communication there are several differences to stream based TCP

Firstly a datagram packet is required, as we do not have a "permanent" stream we cannot simply read and write data to and from a communication channel

Instead we must construct datagrams, that contains the destination address, the port number, the data and the length of the data

Therefore we must deal with creating and dissecting packets

DatagramPacket Class Class DatagramPacket

Used to create the datagram packets for transmission and receipt

DatagramPacket(byte inbuf[], int buflength) Constructs a datagram packet for receiving datagrams Inbuff is a byte array that holds the data received and

buflength is the maximum number of bytes to read DatagramPacket(byte inbuf[], int buflength,

InetAddress iaddr, int port) Constructs a datagram packet for transmission iaddr is the address of the destination and port is the port

number on the remote host int getPort()

Returns the port number of the packet byte() getData()

Returns a byte array corresponding to the data in the DatagramPacket

Exampleprotected DatagramPacket buildPacket (String

message, String host, int port) throws IOException {

// Create a byte array from a stringByteArrayOutputStream byteOut = new ByteArrayOutputStream ();DataOutputStream dataOut = new DataOutputStream (byteOut);dataOut.writeBytes(message);byte[] data = byteOut.toByteArray ();

//Return the new object with the byte array payloadreturn new DatagramPacket (data, data.length, InetAddress.getByName(host), port);

}

Class DatagramSocket Used to create sockets for DatagramPackets DatagramSocket(int port) throws

SocketException Creates a DatagramSocket using the specified port

number void send(DatagramPacket p) throws

IOException Sends the packet out onto the network

syncronized void receive(DatagramPacket p) throws IOException

Receives a packet into the specified DatagramPacket

Blocks until a packet has been received successfully.

syncronized void close() Closes the DatagramSocket

Exampleprotected void receivePacket () throws IOException {

byte buffer[] = new byte[65535];DatagramPacket packet = new DatagramPacket

(buffer,buffer.length);socket.receive (packet); // Convert the byte array read from network into a

string ByteArrayInputStream byteIn = newByteArrayInputStream (packet.getData (), 0,packet.getLength ()); DataInputStream dataIn = new DataInputStream(byteIn); // Read in data from a standard format String input = ""; while((input = dataIn.readLine ()) != null) output.appendText("SERVER REPLIED : " + input +); }

Java Cryptography

Goals

Learn about JAVA Crypto Architecture

How to use JAVA Crypto API’s Understand the SunJCE

Implementation Be able to use java crypto functions

(meaningfully) in your code

Introduction JDK Security API

Core API for Java Built around the java.security package

First release of JDK Security introduced "Java Cryptography Architecture" (JCA)

Framework for accessing and developing cryptographic functionality

JCA encompasses Parts of JDK 1.2 Security API related to cryptography Architecture that allows for multiple and interoperable

cryptography implementations The Java Cryptography Extension (JCE) extends JCA

Includes APIs for encryption, key exchange, and Message Authentication Code (MAC)

Java Cryptography Extension (JCE)

Adds encryption, key exchange, key generation, message authentication code (MAC) Multiple “providers” supported Keys & certificates in “keystore”

database Separate due to export control

JCE Architecture

JCE:Cipher

KeyAgreementKeyGenerator

SecretKeyFactoryMAC

CSP 1 CSP 2

SPI

APIApp 1 App 2

Design Principles Implementation independence and

interoperability "provider“ based architecture Set of packages implementing cryptographic services

digital signature algorithms Programs request a particular type of object Various implementations working together, use each

other's keys, or verify each other's signatures

Algorithm independence and extensibility Cryptographic classes providing the functionality Classes are called engine classes, example Signature Addition of new algorithms straight forward

Building Blocks Key Certificate Keystore Message Digest Digital Signature SecureRandom Cipher MAC

Engine Classes and SPI Interface to specific type of cryptographic service Defines API methods to access cryptographic service Actual implementation specific to algorithms For example : Signature engine class

Provides access to the functionality of a digital signature algorithm

Actual implementation supplied by specific algorithm subclass

"Service Provider Interface" (SPI) Each engine class has a corresponding abstract SPI

class Defines the Service Provider Interface to be used by

implementors

SPI class is abstract - To supply implementation, provider must subclass

JCA Implementation

SPI (Service Provider Interface) say FooSpi

Engine Foo Algorithm MyAlgorithm

Foo f = Foo.getInstance(MyAlgorithm);

General Usage

No need to call constructor directly Define the algorithm reqd.

getInstance() Initialize the keysize

init() or initialize() Use the Object generateKey() or doFinal()

java.security classes Key KeyPair KeyPairGenerator KeyFactory Certificate CertificateFactory Keystore MessageDigest Signature SignedObject SecureRandom

Key Types

SecretKey PublicKey PrivateKey

Methods getAlgorthm() getEncoded()

KeyPair= {PrivateKey, PublicKey}

KeyGenerator

Generates instances of key Requires Algorithm

getInstance(algo) Keylength, (random)

Initialize(param, random) Generates required key/keypair

KeyFactory/SecretKeyFactory

Converts a KeySpec into Keys KeySpec Depends on the algorithm Usually a byte[] (DES)

Could also be a set of numbers (DSA)

Required when the key is encoded and transferred across the network

Certificate Problem

Java.security.Certificate is an interface Java.security.cert.Certificate is a class

Which one to use when you ask for a Certificate? Import only the correct type

Avoid “import java.security.*” Use X509Certificate

KeyStore

Access to a physical keystore Can import/export certificates

Can import keys from certificates Certificate.getPublicKey()

Certificate.getPrivateKey() Check for certificate validity Check for authenticity

keytool

Reads/writes to a keystore Unique alias for each certificate Password Encrypted

Functionality Import Sign Request

Export NOTE: Default is DSA !

Signature

DSA, RSA Obtain a Signature Object getInstance(algo) getInstance(algorithm,provider)

Signature (signing) Initialize for signing initSign(PrivateKey)

Give the data to be signed update(byte [] input) and variations

doFinal(byte [] input) and variations Sign

byte[] Signature.sign() NOTE: Signature does not contain the actual signature

Signature (verifying)

Initialize for verifying initVerify(PublicKey)

Give the data to be verifieded update(byte [] input) and variations

doFinal(byte [] input) and variations Verify boolean Signature.verify()

SignedObject Signs and encapsulates a signed object

Sign SignedObject(Serializable, Signature)

Recover Object getContent()

byte[] getSignature() Verify

Verify(PublicKey, Signature) ! Need to initialize the instance of the signature

javax.crypto classes

Cipher Mac KeyGenerator SecretKeyFactory SealedObject

Cipher DES, DESede, RSA, Blowfish, IDEA …

Obtain a Cipher Object getInstance(algorithm/mode/padding) or getInstance(algorithm)

or getInstance(algorithm, provider) eg “DES/ECB/NoPadding” or “RSA” Initialize init(mode, key) mode= ENCRYPT_MODE / DECRYPT_MODE

Cipher cont. Encrypt/Decrypt

byte[] update(byte [] input) and variations

byte[] doFinal(byte [] input) and variations Exceptions NoSuchAlgorithmException NoSuchPadding Exception InvalidKeyException

SealedObject Encrypts and encapsulates an

encrypted object Encrypt

SealedObject(Serializable, Cipher) Recover getObject(Cipher)

or getObject(key) Cipher mode should be different!!

Wrapper Class : Crypto.java

Adding a provider public Crypto() {

java.security.Security.addProvider(new cryptix.provider.Cryptix());}

Enrcyption using RSApublic synchronized byte[]

encryptRSA(Serializable obj, PublicKey kPub) throws KeyException, IOException {try { Cipher RSACipher = Cipher.getInstance("RSA"); return encrypt(RSACipher, obj, kPub);} catch (NoSuchAlgorithmException e) { System.exit(1);}return null; }

Decryption using RSApublic synchronized Object decryptRSA(byte[]

msgE, PrivateKey kPriv)throws KeyException, IOException

{try { Cipher RSACipher = Cipher.getInstance("RSA"); return decrypt(RSACipher, msgE, kPriv);} catch (NoSuchAlgorithmException e) { System.exit(1);}return null; }

Creating a signaturepublic synchronized byte[] sign(byte[] msg, PrivateKey kPriv) throws SignatureException, KeyException, IOException

{// Initialize the signature object for signingdebug("Initializing signature.");try { Signature RSASig = Signature.getInstance("SHA-1/RSA/PKCS#1"); debug("Using algorithm: " + RSASig.getAlgorithm()); RSASig.initSign(kPriv); RSASig.update(msg); return RSASig.sign();} catch (NoSuchAlgorithmException e) { System.exit(1);}return null; }

Verifying a signaturepublic synchronized boolean verify(byte[] msg, byte[] sig,

PublicKey kPub) throws SignatureException, KeyException

{// Initialize the signature object for verifyingdebug("Initializing signature.");try { Signature RSASig = Signature.getInstance("SHA-1/RSA/PKCS#1"); RSASig.initVerify(kPub); RSASig.update(msg); return RSASig.verify(sig);} catch (NoSuchAlgorithmException e) { System.exit(1);}return false; }

References

Sun’s Java website: http://java.sun.com

Thanks for staying awake