Using cryptography with Java

Jan 1, 2001

JDK 1.2 or later and JCE 1.2 or later
Borland JBuilder 4 (recommended)

If you are using Java to build distributed applications, you will quickly find that you need cryptography. The basic Java provides a somewhat limited support for cryptography, but with a freely downloadable extension, the support increases greatly. In this article, you will learn how to calculate MD5 hashes and use the Blowfish algorithm.

The basic Java Development Kit (JDK) provides support for message digests, which is an important part of cryptography. But to use encryption and decryption, you will need to use Java Cryptography Extension, or JCE.

The current version of JCE is 1.2.1 and it supports JDK 1.2 or later. Once you have downloaded the JCE package (after registering), unzip the archive to a directory of your choice. For example, our preference is to put all such files below Borland JBuilder's installation directory, where we have a directory called Extensions. This way it is easy to find all custom extensions. Of course, you are free to develop your own schemes.

Using JCE with JBuilder

If you are using JBuilder 4 as your Java development platform, the easiest way to start using JCE is to list it in the "Required Libraries" list of your project. That is, use the Project Properties window to do so:

By clicking the Add button on the dialog box you can bring up the Select One Or More Libraries dialog box. By clicking the New button on this dialog box you can start the New Library Wizard, as shown here:

This wizard is easy to use: just enter a library name ("Java Cryptography Extension" in this case) and then browse to the main directory of the JCE files. JBuilder will then find all the .JAR files. Convenient.

Calculating MD5 hashes

When you want to use the MD5 hashing algorithm (defined in RFC 1321), you don't need JCE. Instead, you need to use the classes in the java.security package. In terms of code, the following snippet demonstrates usage of the MessageDigest class:

MessageDigest md = MessageDigest.getInstance("MD5");
String s = "a";
byte[] hash = md.digest(s.getBytes());

System.out.println("MD5 hash calculated for \""+s+"\":");
for (int i = 0; i < 16; i++) {
  char[] hex = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
  int c = ((char)hash[i] & 0xFF);
  int j = (c >> 4);
  System.out.print(hex[j]);
   j = (c & 0xF);
  System.out.print(hex[j]);
}

The above code would calculate the MD5 has for the string "s", and print out the MD5 hash:

MD5 hash calculated for "a":
0CC175B9C0F1B6A831C399E269772661

Encrypting and decrypting with JCE

The JCE provides an example using DES, but the samples lack example of using the Blowfish algorithm. Blowfish is a relatively new algorithm developed by Bruce Schneier. His book, Applied Cryptography, is one of the best practical cryptography books available.

The Blowfish algorithm is supported by JCE, and to start using it, you need to enable it with the following code sequence:

Provider sunJCE = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunJCE);

Next, you need to derive a key from a password string, in the following code example simply "password":

SecureRandom sr = new SecureRandom("password".getBytes());
KeyGenerator kg = KeyGenerator.getInstance("Blowfish");
kg.init(sr);
SecretKey sk = kg.generateKey();

After you have derived the key, you simply need an instance of the Cipher class (from the javax.crypto package, which needs to be added to the imports clause). Then, encrypting a text string is a simple matter of calling a few methods:

Cipher bf = Cipher.getInstance("Blowfish");
bf.init(Cipher.ENCRYPT_MODE,sk);
byte[] cleartext = "This is my message to be encrypted".getBytes();
printOut(cleartext);
byte[] ciphertext = bf.doFinal(cleartext);
printOut(ciphertext);

Decrypting is equally simple:

bf.init(Cipher.DECRYPT_MODE,sk);
byte[] decryptedtext = bf.doFinal(ciphertext);
printOut(decryptedtext);

Download the example code

Download usingcryptographywithjava.zip (4 kB) which contains the sample application CryptoDemo. Please note that application will require you to download JCE 1.2 or later from Sun's web site. The example code was tested and developed with Borland JBuilder 4.

* * *

Need help developing your Java application? Contact us!