Skip to main content

Beginning Cryptography with Java

David Hook

ISBN: 978-0-764-59633-9

Aug 2005

484 pages

In Stock

$39.99

Description

Beginning Cryptography with Java

While cryptography can still be a controversial topic in the programming community, Java has weathered that storm and provides a rich set of APIs that allow you, the developer, to effectively include cryptography in applications-if you know how.

This book teaches you how. Chapters one through five cover the architecture of the JCE and JCA, symmetric and asymmetric key encryption in Java, message authentication codes, and how to create Java implementations with the API provided by the Bouncy Castle ASN.1 packages, all with plenty of examples. Building on that foundation, the second half of the book takes you into higher-level topics, enabling you to create and implement secure Java applications and make use of standard protocols such as CMS, SSL, and S/MIME.

What you will learn from this book

  • How to understand and use JCE, JCA, and the JSSE for encryption and authentication
  • The ways in which padding mechanisms work in ciphers and how to spot and fix typical errors
  • An understanding of how authentication mechanisms are implemented in Java and why they are used
  • Methods for describing cryptographic objects with ASN.1
  • How to create certificate revocation lists and use the Online Certificate Status Protocol (OCSP)
  • Real-world Web solutions using Bouncy Castle APIs

Who this book is for

This book is for Java developers who want to use cryptography in their applications or to understand how cryptography is being used in Java applications. Knowledge of the Java language is necessary, but you need not be familiar with any of the APIs discussed.

Wrox Beginning guides are crafted to make learning programming languages and technologies easier than you think, providing a structured, tutorial format that will guide you through all the techniques involved.

Acknowledgments.

Introduction.

Chapter 1: The JCA and the JCE.

Chapter 2: Symmetric Key Cryptography.

Chapter 3: Message Digests, MACs, and HMACs.

Chapter 4: Asymmetric Key Cryptography.

Chapter 5: Object Description in Cryptography Using ASN.1.

Chapter 6: Distinguished Names and Certificates.

Chapter 7: Certificate Revocation and Path Validation.

Chapter 8: Key and Certificate Management Using Keystores.

Chapter 9: CMS and S/MIME.

Chapter 10: SSL and TLS.

Appendix A: Solutions to Exercises.

Appendix B: Algorithms Provided by the Bouncy Castle Provider.

Appendix C: Using the Bouncy Castle API for Elliptic Curve.

Appendix D: Bibliography and Further Reading.

Index.

Code Downloads
Code downloads for this title are available here.
Download
ChapterPageDetailsDatePrint Run
18Error in Code
input text : 0112233445566778899aabbccddeeff
cipher text: dda97ca4864cdfe06eaf70a0ec0d7191 bytes: 16
plain text : 0112233445566778899aabbccddeeff bytes: 16

should be:

input text : 00112233445566778899aabbccddeeff
cipher text: dda97ca4864cdfe06eaf70a0ec0d7191 bytes: 16
plain text : 00112233445566778899aabbccddeeff bytes: 16
03/04/2008

58Error in 22nd line of code
For: createKeyForAES, the @return doesn't have any informative text.

Consider:@ return a SecretKey of requested bitLength
10/21/05

65Error in Text
under "MessageDigest.digest()"

error:
=====
MessageDigest.getDigestSize()

correction:
==========
MessageDigest.getDigestLength()
10/22/05

81Error in Text
there is a missing space that causes the line to appear as if it is an extension of the call in the sentence before.

error:
=====
"[...] you will reset the message digest as a result of calling MessageDigest.digest().MessageDigest objects [...]"

correction:
==========
"MessageDigest.digest(). MessageDigest"

** Space between 'MessageDigest.digest().' and 'MessageDigest' that follows the digest()
10/23/05

89Error in Text
under "RSAPrivateKeySpec and RSAPrivateKey", the second paragraph has a missing space after a comma.

Error:
=====
"[...] rather than a getPublicExponent(),the basic class [...]"

Correction:
=========
"[...] getPublicExponent(), the [...]"
10/23/05

93Error in Text
there is an error in the letter case of a method. Just need to captialize the 'c' in coefficient.

error:
=====
getCrtcoefficient()

correction:
==========
getCrtCoefficient()
10/24/05

98Error in Text
generator is being initialized with the incorrect size of 386 only because throughout the example, any text referencing the key (page 98: "[...] expand from 256 to 384 bits [...]" and page 99: "Of course, 384 bits is well below [...]"

error:
=====
generator.initialize(386, random);

correction:
==========
generator.initialize(384, random);
10/24/05

99Error in Text
the reference to "OAEPwithSHA256andMGF1Padding" is not consistent with the letter case used throughout the book. Every place (even in the example above) where a similar format is used it would be more consistent to use:

OAEPWithSHA256AndMGF1Padding
10/24/05

104-105Error in Formatting
Error (very minor) in consistency of text on page 104-105. Similar functions use either "IV" and "Iv".
error:
=====
"unpackKeyAndIV()"
"packKeyAndIv()"

correction:
==========
"unpackKeyAndIv()"

This is the format - uppercase 'I' and lowercase 'v' - that the author has standardized on throughout the text. If it is changed, the calls to this method also need to change throughout the example.
10/25/05

105Error in formatting
On page 105, the output needs to be reformatted with "input" on the following line and also preceding text's font should be the "text" font as it is not explicitly written with System.out.println().

error:

=====

"Running the example, you should get the following output:input [...]"

correction:

==========

"[...] output:

input : 00beef"
10/25/05

1051st Paragraph, Layout Error
First paragraph currently reads:

Running the example, you should get the following output:
input : 00beef
keyBlock length : 128
cipherText length: 3
plain : 00beef

It should read:

Running the example, you should get the following output:

input : 00beef
keyBlock length : 128
cipherText length: 3
plain : 00beef
1/15/06

428Error in Text
Item 3 in the list reads:

SEC2v - "Recommended Elliptic Curve Domain Parameters,"
www.secg.org/download/aid-385/sec1_final.pdf

It should read:

SEC2 - "Recommended Elliptic Curve Domain Parameters,"
www.secg.org/download/aid-385/sec2_final.pdf
1/15/06