SEARCH KEYWORD -- Java Security


  Java Cipher encryption/decryption example

In Java, Cipher is the API for doing data encryption/decryption. Many cryptographic algorithms such as AES, DES, RC4 etc can be specified when creating Cipher instance. The Cipher instance calls the underlying algorithm specific implementation to do the actual encryption/decryption.  Before doing the encryption/decryption, a key needs to be created and it will be used to do the encryption/decryption. A sample program for performing all these is : import java.security.Key; import javax.cryp...

   Java, Java Security, Cipher, Example, Sample     2015-08-14 07:07:10

  Different types of keystore in Java -- DKS

Domain KeyStore(DKS) is a keystore of keystore. It abstracts a collection of keystores that are presented as a single logical keystore. Itself is actually not a keystore. This new keystore type is introduced in Java 8. There is a new class DomainLoadStoreParameter which closely relates to DKS. To load different keystores into the single logical keystore, some configuration is needed. Here is the format of the configuration for grouping different keystores. domain [ ...] { keystore [ ....

   Java,keystore,DKS,tutorial     2015-01-20 02:27:27

  New features in Java 9

Java 9 is planned to be released in March 2017. It will be 3 years since Java 8 was released. Are you still excited about the new features introduced in Java 8 such as Lambda, new Date APIs etc? Now Java 9 is to be released and there are also quite a few fantastic new features to be introduced. Below is a list of major new features in Java 9. Modular system. Java 9 will introduce a brand new modular system to organize Java codes. The modular system will divide different packages into diffe...

   JAVA,NEW FEATURE,JAVA 9     2016-04-05 09:56:01

  Arrays.equals() vs MessageDigest.isEqual()

Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29

  Generate signed certificate from CSR in Java

In our previous tutorial, we have explained how to generate CSR which can be sent to CA for generating a signed certificate. In this tutorial, we will explain how to generate the signed certificate from CSR in Java. We will not use an actual CA but a self-signed certificate to act as a CA certificate. Since the CSR contains the subject information where a certificate needs to be generated and signed for. The key here is to extract the subject information from the CSR and then set it as the subje...

   JAVA,CSR,SIGN CERTIFICATE     2020-10-24 07:03:17

  Java 9 release is delayed again

The original Java 9 planned release date is March 2017. But latest source shows that Java 9 release will be delayed again to July 2017. It's four months later than the planned date. Oracle Chief Architect of Java Platform group Mark Reinhold proposes this new release date in a message sent on the OpenJDK mailing list.  Despite this progress, at this point it's clear that Jigsaw needs more time. We recently received critical feedback that motivated a redesign of the module ...

   JAVA,RELEASE DATE,JAVA 9,JAVA 9 DELAY     2016-09-26 12:22:53

  Access control in Java -- doPrivileged

Previously we have introduced how Java performs permission check to protect resource access. What if sometimes we need to give some class the temporary access to some resource which it initially doesn't have? AccessController provides six doPrivileged methods to fulfill this requirement. These six methods have below signatures : static T doPrivileged(PrivilegedAction action)static T doPrivileged(PrivilegedAction action, AccessControlContext context)static T doPrivileged(PrivilegedExceptionA...

   JAVA,SECURITY,DOPRIVILEGED     2016-03-08 05:46:42

  Signature sign/verification demo in Java

Digital signature is commonly used in areas where data authentication and integrity are required. It is extremely important to have signature while transferring sensitive data from one peer to other peers through network since there might be malicious applications or man-in-the-middle attacks which may alter the data along the way. Java provides some APIs to generate and verify digital signature. One important class is Signature.  When generating the signature, a private key needs to be pa...

   SECURITY,JAVA,SIGNATURE     2015-11-21 09:48:12

  Generate certificate in Java -- Self signed certificate

This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...

   Java,Certificate,X509     2014-07-30 07:42:18

  Check file readability in Java

File operation is quite platform dependent. Although Java is a cross platform programming language, the file operation in Java is also platform dependent. The obvious evidence is the file permission check. In Java, we can call canRead(), canWrite() and canExecutable() to check whether the program can read, write or execute the file specified. However, on Windows, when we call canRead() on a File object, we may get unexpected result. Actually, on Windows, when we call canRead() on a File object, ...

   Java,Files,Readable,Check     2013-12-05 06:10:15

RECENT