When using a KeyGenerator each time the class is initialized, the encrypted messages can not be read by a another process. Therefore the SecretKey is generated once, and then revived when the class is loaded.
** IMPORTANT **
Note that the SecretKey is now in your java source file, and will be in the compilation result. Your secrets can be read by anyone who can access your source or your binaries.
Generating the key
SecretKey key = KeyGenerator.getInstance("DESede").generateKey();
BigInteger num = new BigInteger(1, key.getEncoded());
System.out.println("Key: "+ num.toString())
Copy the resulting string (a big number)
Making the SecretKey available
public class YourClass {
private static String algorithm = "DESede";
private static byte[] encodedKey = new BigInteger("[[[[ Post the big number here ]]]]", 16).toByteArray();
}
Using the encoded SecretKey
DESedeKeySpec keySpec = new DESedeKeySpec(encodedKey);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(algorithm);
SecretKey key = keyFactory.generateSecret(keySpec);
Cipher cipher = Cipher.getInstance(algorithm);
Cipher decipher = Cipher.getInstance(algorithm);
cipher.init(Cipher.ENCRYPT_MODE, key);
decipher.init(Cipher.DECRYPT_MODE, key);
Encrypting and decrypting
String message = "Hello World";
byte[] encryptedBytes = cipher.doFinal(message.getBytes());
String encryptedMessage = Base64.encode(encryptedBytes);
// Transport the base64 string, for example over http
byte[] messageToDecrypt = Base64.decode(encryptedMessage);
byte[] decryptedBytes = decipher.doFinal(messageToDecrypt);
String decryptedMessage = new String(decryptedBytes);
System.out.println(decryptedMessage);
References
- http://www.devx.com/Java/10MinuteSolution/21385/1763/page/2
- http://www.herongyang.com/JDK/Secret-Key-Test-Program-JceSecretKeyTest.html
- http://www.java-tips.org/java-se-tips/javax.crypto/encryption-and-decryption-using-symmetric.html