Sample code for 30+ languages & platforms
Android™

Create JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)

This example requires Chilkat v9.5.0.66 or greater.

Chilkat Android™ Downloads

Android™
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    // IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkJavaKeyStore jceks = new CkJavaKeyStore();

    // We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
    CkPrng prng = new CkPrng();

    // Generate some keys..

    // 128-bit AES key (16 bytes)
    String aesKey = prng.genRandom(16,"base64");

    // 256-bit Blowfish key (32 bytes)
    String blowfishKey = prng.genRandom(32,"base64");

    // HMAC SHA256 key
    // (An HMAC key can be anything, and any length. We'll use the following string:
    String hmacKey = "This is my HMAC key";

    // ChaCha20 256-bit
    String chachaKey = prng.genRandom(32,"base64");

    // Add each secret key to the JCEKS
    String encoding = "base64";
    String password = "secret";
    jceks.AddSecretKey(aesKey,encoding,"AES","my aes key",password);
    jceks.AddSecretKey(blowfishKey,encoding,"BLOWFISH","my blowfish key",password);
    // For HMAC, we're using the us-ascii bytes for the key..
    jceks.AddSecretKey(hmacKey,"ascii","HMAC_SHA256","my hmac key",password);
    jceks.AddSecretKey(chachaKey,encoding,"CHACHA","my chacha20 key",password);

    String filePassword = "password";
    // Write the JCEKs to a file.
    success = jceks.ToFile(filePassword,"qa_output/secretKeys.jceks");
    if (success != true) {
        Log.i(TAG, jceks.lastErrorText());
        return;
        }

    // We can also emit as a JWK Set..
    CkStringBuilder sbJson = new CkStringBuilder();
    success = jceks.ToJwkSet("secret",sbJson);
    if (success != true) {
        Log.i(TAG, jceks.lastErrorText());
        return;
        }

    // Emit the JSON in pretty-printed (indented) form:
    CkJsonObject json = new CkJsonObject();
    json.LoadSb(sbJson);
    json.put_EmitCompact(false);
    Log.i(TAG, json.emit());

    // Output is:

    // { 
    //   "keys": [
    //     { 
    //       "kty": "oct",
    //       "alg": "AES",
    //       "k": "vHekQQB0Gc1NvppapUTW2g",
    //       "kid": "my aes key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "BLOWFISH",
    //       "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
    //       "kid": "my blowfish key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "HMAC_SHA256",
    //       "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
    //       "kid": "my hmac key"
    //     },
    //     { 
    //       "kty": "oct",
    //       "alg": "CHACHA",
    //       "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
    //       "kid": "my chacha20 key"
    //     }
    //   ]
    // }
    // 

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}