Java Reference
In-Depth Information
Leveraging the SATSA High-Level APIs for Cryptography
While the two optional packages defined by SATSA that you've seen are for interfacing
with cryptographic hardware, the remaining two provide implementations of common
cryptographic operations needed by many of today's mobile applications. The SATSA-
CRYPTO package includes a subset of the
java.securtity
package, a subset of the
java.security.spec
package, a subset of the
javax.crypto
package, and a subset of the
javax.crypto.spec
package to provide APIs for public and private key management,
message digests, signature verification, and data encryption. The SATSA-PKI security
packages include
javax.microedition.pki
and
javax.microedition.securityservice
, which
define classes to support basic user-certificate management.
Using the SATSA-CRYPTO API, let's look at two common operations you're likely to
perform at some point during application development: creating message digests and
encrypting (or decrypting) a message.
Using the SATSA-CRYPTO API to Create a Message Digest
One of the most common cryptographic operations a mobile application may be
required to perform is creating a message digest. Many web service APIs today use mes-
sage digests as a means to prevent tampering with the payload of a web service request
or response; the message digest may appear as a separate HTTP header or an argument
to the web service request, or simply may be appended to the web service header. This
couldn't be easier than using the SATSA-CRYPTO API, as shown in Listing 15-3.
Listing 15-3.
Creating a Message Digest
String webRequest = "…";
byte[] message = webRequest.getBytes();
static String digestAlgorithm = "MD5";
static int digestLen = 16;
byte[] digest = new byte[digestLen];
try {
java.security.MessageDigest md;
md = java.security.MessageDigest.getInstance(digestAlgorithm);
md.update(message, 0, message.length);
md.digest(digest, 0, digestLen);
} catch (Exception e) {
// Handle NoSuchAlgorithmException or DigestException
…
}