Although the message digest and digital signature techniques shown in the previous section use cryptographic techniques, note that they do not actually perform any encryption or decryption. Prior to Java 1.4, strict U.S. export regulations for encryption technology prevented Sun from releasing the Java platform with built-in encryption, and programmers instead had to download and install the separate Java Cryptography Extension (JCE). U.S. regulations have since been relaxed and Java 1.4 now includes the JCE classes in the javax.crypto package and its subpackages.

Example 7-5 is a program that allows you to encrypt and decrypt files using the TripleDES encryption algorithm and to generate TripleDES keys that are stored in files. It uses the JCE classes in javax.crypto and its subpackages. The key classes are Cipher, which represents an encryption or decryption algorithm, and SecretKey, which represents the encryption and decryption key used by the algorithm. You can find an API quick-reference for the JCE classes in Java in a Nutshell. You can also learn more about cryptography and the JCE from Java Cryptography by Jonathan Knudsen (O’Reilly).

package je3.security; import javax.crypto.*; import javax.crypto.spec.*; import java.security.*; import java.security.spec.*; import java.io.*; /** * This class defines methods for encrypting and decrypting using the Triple * DES algorithm and for generating, reading, and writing Triple DES keys. ...