Although there are times when you’ll generate your own keys, they are more often obtained electronically. The next engine and related set of classes we’ll examine show us how to import and export keys. The source or destination of these keys is not specified by any of these classes—you may have read the data from a file, or from a socket, or you may have typed it in manually. The classes in this section merely enable you to convert a key object to a known external representation and to perform the reverse conversion.

Key factories are available only in Java 1.2. Exporting keys in 1.1 is simple: the encoded bytes of the key can be obtained and transmitted in any manner that is convenient. But importing keys in 1.1 is very difficult, because there is no way to take the encoded bytes and produce a key from them. As a fallback measure, you can serialize a key object to export it and then deserialize that data to import the key, although that’s not something we generally recommend (see Section 10.5 later in this chapter).

There are two external representations by which a key may be transmitted—by its encoded format, or by the parameters that were used to generate the key. Either of these representations may be encapsulated in a key specification, which is used to interact with the KeyFactory class (java.security.KeyFactory) that actually imports and exports keys: