Tuesday, 27 August 2013

Java Collections : Internal Working

Java Collections:

Going for an Job Interview? be prepared with Java Collections framework. Java Collection framework is the most preferred topic by interviewers. It gives them the idea of how much effort the interviewee as taken to understand this framework and clear the interview.

And guess what, similar questions are now also asked in US for H1B visa holders, or MS post graduates looking for job.

This blog explains internal working of the Collection framework. For Interview Question on Collection refer Java Collection Interview Questions

For Java Interview questions for 2 to 5 years Senior Developer refer this blog.

Recently Blockchain has also made place in Java Interviews. Blockchain internally is also a Data Structure. To know more click here : Implementing Blockchain using Java

Click Here for Core Java Objective Questions and Answers

Custom implementation of Collections and Data Structure:

Java Collection internally uses the primitive and core elements like Arrays and datastructures like  Linked List, Tree etc. So if you are asked a question to explain the internal working of any of the Collection classes, don't be surprised. Be it an interview for an Junior Java developer or even for an Architect, Java Collection is always something that you will have on you plate.

Java provides many collection classes that can be used to store data. Knowing which collection class to use for best performance and optimum result is the key.

First the basics.
Below two image shows the complete hierarchy of interfaces and classes present in the Collection framework.

The Collections come in basic four flavors:
Lists : List of things ( Classes that implement List Interface)
Sets : Unique things ( Classes that implement Set Interface)
Maps : Things with unique id ( Classes that implement Map Interface)
Queues : Things arranged in order ( Classes that implement Queue Interface)

The blue ones are the Interfaces and the red ones are the implementation classes

Below is Map. A map is a special type of collection.

          Below table shows the different concrete classes implementing these interfaces


Monday, 26 August 2013

Data Structure : Binary Search Tree

This blog describes the Internal Working of TreeMap. This is a Binary Search Tree. Similar to java.util.TreeMap.
Binary Search Tree (BST) is a Data Structure which places the data in sorted order. Each Node has 2 pointers/references left and right. If the data to be inserted is smaller than the current node than the new node is attached at the left of the current node. If the data to be inserted is greater than the current node than the new node is attached at the right of the current node.

Data Structure : Doubly Link List

The Doubly Linked List is a Java Singly Linked List with a reference present to refer to the previous node as well.
Doubly Linked List is use in scenarios where deletion is more frequent.

Data Structure : Singly Linked List

Singly Linked List is the most simplest type of Data Structure. It is basically a collection of data which are linked together. Linked List are better than arrays as they can grow and shrink dynamically. Lets see the program if this.

Friday, 23 August 2013

Symmetric Key Encryption / Decryption using KeyTool

There are three ways for encryption/decryption using symmetric key in java.
1. Generating Symmetric key using Cryptop Library pro-grammatically. Refer Java Symmetric Key Encryption Crypto Library
2. Generate Symmetric Key using Key Tool. Current blog.
3. Use plain text as a symmetric key. Refer Java Symmetric Key Encryption using KeyTool

In this blog we will generate the symmetric key using Java KeyTool program. For more information on Key Tool read blog Java Key tool Tutorial. And then we will encrypt the data using this symmetric key.

To understand the concepts of symmetric/asymmetric key encryption read blog Java Security.

Sunday, 18 August 2013

Friday, 16 August 2013

Symmetric and Asymmetric key Encryption

In the previous chapters we saw how to use symmetric key and asymmetric key methods to secure data. In this chapter we will see how we can combine the two methods to enhance the security of data.
In this example we are first encrypting the message by symmetric key. But instead of sending the symmetric key as it is to the other party we are encrypting the symmetric itself with the public key of the other party and than sending the symmetric key and message. The other party will first decrypt the symmetric key using the private key it has and than will decrypt the message with the decrypted symmetric key.
This adds more security.

Thursday, 15 August 2013

Keytool Explored

Key tool is a utility provided by JDK to generate following thing.

1. Symmetric key

keytool -genseckey -alias mykey -keyalg AES -keysize 128 -storetype jceks -keystore keystore.jks -storepass password -keypass password

2. Key-pair (private / public key)

Key pair generates private key / public key pair in a single file which is called as keystore. A keystore can contain more than one private/public keys. private/ public key pair can be considered as a padlock with a key. And Keystore is a box having many of these padlock and key pairs. To lock any data the public key that is the padlock can be given to the user

keytool -genkeypair -alias mykey -keyalg RSA -keysize 1024 -storetype jceks -validity 365 -keypass password -keystore ppkeystore.jck -storepass password -dname "cn=localhost, ou=Verisign, o=MyComp Inc, l=Foster City, st=California, c=US"

3. Export Certificate from key pair

As mentioned above a public key can be given to user to encrypt data. A public key can be considered as open padlock which can be used to lock something but cannot be used to unlock.

keytool -export -alias mykey -storetype jceks -keystore ppkeystore.jck -storepass password -file public.crt

4. Request a Certificate from a Certificate Authority

This certificate is of standard X.509 that is the Public key Infrastructure for 509. This standard is used to generate certificates by Certificate Authority(CA).

The certificate contains IssuerValidityPublic Key Info. The certificate itself is digitally signed by the private key of the issuing authority like Thawte, Verisign and the signature is also embedded in the certificate in the Signature Algorithm section. This type of certificates that are issued by a third party are generally used for webapplications that need to run on HTTPS/SSL port.
 The browser verifies the certificate. To validate the certificate a second certificate is required that matches the issuer of the fist certificate. This certificates is called the root certificate of the issuing authority. This certificate contains the public key of the private/public key pair of whose private key was used the sign the first certificate. All Browser now a days come with a list of these root certificates. 
In Chrome if we go to Settings->>HTTPS/SSL -> Manage Certificates, in the trusted root certificates all root certificate will appear from Certificate issuing authority. When the browser goes to a url which is working on HTTPS than the browser fetches the certificate issued by CA for HTTPS to this URL and than checks the issuer of that certificate and than validates that certificate using the root certificate of that issuer. If the root certificate of the issuer is not present in the Trusted Root Certificate than the browser will give a warning and ask the user to trust the certificate manually. This happens usually when developer uses a self signed certificate for development and testing.

Above the first figure on left hand side shows the browser has verified the CA and also mentions the encryption algorithm. In the second figure since the certificate was a self signed certificate and the root certificate is not present the browser is not able to validate the identity of CA and asks user to manually trust the certificate.

5. Import a Certificate in a truststore.

Trusstore is a collection of open padlock that is public certificate key. To add a public certificate to a trusstore used importcert command as mentioned below.

keytool -importcert -alias mykey -file public.crt -keystore pptruststore.jck -keypass password -storepass password
Owner: CN=localhost, OU=Verisign, O=MyComp Inc, L=Foster City, ST=California, C=US
Issuer: CN=localhost, OU=Verisign, O=MyComp Inc, L=Foster City, ST=California, C=US
Serial number: 5218562e
Valid from: Sat Aug 24 12:13:58 IST 2013 until: Sun Aug 24 12:13:58 IST 2014
Certificate fingerprints:
         MD5:  FC:CA:65:5D:25:0D:4A:4F:7E:4F:B9:A0:31:6B:42:16
         SHA1: C2:FD:48:18:E5:EF:9D:B4:3E:3F:34:3E:D3:24:B1:42:A4:EE:F3:52
         Signature algorithm name: SHA1withRSA
         Version: 3
Trust this certificate? [no]:  yes
Certificate was added to keystore

A prompt is shown asking whether the user trusts the certificate or not. This prompt appears because the certificate generated is not generated by a trusted authority and it is a self signed certificate. That means the issuer of the certificate and the party to whom the certificate is issued are same.
If the certificate is from a verified authority than the prompt is not shown.
The entry of various verified certificate authorities is present in cacerts file present in JAVA_HOME/jre/lib/security folder. 

Asymmetric Key Encryption / Decryption

In the previous chapter we saw how we can encrypt and decrypt data using symmetric key.

Here we are going to use private/public key pair for encryption and decryption.

In Asymmetric key encryption/decryption both parties do not need to share the same key with each other. The private key is with the authoring party and it can distribute the public key generated from private key to users. This will add more security constraint on the private key tampering.

In the below example we use the KeyPairGenerator class to create private and public key. To generate the key pair using key tool refer Java Asymmetric Key Keytool.

The KeyPairGenerator is instantiated with RSA algorithm. Any of the below algorithm can also be used.
DiffieHellman (1024)
DSA (1024)
RSA (1024, 2048)
And than we use the Cipher class to encrypt and decrypt the data as explained in the previous example.

For a maven project you will need the apache-common-codec jar as a dependency or else just download the jar and paste it in the folder which is in the classpath.

Maven dependency:

Main Class
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;

import javax.crypto.Cipher;

import org.apache.commons.codec.binary.Base64;

public class AssymmetricKey {
 public static void main(String[] args) throws Exception {

  KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
  KeyPair keyPair = keyPairGenerator.generateKeyPair();
  PrivateKey privateKey = keyPair.getPrivate();
  PublicKey publicKey = keyPair.getPublic();

  String dataToBeEncrypted = "MyHome";

  Cipher cipher = Cipher.getInstance("RSA");

  cipher.init(Cipher.ENCRYPT_MODE, publicKey);
  String encryptedData =Base64.encodeBase64String(cipher.doFinal(dataToBeEncrypted.getBytes())); 
  System.out.println("Encrypted Data: " + encryptedData);
  Cipher dipher = Cipher.getInstance("RSA");

  dipher.init(Cipher.DECRYPT_MODE, privateKey);
  System.out.println(new String(dipher.doFinal(Base64.decodeBase64(encryptedData))));


Java Examples

Symmetric Key Encryption / Decryption

In this chapter we will see how we can do encryption / decryption using symmetric key method. For more details about Java security read Java Security
In this example we will use KeyGenerator class and generate the symmetric key and than encrypt and decrypt a String text using Cipher class.

For a maven project you will need the apache-common-codec jar as a dependency or else just download the jar and paste it in the folder which is in the classpath.

Maven dependency:

Main Class
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;

public class SymmetricKey {

 public static void main(String[] args) throws Exception {

  //Generate Symmetric key
  KeyGenerator generator = KeyGenerator.getInstance("AES");
  SecretKey key = generator.generateKey();
  byte[] symmetricKey =key.getEncoded();
  System.out.println("key : "+symmetricKey);
  //Encrypt Data
  String encryptedData = encryptWithAESKey("asd", symmetricKey);
  System.out.println("Encrypted Data : " + encryptedData);
  //Decrypt Data
  System.out.println("Decrypted Data : " +decryptWithAESKey(encryptedData, symmetricKey));


 public static String encryptWithAESKey(String data, byte[] key) throws NoSuchAlgorithmException, NoSuchPaddingException,
   InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
  SecretKey secKey = new SecretKeySpec(key,"AES");

  Cipher cipher = Cipher.getInstance("AES");
  cipher.init(Cipher.ENCRYPT_MODE, secKey);
  byte[] newData = cipher.doFinal(data.getBytes());
  return Base64.encodeBase64String(newData);

 public static String decryptWithAESKey(String inputData, byte[] key) throws NoSuchAlgorithmException,
   NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
  Cipher cipher = Cipher.getInstance("AES");
  SecretKey secKey = new SecretKeySpec(key, "AES");

  cipher.init(Cipher.DECRYPT_MODE, secKey);
  byte[] newData = cipher.doFinal(Base64.decodeBase64(inputData.getBytes()));
  return new String(newData);


In the above example KeyGenerator is instantiated with AES algorithm. Every Java Implementation needs to implement one of below given algorithm.
AES (128)
DES (56)
DESede (168)
AES is Advanced Encryption System algorithm. The data will be encrypted using this Algorithm. The statement generator.init(128) provides the size of the key in bits. This can be 128,192,256 according to the AES specification.
After the key is generated we have created a instance of Cipher class and instantiated it with AES. And than we set it to ENCRYPT MODE and call doFinal which encrypts the data. For decryption again we create a instance of Cipher with DECRYPT MODE and decrypt the data using the same key used for encryption.
You might have noticed that we are encoding the encrypted data with Base64. This is required if you want to save the encrypted data in a file and send it across. It guarantees that the data will not get lost. 
Java Examples

Wednesday, 14 August 2013

Java Security

Java provides JCE (Java Cryptography Extension) API which helps us to create secure applications.

Below are some API's provided by JCE

Symmetric key Encryption / Decryption
Asymmetric key Encryption / Decryption
Digital Signature

Lets first define What is Security and relate it to Software security and then see how can we implement this using JCE.

Symmetric key Encryption / Decryption
In Symmetric key Encryption/ Decryption their is only one key which is used to encrypt and decrypt the message.
An analogy that can be used to understand the advantages of an asymmetric system is to imagine two people, Alice and Bob, who are sending a secret message through the public mail. In this example, Alice wants to send a secret message to Bob, and expects a secret reply from Bob.

With a symmetric key system, Alice first puts the secret message in a box, and locks the box using a padlock to which she has a key. She then sends the box to Bob through regular mail. When Bob receives the box, he uses an identical copy of Alice's key (which he has somehow obtained previously, maybe by a face-to-face meeting) to open the box, and reads the message. Bob can then use the same padlock to send his secret reply.
This is termed in Java as Symmetric key Encryption / Decryption. Here both parties can lock and unlock the message with the same shared key.
For Java code please refer Symmetric key Encryption / Decryption

Asymmetric key Encryption / Decryption
Asymmetric key Encryption/Decryption is based upon public key Encryption method. Where instead of one key their are two keys, private and public. The public key is used to encrypt and the private key is used to decrypt. Both the keys are different but are linked mathematically. No key can perform both operation of encryption and decryption. The public key can be distributed to senders and the private key is kept confidential with the receiver.

For analogy we can consider public key as a padlock as shown above and private key as the key to the padlock. A padlock can be used to lock a box without the key and than the key can be used to open the padlock opening the box.
Lets continue our example.

In an asymmetric key system, Bob and Alice have separate padlocks. First, Alice asks Bob to send his open padlock to her through regular mail, keeping his key to himself. When Alice receives it she uses it to lock a box containing her message, and sends the locked box to Bob. Bob can then unlock the box with his key and read the message from Alice. To reply, Bob must similarly get Alice's open padlock to lock the box before sending it back to her.

The critical advantage in an asymmetric key system is that Bob and Alice never need to send a copy of their keys to each other. This prevents a third party – perhaps, in this example, a corrupt postal worker – from copying a key while it is in transit, allowing the third party to spy on all future messages sent between Alice and Bob. So, in the public key scenario, Alice and Bob need not trust the postal service as much. In addition, if Bob were careless and allowed someone else to copy his key, Alice's messages to Bob would be compromised, but Alice's messages to other people would remain secret, since the other people would be providing different padlocks for Alice to use.
This is termed in Java as Asymmetric key Encryption / Decryption.
For  Java code please refer Asymmetric key Encryption / Decryption
For Java code with key tool please refer Asymmetric key Encryption / Decryption with Key tool

Digital Signature
Digital Signatures are used to authenticate the sender sending the message. Digital signature are also based on Asymmetric key Encryption mentioned above.
Here the sender signs the message by its private key and any receiver can verify the signature who has the public key.

An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The message can be opened by anyone, but the presence of the unique seal authenticates the sender.
This is termed in Java as Digital Signature.Refer Java Code

Encryption Decryption + Digital Signature
Message Encryption / Decryption can be combined with Digital Signature to provide more security. Here message can be decrypted only by the party having the private key. And the authenticity of the sender can be verified by digital signature, by doing this the sender can also not deny that the message has been sent by him. Many Web Based services use both these security aspects

Symmetric + Asymmetric Security
Both Symmetric and Asymmetric key method can be used to secure message. First the message is encrypted with a symmetric key and then before sending the key to other party the key itself is encrypted with other parties public key. The other party on receiving the encrypted message and encrypted key, first decrypts the key with private key and than decrypts the message by using the decrypted key.

As shown in the figure the actual data is encrypted by the symmetric and than the symmetric key is made secure by putting it in a box locked by public key of the receiver. The receiver will have the private key and can open the box to retrieve the symmetric key. This symmetric key than can be used to decrypt data.
For Java code please refer Symmetric and Asymmetric key Encryption / Decryption 
Combination of Symmetric + Asymmetric + Signature can also be done. Please refer this post

KeyTool is a utility provided by java. It is used to create private(symmetric) key, Private key/Public Key Pair, Certificates, keystores, trustsores etc.
We will look in more details about all these in coming posts KeyTool Explored . Here will also see how data can be encrypted by keys generated by keytool. 

Tuesday, 13 August 2013

Thread : Wait and Notify Example

In the previous chapter Synchronization we saw how multiple threads can be restricted from accessing the same block of code simultaneously. But sometimes their is a scenario where multiple threads share the same object and a communication is required between threads.
Lets take a example where John who wants to eat Ratatouille goes to a restaurant and asks for it. The chef starts creating the delicacy. But by the time the dish is done John has to wait. And john should only take the plate when chef says to john that 'I am done'.
This communication between 2 threads is possible by using wait, notify methods of Object class.
Lets simulate this in Java

public class Chef extends Thread{
 String plate;
 public void run(){


This is a Chef class who is a Thread and just populates the plate variable after 2 sec.

public class John{
 public static void main(String[] args) {

  Chef chef = new Chef ();
  chef .start();
  System.out.println("Main consuming :"+chef .plate);

John is the Main class which creates the object of Chef class and starts it. After starting the thread class it tries to consume the plate.
Lets run the program and see what happens

Main consuming :null

John was not able to consume plate because Chef was not ready with the dish i.e. it did not populate the plate variable. So we want John to wait till Chef tells I am done. Lets make some changes and see how can we fix this.

public class Chef extends Thread {

 String plate;

 public void run() {

  synchronized (this) {
   try {
    System.out.println("Chef: Prepairing Ratatouille...");
    plate = "Ratatouille";
    System.out.println("Chef: Ratatouille prepaired, notify John");
   } catch (InterruptedException e) {
    // TODO Auto-generated catch block


public class John {
 public static void main(String[] args) throws InterruptedException {

  Chef chef = new Chef();
  synchronized (chef) {
   if (chef.plate == null) {
    System.out.println("John : Plate is empty, wait..");

   System.out.println("John consuming :" + chef.plate);

John : Plate is empty, wait..
Chef: Prepairing Ratatouille...
Chef: Ratatouille prepaired, notify John
John consuming :Ratatouille
Here now John checks if plate is emty or not. John calls wait() on Chef instance variable and waits, that is it releases lock on Chef instance. Chef class now can enter the synchronized block. It calls the notify() method on the same chef object and tells john to go ahead.
Important Methods

This method makes the current executing thread release the Lock on the object on which wait() was called and go into waiting state.

This method makes the current executing thread release the Lock on the object on which notify() was called and wake up the Thread which has called wait() on the same object 'checf' in our case.

Monday, 12 August 2013

Java Synchronization

This chapter explores the concept of synchronization and Thread Safety.
Below is a class called Bank. This class has a instance variable balance which is initialized to 100.
The class also has methods to deposit and withdraw.

public class Bank {

 int balance = 100;

 public void deposit(int amount) {
  this.balance = amount;
  System.out.println(Thread.currentThread().getName()+" Deposit:" + balance);

 public void withdraw(int amount) throws Exception{
  if (balance >= amount) {
   System.out.println(Thread.currentThread().getName()+" Withdrawing:" + balance);
   this.balance =this.balance- amount;
   System.out.println(Thread.currentThread().getName()+" Withdrawn" + balance);
  } else {
   System.out.println(Thread.currentThread().getName()+" Withdraw: entered amount : " + amount + " more than balance:" + balance);

Lets create a class which will act as a user to this Bank.

public class Withdrawer extends Thread {
 Bank bank;

 public Withdrawer(Bank bank) {
  this.bank = bank;

 public void run(){
  try {
  } catch (Exception e) {
   // TODO Auto-generated catch block

This Withdrawer class is a Thread and calls the withdraw method of the bank instance it has.

import java.util.TreeMap;

public class TestBank {

 public static void main(String[] args) {
  Bank bank = new Bank();
  Withdrawer withdrawer = new Withdrawer(bank);
  Withdrawer withdrawer2 = new Withdrawer(bank);

The test class here creates two instances of withdrawer and passes same bank instace to both of them. When starting both the threads, both will call the withdraw method and try to withdraw money. To avoid balance to go in negative we have added a condition in the Bank.withdraw method.

Now lets try running the code.

Thread-0 Withdrawing:100
Thread-1 Withdrawing:100
Thread-0 Withdrawn0
Thread-1 Withdrawn-100

As we can see that both threads try to withdraw money. Ideally when a thread has withdrawn the money the next thread should not enter the if (balance >= amount) block. But it does. Because the actual withdrawl of the money i.e this.balance =this.balance- amount; takes some time. In the mean time if another thread tries to call withdraw() it will pass the balance >=amount check and will enter the if block. Since both the threads will withdraw the balance will go in nagitive. To overcome this problem we should restrict second thread to access withdraw method if one thread is already inside it. This can be done by the synchronized keyword. Now lets change the code and run the program again.

public class Bank {

 int balance = 100;

 public void deposit(int amount) {
  this.balance = amount;
  System.out.println(Thread.currentThread().getName()+" Deposit:" + balance);

 public synchronized void withdraw(int amount) throws Exception{
  if (balance >= amount) {
   System.out.println(Thread.currentThread().getName()+" Withdrawing:" + balance);
   this.balance =this.balance- amount;
   System.out.println(Thread.currentThread().getName()+" Withdrawn" + balance);
  } else {
   System.out.println(Thread.currentThread().getName()+" Withdraw: entered amount : " + amount + " more than balance:" + balance);

The only change we have done here is the synchronized keyword in the withdraw method.

Thread-0 Withdrawing:100
Thread-0 Withdrawn0
Thread-1 Withdraw: entered amount : 100 more than balance:0

When a Thread accesses the withdraw method it acquired the lock of the object on which this method was called, which in our case is the bank object. An it will release the lock only after it exists the withdraw method. While a thread has a lock of a Object if another thread tries to access a method marked synchronized with the same Object, it will have to wait. That is it will not in the Waiting state and will get access only after the lock on the object is released.

Core Java Interview Questions & Answers

This blog provides Q & A on various Core Java topics.

This blog is divided in two sections Part 1 and Part 2

Click Here for Core Java Objective Questions and Answers

What are pillars of OOPS?
What is UpCasting and DownCasting UpCasting?
What is Abstract class and Interface?
What is Constructor and Constructor Overloading?
What is final?
What is static?
What is a Singleton Class
Part 2
What is Exception
How to do Exception Handling and what is the need of doing Exception handling
What is Runtime and CheckedExceptions.
How to create custom Exception
What is a Thread and how to implement a Thread.
What is synchronisation
How do Threads communicate
What is CyclicBarrier, CountDownLatch and Semaphore
What are different collections explain their differences. Also explain how they work internally?
What is static and init block?

Share the post