The java.security package contains the classes and interfaces that implement the Java security architecture. These classes can be divided into two broad categories. First, there are classes that implement access control and prevent untrusted code from performing sensitive operations. Second, there are authentication classes that implement message digests and digital signatures and can authenticate Java classes and other objects. The central access control class is AccessController ; it uses the currently installed Policy object to decide whether a given class has Permission to access a given system resource. The Permissions and ProtectionDomain classes are also important pieces of the Java access control architecture. The key classes for authentication are MessageDigest and Signature ; they compute and verify cryptographic message digests and digital signatures. These classes use public-key cryptography techniques and rely on the PublicKey and PrivateKey interfaces. They also rely on an infrastructure of related classes, such as SecureRandom for producing cryptographic-strength pseudorandom numbers , KeyPairGenerator for generating pairs of public and private keys, and KeyStore for managing a collection of keys and certificates. (This package defines a Certificate interface, but it is deprecated; see the java.security.cert package for the preferred Certificate class.) The CodeSource class unites the authentication classes with the access control classes. It represents the source of a Java class as a URL and a set of java.security.cert.Certificate objects that contain the digital signatures of the code. The AccessController and Policy classes look at the CodeSource of a class when making access control decisions. All the cryptographic-authentication features of this package are provider-based, which means they are implemented by security provider modules that can be plugged easily into any Java 1.2 (or later) installation. Thus, in addition to defining a security API, this package also defines a service provider interface (SPI). Various classes with names that end in Spi are part of this SPI. Security provider implementations must subclass these Spi classes, but applications never need to use them. Each security provider is represented by a Provider class, and the Security class allows new providers to be dynamically installed. The java.security package contains several useful utility classes. For example, DigestInputStream and DigestOutputStream make it easy to compute message digests. GuardedObject provides customizable access control for an individual object. SignedObject protects the integrity of an arbitrary Java object by attaching a digital signature, making it easy to detect any tampering with the object. Although the java.security package contains cryptographic classes for authentication, it does not contain classes for encryption or decryption. Instead, this functionality is part of the Java Cryptography Extension or JCE which defines the javax.crypto package and its subpackages. The JCE is part of the core platform in Java 1.4 and later, and is available as a standard extension to Java 1.2 and Java 1.3. Interfacespublic interface Certificate ; public interface DomainCombiner ; public interface Guard ; public interface Key extends Serializable; public interface KeyStore.Entry ; public interface KeyStore.LoadStoreParameter ; public interface KeyStore.ProtectionParameter ; public interface Principal ; public interface PrivateKey extends Key; public interface PrivilegedAction <T>; public interface PrivilegedExceptionAction <T>; public interface PublicKey extends Key; Enumerated Types public enum KeyRep.Type ; Collectionspublic abstract class Provider extends java.util.Properties; public abstract class AuthProvider extends Provider; Other Classespublic final class AccessControlContext ; public final class AccessController ; public class AlgorithmParameterGenerator ; public abstract class AlgorithmParameterGeneratorSpi ; public class AlgorithmParameters ; public abstract class AlgorithmParametersSpi ; public final class CodeSigner implements Serializable; public class CodeSource implements Serializable; public class DigestInputStream extends java.io.FilterInputStream; public class DigestOutputStream extends java.io.FilterOutputStream; public class GuardedObject implements Serializable; public abstract class Identity implements Principal, Serializable; public abstract class IdentityScope extends Identity; public abstract class Signer extends Identity; public class KeyFactory ; public abstract class KeyFactorySpi ; public final class KeyPair implements Serializable; public abstract class KeyPairGeneratorSpi ; public abstract class KeyPairGenerator extends KeyPairGeneratorSpi; public class KeyRep implements Serializable; public class KeyStore ; public abstract static class KeyStore.Builder ; public static class KeyStore.CallbackHandlerProtection implements KeyStore. ProtectionParameter; public static class KeyStore.PasswordProtection implements javax.security.auth.Destroyable, KeyStore.ProtectionParameter; public static final class KeyStore.PrivateKeyEntry implements KeyStore.Entry; public static final class KeyStore.SecretKeyEntry implements KeyStore.Entry; public static final class KeyStore.TrustedCertificateEntry implements KeyStore. Entry; public abstract class KeyStoreSpi ; public abstract class MessageDigestSpi ; public abstract class MessageDigest extends MessageDigestSpi; public abstract class Permission implements Guard, Serializable; public final class AllPermission extends Permission; public abstract class BasicPermission extends Permission implements Serializable; public final class SecurityPermission extends BasicPermission; public final class UnresolvedPermission extends Permission implements Serializable; public abstract class PermissionCollection implements Serializable; public final class Permissions extends PermissionCollection implements Serializable; public abstract class Policy ; public class ProtectionDomain ; public static class Provider.Service ; public class SecureClassLoader extends ClassLoader; public class SecureRandom extends java.util.Random; public abstract class SecureRandomSpi implements Serializable; public final class Security ; public abstract class SignatureSpi ; public abstract class Signature extends SignatureSpi; public final class SignedObject implements Serializable; public final class Timestamp implements Serializable; Exceptionspublic class AccessControlException extends SecurityException; public class GeneralSecurityException extends Exception; public class DigestException extends GeneralSecurityException; public class InvalidAlgorithmParameterException extends GeneralSecurityException; public class KeyException extends GeneralSecurityException; public class InvalidKeyException extends KeyException; public class KeyManagementException extends KeyException; public class KeyStoreException extends GeneralSecurityException; public class NoSuchAlgorithmException extends GeneralSecurityException; public class NoSuchProviderException extends GeneralSecurityException; public class SignatureException extends GeneralSecurityException; public class UnrecoverableEntryException extends GeneralSecurityException; public class UnrecoverableKeyException extends GeneralSecurityException; public class InvalidParameterException extends IllegalArgumentException; public class PrivilegedActionException extends Exception; public class ProviderException extends RuntimeException; |