The javax.crypto package defines classes and interfaces for various cryptographic operations. The central class is Cipher , which is used to encrypt and decrypt data. CipherInputStream and CipherOutputStream are utility classes that use a Cipher object to encrypt or decrypt streaming data. SealedObject is another important utility class that uses a Cipher object to encrypt an arbitrary serializable Java object. The KeyGenerator class creates the SecretKey objects used by Cipher for encryption and decryption. SecretKeyFactory encodes and decodes SecretKey objects. The KeyAgreement class enables two or more parties to agree on a SecretKey in such a way that an eavesdropper cannot determine the key. The Mac class computes a message authentication code (MAC) that can ensure the integrity of a transmission between two parties who share a SecretKey . A MAC is akin to a digital signature, except that it is based on a secret key instead of a public/private key pair. Like the java.security package, the javax.crypto package is provider-based, so that arbitrary cryptographic implementations may be plugged into any Java installation. Various classes in this package have names that end in Spi. These classes define a service-provider interface and must be implemented by each cryptographic provider that wishes to provide an implementation of a particular cryptographic service or algorithm. This package was originally shipped as part of the Java Cryptography Extension ( JCE), but it has been added to the core platform in Java 1.4. A version of the JCE is still available (see http://java.sun.com/security) as a standard extension for Java 1.2 and Java 1.3. This package is distributed with a cryptographic provider named "SunJCE" that includes a robust set of implementations for Cipher , KeyAgreement , Mac , and other classes. This provider is installed by the default java.security properties in Java 1.4 distributions. A full tutorial on cryptography is beyond the scope of this chapter and of this book. In order to use this package, you need to have a basic understanding of cryptographic algorithms such as DES. In order to take full advantage of this package, you also need to have a detailed understanding of things like feedback modes, padding schemes, the Diffie-Hellman key-agreement protocol, and so on. For a good introduction to modern cryptography in Java, see Java Cryptography by Jonathan Knudsen (O'Reilly). For more in-depth coverage, not specific to Java, see Applied Cryptography by Bruce Schneier (Wiley). Interfaces public interface SecretKey extends java.security.Key; Classespublic class Cipher ; public class NullCipher extends Cipher; public class CipherInputStream extends java.io.FilterInputStream; public class CipherOutputStream extends java.io.FilterOutputStream; public abstract class CipherSpi ; public class EncryptedPrivateKeyInfo ; public class ExemptionMechanism ; public abstract class ExemptionMechanismSpi ; public class KeyAgreement ; public abstract class KeyAgreementSpi ; public class KeyGenerator ; public abstract class KeyGeneratorSpi ; public class Mac implements Cloneable; public abstract class MacSpi ; public class SealedObject implements Serializable; public class SecretKeyFactory ; public abstract class SecretKeyFactorySpi ; Exceptionspublic class BadPaddingException extends java.security.GeneralSecurityException; public class ExemptionMechanismException extends java.security.GeneralSecurityException; public class IllegalBlockSizeException extends java.security.GeneralSecurityException; public class NoSuchPaddingException extends java.security.GeneralSecurityException; public class ShortBufferException extends java.security.GeneralSecurityException; |