Package javax.crypto

The javax.crypto package defines classes and interfaces for various cryptographic operations. The central class is Cipher , which is used to encrypt and decrypt data. CipherInputStream and CipherOutputStream are utility classes that use a Cipher object to encrypt or decrypt streaming data. SealedObject is another important utility class that uses a Cipher object to encrypt an arbitrary serializable Java object.

The KeyGenerator class creates the SecretKey objects used by Cipher for encryption and decryption. SecretKeyFactory encodes and decodes SecretKey objects. The KeyAgreement class enables two or more parties to agree on a SecretKey in such a way that an eavesdropper cannot determine the key. The Mac class computes a message authentication code (MAC) that can ensure the integrity of a transmission between two parties who share a SecretKey . A MAC is akin to a digital signature, except that it is based on a secret key instead of a public/private key pair.

Like the java.security package, the javax.crypto package is provider-based, so that arbitrary cryptographic implementations may be plugged into any Java installation. Various classes in this package have names that end in Spi. These classes define a service-provider interface and must be implemented by each cryptographic provider that wishes to provide an implementation of a particular cryptographic service or algorithm.

This package was originally shipped as part of the Java Cryptography Extension ( JCE), but it has been added to the core platform in Java 1.4. A version of the JCE is still available (see http://java.sun.com/security) as a standard extension for Java 1.2 and Java 1.3. This package is distributed with a cryptographic provider named "SunJCE" that includes a robust set of implementations for Cipher , KeyAgreement , Mac , and other classes. This provider is installed by the default java.security properties in Java 1.4 distributions.

A full tutorial on cryptography is beyond the scope of this chapter and of this book. In order to use this package, you need to have a basic understanding of cryptographic algorithms such as DES. In order to take full advantage of this package, you also need to have a detailed understanding of things like feedback modes, padding schemes, the Diffie-Hellman key-agreement protocol, and so on. For a good introduction to modern cryptography in Java, see Java Cryptography by Jonathan Knudsen (O'Reilly). For more in-depth coverage, not specific to Java, see Applied Cryptography by Bruce Schneier (Wiley).

Interfaces

 public interface  SecretKey  extends java.security.Key; 

Classes

 public class  Cipher  ;    public class  NullCipher  extends Cipher; public class  CipherInputStream  extends java.io.FilterInputStream; public class  CipherOutputStream  extends java.io.FilterOutputStream; public abstract class  CipherSpi  ; public class  EncryptedPrivateKeyInfo  ; public class  ExemptionMechanism  ; public abstract class  ExemptionMechanismSpi  ; public class  KeyAgreement  ; public abstract class  KeyAgreementSpi  ; public class  KeyGenerator  ; public abstract class  KeyGeneratorSpi  ; public class  Mac  implements Cloneable; public abstract class  MacSpi  ; public class  SealedObject  implements Serializable; public class  SecretKeyFactory  ; public abstract class  SecretKeyFactorySpi  ; 

Exceptions

 public class  BadPaddingException  extends java.security.GeneralSecurityException; public class  ExemptionMechanismException  extends java.security.GeneralSecurityException; public class  IllegalBlockSizeException  extends java.security.GeneralSecurityException; public class  NoSuchPaddingException  extends java.security.GeneralSecurityException; public class  ShortBufferException  extends java.security.GeneralSecurityException;