Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
The main JDK 1.2 Security API classes and interfaces are shown below. Each is in thejava.security
package unless otherwise stated.
- Access Control Classes
- Permission Classes
- Policy
- AccessController
- AccessControlContext
- PrivilegedAction and PrivilegedExceptionAction
- CodeSoure
- ProtectionDomain
- SecureClassLoader
- Cryptography Classes
- Provider
- Signature
- MessageDigest
- Key Interfaces and Classes
- Key Specification Interfaces and Classes
- Algorithm Parameter Classes
- Algorithm Parameter Specification Interfaces and Classes
- Certificate Classes
- SecureRandom
- Security
- SecurityManager
Access Control Classes
Permission Classes
The permission classes represent accesses to system resources. Theclass is an abstract class and is subclassed, as appropriate, to represent specific accesses.java.security.PermissionClients can easily define their own new permissions, by subclassing either from the Permission class or one of its subclasses, such as
Subclassed permissions (other thanjava.security.BasicPermissionBasicPermission
) generally belong to their own packages. Thus,FilePermission
is found in thejava.io
package.The built-in JDK 1.2 permission types (classes) are
- ,
java.security.AllPermission
- ,
java.io.FilePermission
- ,
java.net.SocketPermission
- ,
java.net.NetPermission
- ,
java.security.SecurityPermission
- ,
java.lang.RuntimePermission
- ,
java.util.PropertyPermission
- ,
java.awt.AWTPermission
- , and
java.lang.reflect.ReflectPermission
- .
java.io.SerializablePermission
Permissions typically have a "name" and sometimes an "action". Classes like
FilePermission
andSocketPermission
that have a more complicated name syntax than that used byBasicPermission
subclass directly fromPermission
rather than fromBasicPermission
. For example, for ajava.io.FilePermission
object, the permission name is the pathname of a file (or directory), while the permission name for aBasicPermission
is simply the name of the given permission (for example, "exitVM", "setFactory", "queuePrintJob", etc).Some of the permission classes have an "actions" list that tells the actions that are permitted for the object. For example, for a
java.io.FilePermission
object, the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory).Other permission classes are for "named" permissions - ones that contain a name but no actions list; you either have the named permission or you don't.
BasicPermission
is commonly used as the base class for "named" permissions, since in it, the action string (inherited from Permission) is unused. Subclasses may implement actions on top ofBasicPermission
, if desired.Policy
The policy for a Java application environment (specifying which permissions are available for code from various sources) is represented by a
Policy
object. More specifically, it is represented by aPolicy
subclass providing an implementation of the abstract methods in thePolicy
class.The source location for the policy information utilized by the
Policy
object is up to thePolicy
implementation. The defaultPolicy
implementation included with the JDK obtains its information from static policy configuration files.AccessController
The
AccessController
class is used for three purposes:
- The
checkPermission
method decides whether an access to a critical system resource is to be allowed or denied, based on the security policy currently in effect. This is invoked by theSecurityManager
checkPermission
method.
- The
doPrivileged
methods mark code as being privileged, thus affecting subsequent access determinations.
- The
getContext
method obtains a "snapshot" of the current calling context so access-control decisions from a different context can be made with respect to the saved context.AccessControlContext
An
AccessControlContext
is used to make system resource access decisions based on the context it encapsulates.The purpose ofAccessControlContext
is for those situations where a security check that should be made within a given context actually needs to be done from within a different context (for example, from within a worker thread).PrivilegedAction and PrivilegedExceptionAction
PrivilegedAction
represents a computation to be performed with privileges enabled. The computation is performed by invoking theAccessController
doPrivileged
method on thePrivilegedAction
object.The
PrivilegedAction
interface is used only for computations that do not throw checked exceptions; computations that throw checked exceptions must usePrivilegedExceptionAction
instead.CodeSource
Code being executed is always considered to come from a particular "code source" (represented by an object of type
CodeSource
). ACodeSource
consists of a URL (specifying the location where the code originated from) and a set of certificates containing the public key(s) corresponding to the private key(s) used to sign the code (if the code was signed).ProtectionDomain
This class encapulates the characteristics of a domain, which encloses a set of classes whose instances are granted the same set of permissions.
In addition to a set of permissions, a domain is comprised of a
CodeSource
, which is a set ofPublicKey
s together with a codebase (in the form of a URL). Thus, classes signed by the same keys and from the same URL are placed in the same domain.SecureClassLoader
This is a concrete implementation of
java.lang.Classloader
that also handles loading remote classes (e.g., from URL and InputStream). All applets and applications (except for system classes) are loaded by aSecureClassLoader
either directly or indirectly.Cryptography Classes
Provider
The term "Cryptographic Service Provider" ("provider" for short) is used to refer to a package or set of packages that supply a concrete implementation of a subset of the cryptography aspects of the JDK Security API. The
Provider
class is the interface to such a package or set of packages. It has methods for accessing the provider name, version number, and other information.There are several types of services that can be implemented by provider packages - see the Engine Classes.
Signature
TheSignature
class is an engine class designed to provide the functionality of a digital signature algorithm such as DSA or RSA with MD5. A signature algorithm takes arbitrary-sized input and a private key and generates a relatively short (often fixed-size) string of bytes, called the signature, with the following properties:
- Given the public key corresponding to the private key used to generate the signature, it should be possible to verify the authenticity and integrity of the input.
- The signature and the public key do not reveal anything about the private key.
A
Signature
object can be used to generate a digital signature for data. It can also be used to verify whether or not an alleged signature is in fact the authentic signature of the data associated with it.MessageDigest
The
MessageDigest
class is an engine class designed to provide the functionality of cryptographically secure message digests such as SHA-1 or MD5. A cryptographically secure message digest takes arbitrary-sized input (a byte array), and generates a fixed-size output, called a digest. A digest has the following properties:
- It should be computationally infeasible to find another input string that will generate the same digest.
- The digest does not reveal anything about the input that was used to generate it.
Message digests are used to produce unique and reliable identifiers of data. They are sometimes called the "digital fingerprints" of data.
Key Interfaces and Classes
Key
The
Key
interface is the top-level interface for all opaque keys. It defines the functionality shared by all opaque key objects.It gives you limited access to the key - just the three methods defined by the
Key
interface:getAlgorithm
,getFormat
, andgetEncoded
.Keys are generally obtained through key generators, certificates, key specifications (using a
KeyFactory
), or aKeyStore
implementation accessing a "keystore" database used to manage keys.It is possible to parse encoded keys, in an algorithm-dependent manner, using a
KeyFactory
.PublicKey and PrivateKey
The
PublicKey
andPrivateKey
interfaces (which both extend theKey
interface) are method-less interfaces, used for type-safety and type-identification for public keys and private keys.KeyPair
The
KeyPair
class is a simple holder for a key pair (a public key and a private key). It has two public methods, one for returning the private key, and the other for returning the public key.
KeyPairGenerator
The
KeyPairGenerator
class is an engine class used to generate pairs of public and private keys.
KeyFactory
TheKeyFactory
class is an engine class designed to provide conversions between opaque cryptographic keys (of typeKey
) and key specifications (transparent representations of the underlying key material).Key factories are bi-directional, i.e., they allow you to build an opaque key object from a given key specification (key material), or to retrieve the underlying key material of a key object in a suitable format.
KeyStore
A database called a "keystore" can be used to manage a repository of keys and certificates.The
KeyStore
class is an engine class that supplies well-defined interfaces to access and modify the information in a keystore. It is possible for there to be multiple different concrete implementations, where each implementation is that for a particular type of keystore.There is a built-in default implementation, provided by Sun Microsystems. It implements the keystore as a file, utilizing a proprietary keystore type (format) named "JKS". It protects each private key with its individual password, and also protects the integrity of the entire keystore with a (possibly different) password.
Key Specification Interfaces and Classes
Key specifications are transparent representations of the key material that constitutes a key.
A transparent representation of keys means that you can access each key material value individually, through one of the "get" methods defined in the corresponding specification class.
A key may be specified in an algorithm-specific way, or in an algorithm-independent encoding format (such as ASN.1). For example, a DSA private key may be specified by its components
x
,p
,q
, andg
(seeDSAPrivateKeySpec
), or it may be specified using its DER encoding (seePKCS8EncodedKeySpec
).The key specification interfaces and classes appear in the
java.security.spec
package. They are described below.KeySpec
This interface contains no methods or constants. Its only purpose is to group (and provide type safety for) all key specifications. All key specifications must implement this interface.
DSAPrivateKeySpec
This class (which implements theKeySpec
Interface) specifies a DSA private key with its associated parameters.DSAPublicKeySpec
This class (which implements theKeySpec
Interface) specifies a DSA public key with its associated parameters.RSAPrivateKeySpec
This class (which implements theKeySpec
Interface) specifies an RSA private key.RSAPrivateCrtKeySpec
This class (which extends the RSAPrivateKeySpec class) specifies an RSA private key, as defined in the PKCS#1 standard, using the Chinese Remainder Theorem (CRT) information values.RSAPublicKeySpec
This class (which implements theKeySpec
Interface) specifies an RSA public key.EncodedKeySpec
This abstract class (which implements theKeySpec
Interface) represents a public or private key in encoded format.PKCS8EncodedKeySpec
This class, which is a subclass ofEncodedKeySpec
, represents the DER encoding of a private key, according to the format specified in the PKCS #8 standard.X509EncodedKeySpec
This class, which is a subclass ofEncodedKeySpec
, represents the DER encoding of a public or private key, according to the format specified in the X.509 standard.Algorithm Parameter Classes
AlgorithmParameters
TheAlgorithmParameters
class is an engine class that provides an opaque representation of cryptographic parameters.An opaque representation is one in which you have no direct access to the parameter fields; you can only get the name of the algorithm associated with the parameter set and some kind of encoding for the parameter set.
AlgorithmParameterGenerator
TheAlgorithmParameterGenerator
class is an engine class used to generate a set of parameters to be used with a certain algorithm (the algorithm specified when anAlgorithmParameterGenerator
instance is created).Algorithm Parameter Specification Interfaces and Classes
An algorithm parameter specification is a transparent representation of the sets of parameters used with an algorithm.
A transparent representation of parameters means that you can access each value individually, through one of the "get" methods defined in the corresponding specification class.
The algorithm parameter specification interfaces and classes that appear in the
java.security.spec
package are described below.AlgorithmParameterSpec
AlgorithmParameterSpec
is an interface to a transparent specification of cryptographic parameters. This interface contains no methods or constants. Its only purpose is to group (and provide type safety for) all parameter specifications. All parameter specifications must implement this interface.DSAParameterSpec
This class (which implements theAlgorithmParameterSpec
interface) specifies the set of parameters used with the DSA algorithm.Certificate Classes
Certificate
The
java.security.cert.Certificate
class is an abstraction for certificates that have different formats but important common uses. For example, different types of certificates, such as X.509 and PGP, share general certificate functionality (like encoding and verifying) and some types of information (like a public key).CertificateFactory
Thejava.security.cert.CertificateFactory
class is an engine class that defines the functionality of a certificate factory, which is used to generate certificate and certificate revocation list (CRL) objects from their encodings.X509Certificate
Thejava.security.cert.X509Certificate
class is an abstract class for X.509 certificates. It provides a standard way to access all the attributes of an X.509 certificate.SecureRandom
The
SecureRandom
class is an engine class that provides the functionality of a random number generator.
The
Security
class manages installed providers and security-wide properties. It only contains static methods and is never instantiated.
java.lang.SecurityManager
is a class that allows applications to implement a security policy. It allows an application to determine, before performing a possibly unsafe or sensitive operation, what the operation is, and to decide whether or not to allow execution of the operation.The
SecurityManager
class contains many methods with names that begin with the wordcheck
. These methods are called by various methods in the runtime libraries before those methods perform certain potentially sensitive operations.As of JDK 1.2, the default implementation of each of the
checkXXX
methods is to call the specialSecurityManager
checkPermission(java.security.Permission perm)
method, passing it the permission required in order to perform the requested operation. ThecheckPermission
method then determines whether the access request indicated by the specified permission should be granted or denied by callingAccessController.checkPermission(perm);If a requested access is allowed,
checkPermission
returns quietly. If denied, aSecurityException
is thrown.
Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
Copyright 1995-2002 Sun Microsystems, Inc. All rights reserved.