Package java.security

Interface Summary

Certificate This interface models a digital certificate which verifies the authenticity of a party.
DomainCombiner A public interface used to combine two ProtectionDomains in a new ProtectionDomain and update the current Protection Domains associated with the current AccessControlContext.
Guard This interface specifies a mechanism for querying whether or not access is allowed to a guarded object.
Key This interfaces models the base characteristics that all keys must have.
Principal This interface models an entity (such as a user or a certificate authority) for the purposes of applying the Java security model.
PrivateKey This interface specified no methods.
PrivilegedAction This interface specifes a single run method that executes a privileged operation.
PrivilegedExceptionAction This interface defines a method that is called by AccessController.doPrivileged() in order to perform a privileged operation with higher privileges enabled.
PublicKey This interface specified no methods.

Class Summary

AccessControlContext AccessControlContext makes system resource access decsion based on permission rights.
AccessController Access control context and permission checker.
AlgorithmParameterGenerator The AlgorithmParameterGenerator class is used to generate a set of parameters to be used with a certain algorithm.
AlgorithmParameterGeneratorSpiAlgorithmParameterGeneratorSpi is the Service Provider Interface for the AlgorithmParameterGenerator class.
AlgorithmParameters This class is used as an opaque representation of cryptographic parameters.

An AlgorithmParameters object for managing the parameters for a particular algorithm can be obtained by calling one of the getInstance() factory methods (static methods that return instances of a given class).

There are two ways to request such an implementation: by specifying either just an algorithm name, or both an algorithm name and a package provider.

  • If just an algorithm name is specified, the system will determine if there is an AlgorithmParameters implementation for the algorithm requested available in the environment, and if there is more than one, if there is a preferred one.
  • If both an algorithm name and a package provider are specified, the system will determine if there is an implementation in the package requested, and throw an exception if there is not.

Once an AlgorithmParameters object is returned, it must be initialized via a call to init(), using an appropriate parameter specification or parameter encoding.

A transparent parameter specification is obtained from an AlgorithmParameters object via a call to getParameterSpec(), and a byte encoding of the parameters is obtained via a call to getEncoded().

AlgorithmParametersSpi AlgorithmParametersSpi is the Service Provider Interface for the Algorithm Parameters class.
AllPermission This class is a permission that implies all other permissions.
BasicPermission This class implements a simple model for named permissions without an associated action list.
CodeSource This class represents a location from which code is loaded (as represented by a URL), and the list of certificates that are used to check the signatures of signed code loaded from this source.
DigestInputStream DigestInputStream is a class that ties an InputStream with a MessageDigest.
DigestOutputStream DigestOutputStream is a class that ties an OutputStream with a MessageDigest.
GuardedObject This class is an object that is guarded by a Guard object.
Identity This class represents identities: real-world objects such as people, companies or organizations whose identities can be authenticated using their public keys.
IdentityScope This class represents a scope for identities.
KeyFactory Key factories are used to convert keys (opaque cryptographic keys of type Key) into key specifications (transparent representations of the underlying key material), and vice versa.

Key factories are bi-directional.

KeyFactorySpi KeyFactorySpi is the Service Provider Interface (SPI) for the KeyFactory class.
KeyPairKeyPair serves as a simple container for public and private keys.
KeyPairGenerator The KeyPairGenerator class is used to generate pairs of public and private keys.
KeyPairGeneratorSpiKeyPairGeneratorSpi is the interface used to generate key pairs for security algorithms.
KeyStore Keystore represents an in-memory collection of keys and certificates.
KeyStoreSpi KeyStoreSpi is the Service Provider Interface (SPI) for the KeyStore class.
MessageDigest This MessageDigest class provides applications the functionality of a message digest algorithm, such as MD5 or SHA.
MessageDigestSpiThis is the Service Provider Interface (SPI) for MessageDigest class in java.security.
Permission This class is the abstract superclass of all classes that implement the concept of a permission.
PermissionCollection This class models a group of Java permissions.
Permissions This class is a heterogeneous collection of permissions.
Policy This is an abstract class for representing the system security policy for a Java application environment (specifying which permissions are available for code from various sources).
ProtectionDomain This ProtectionDomain class encapsulates the characteristics of a domain, which encloses a set of classes whose instances are granted a set of permissions when being executed on behalf of a given set of Principals.
Provider This class represents a Java security architecture service provider.
SecureClassLoader A Secure Class Loader for loading classes with additional support for specifying code source and permissions when they are retrieved by the system policy handler.
SecureRandom An interface to a cryptographically secure pseudo-random number generator (PRNG).
SecureRandomSpiSecureRandomSpi is the Service Provider Interface for SecureRandom providers.
Security This class centralizes all security properties and common security methods.
SecurityPermission This class provides a mechanism for specified named permissions related to the Java security framework.
Signature This Signature class is used to provide applications the functionality of a digital signature algorithm.
SignatureSpi This class defines the Service Provider Interface (SPI) for the Signature class, which is used to provide the functionality of a digital signature algorithm.
SignedObject SignedObject is a class for the purpose of creating authentic runtime objects whose integrity cannot be compromised without being detected.
Signer This class is used to represent an Identity that can also digitally sign data.

The management of a signer's private keys is an important and sensitive issue that should be handled by subclasses as appropriate to their intended use.

UnresolvedPermission This class is used to hold instances of all permissions that cannot be resolved to available permission classes when the security Policy object is instantiated.

Exception Summary

AccessControlException This exception is thrown when the AccessController denies an attempt to perform an operation.
DigestException This exception indicates that a generic message digest exception has occurred.
GeneralSecurityException This class is the common superclass of all security exceptions.
InvalidAlgorithmParameterException Thrown for an invalid security algorithm parameter.
InvalidKeyException Thrown for an invalid key.
InvalidParameterException Thrown when an invalid parameter is passed to a method of the JCA/JCE engine classes.
KeyException This exception is thrown when there is a problem with a key.
KeyManagementException This exception is thrown whenever a problem related to the management of security keys is encountered.
KeyStoreException Indicates a problem with the key store.
NoSuchAlgorithmException This exception is thrown when the requested security algorithm is not available
NoSuchProviderException This exception is thrown when the requested security provider is not available.
PrivilegedActionException This exception is thrown when an exception is thrown during a privileged action being performed with the AccessController.doPrivileged() method.
ProviderException This exception indicates that a runtime problem was encounterd with a security provider.
SignatureException This exception is thrown when a problem is encountered with a digital signature.
UnrecoverableKeyException This exception is thrown when a key cannot be recovered from the key store.