Developers
Most visited
Recently visited
java.security
Provides the classes and interfaces for the security framework. This includes classes that implement an easily configurable, fine-grained access control security architecture. This package also supports the generation and storage of cryptographic public key pairs, as well as a number of exportable cryptographic operations including those for message digest and signature generation. Finally, this package provides classes that support signed/guarded objects and secure random number generation. Many of the classes provided in this package (the cryptographic and secure random number generator classes in particular) are provider-based. The class itself defines a programming interface to which applications may write. The implementations themselves may then be written by independent third-party vendors and plugged in seamlessly as needed. Therefore application developers may take advantage of any number of provider-based implementations without having to add or rewrite code.Package Specification
- Java™ Cryptography Architecture (JCA) Reference Guide
- PKCS #8: Private-Key Information Syntax Standard, Version 1.2, November 1993
- Java™ Cryptography Architecture Standard Algorithm Name Documentation
Related Documentation
For further documentation, please see:- Java™ SE Platform Security Architecture
- How to Implement a Provider in the Java™ Cryptography Architecture
- Default Policy Implementation and Policy File Syntax
- Permissions in the Java™ SE Development Kit (JDK)
- Summary of Tools for Java™ Platform Security
- keytool ( for Solaris/Linux) ( for Windows)
- jarsigner ( for Solaris/Linux) ( for Windows)
Interfaces
| AlgorithmConstraints | This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters. |
| Certificate | This interface is deprecated. A new certificate handling package is created in the Java platform. This Certificate interface is entirely deprecated and is here to allow for a smooth transition to the new package. |
| DomainCombiner | Legacy security code; do not use. |
| Guard |
This interface represents a guard, which is an object that is used to protect access to another object. |
| Key | The Key interface is the top-level interface for all keys. |
| KeyStore.Entry |
A marker interface for KeyStore entry types.
|
| KeyStore.Entry.Attribute | An attribute associated with a keystore entry. |
| KeyStore.LoadStoreParameter |
A marker interface for KeyStore
load
and
store
parameters.
|
| KeyStore.ProtectionParameter | A marker interface for keystore protection parameters. |
| Policy.Parameters | |
| Principal | This interface represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id. |
| PrivateKey | A private key. |
| PrivilegedAction<T> | Legacy security code; do not use. |
| PrivilegedExceptionAction<T> | Legacy security code; do not use. |
| PublicKey |
A public key. |
Classes
| AccessControlContext | Legacy security code; do not use. |
| AccessController | Legacy security code; do not use. |
| AlgorithmParameterGenerator |
The AlgorithmParameterGenerator class is used to generate a
set of
parameters to be used with a certain algorithm.
|
| AlgorithmParameterGeneratorSpi |
This class defines the Service Provider Interface (SPI)
for the AlgorithmParameterGenerator class, which
is used to generate a set of parameters to be used with a certain algorithm.
|
| AlgorithmParameters | This class is used as an opaque representation of cryptographic parameters. |
| AlgorithmParametersSpi |
This class defines the Service Provider Interface (SPI)
for the AlgorithmParameters class, which is used to manage
algorithm parameters.
|
| AllPermission | Legacy security code; do not use. |
| AuthProvider | Legacy security code; do not use. |
| BasicPermission | Legacy security code; do not use. |
| CodeSigner | This class encapsulates information about a code signer. |
| CodeSource | Legacy security code; do not use. |
| DigestInputStream | A transparent stream that updates the associated message digest using the bits going through the stream. |
| DigestOutputStream | A transparent stream that updates the associated message digest using the bits going through the stream. |
| DomainLoadStoreParameter | Configuration data that specifies the keystores in a keystore domain. |
| GuardedObject | A GuardedObject is an object that is used to protect access to another object. |
| Identity |
This class is deprecated.
This class is no longer used. Its functionality has been
replaced by java.security.KeyStore, the
java.security.cert package, and
java.security.Principal.
|
| IdentityScope |
This class is deprecated.
This class is no longer used. Its functionality has been
replaced by java.security.KeyStore, the
java.security.cert package, and
java.security.Principal.
|
| KeyFactory |
Key factories are used to convert keys (opaque
cryptographic keys of type Key) into key specifications
(transparent representations of the underlying key material), and vice
versa.
|
| KeyFactorySpi |
This class defines the Service Provider Interface (SPI)
for the KeyFactory class.
|
| KeyPair | This class is a simple holder for a key pair (a public key and a private key). |
| KeyPairGenerator | The KeyPairGenerator class is used to generate pairs of public and private keys. |
| KeyPairGeneratorSpi |
This class defines the Service Provider Interface (SPI)
for the |
| KeyRep | Standardized representation for serialized Key objects. |
| KeyStore | This class represents a storage facility for cryptographic keys and certificates. |
| KeyStore.Builder | A description of a to-be-instantiated KeyStore object. |
| KeyStore.CallbackHandlerProtection | A ProtectionParameter encapsulating a CallbackHandler. |
| KeyStore.PasswordProtection |
A password-based implementation of ProtectionParameter.
|
| KeyStore.PrivateKeyEntry |
A KeyStore entry that holds a PrivateKey
and corresponding certificate chain.
|
| KeyStore.SecretKeyEntry |
A KeyStore entry that holds a SecretKey.
|
| KeyStore.TrustedCertificateEntry |
A KeyStore entry that holds a trusted
Certificate.
|
| KeyStoreSpi |
This class defines the Service Provider Interface (SPI)
for the KeyStore class.
|
| MessageDigest | This MessageDigest class provides applications the functionality of a message digest algorithm, such as SHA-1 or SHA-256. |
| MessageDigestSpi |
This class defines the Service Provider Interface (SPI)
for the MessageDigest class, which provides the functionality
of a message digest algorithm, such as MD5 or SHA.
|
| Permission | Legacy security code; do not use. |
| PermissionCollection | Legacy security code; do not use. |
| Permissions | Legacy security code; do not use. |
| PKCS12Attribute | An attribute associated with a PKCS12 keystore entry. |
| Policy | Legacy security code; do not use. |
| PolicySpi |
This class defines the Service Provider Interface (SPI)
for the Policy class.
|
| ProtectionDomain | Legacy security code; do not use. |
| Provider | This class represents a "provider" for the Java Security API, where a provider implements some or all parts of Java Security. |
| Provider.Service | The description of a security service. |
| SecureClassLoader | This class extends ClassLoader with additional support for defining classes with an associated code source and permissions which are retrieved by the system policy by default. |
| SecureRandom | This class provides a cryptographically strong random number generator (RNG). |
| SecureRandomSpi |
This class defines the Service Provider Interface (SPI)
for the SecureRandom class.
|
| Security |
This class centralizes all security properties and common security methods. |
| SecurityPermission | Legacy security code; do not use. |
| Signature | The Signature class is used to provide applications the functionality of a digital signature algorithm. |
| SignatureSpi |
This class defines the Service Provider Interface (SPI)
for the Signature class, which is used to provide the
functionality of a digital signature algorithm.
|
| SignedObject |
SignedObject is a class for the purpose of creating authentic runtime objects whose integrity cannot be compromised without being detected. |
| Signer |
This class is deprecated.
This class is no longer used. Its functionality has been
replaced by java.security.KeyStore, the
java.security.cert package, and
java.security.Principal.
|
| Timestamp | This class encapsulates information about a signed timestamp. |
| UnresolvedPermission | Legacy security code; do not use. |
Enums
| CryptoPrimitive | An enumeration of cryptographic primitives. |
| KeyRep.Type | Key type. |
Exceptions
| AccessControlException |
This exception is thrown by the AccessController to indicate that a requested access (to a critical system resource such as the file system or the network) is denied. |
| DigestException | This is the generic Message Digest exception. |
| GeneralSecurityException |
The GeneralSecurityException class is a generic
security exception class that provides type safety for all the
security-related exception classes that extend from it.
|
| InvalidAlgorithmParameterException | This is the exception for invalid or inappropriate algorithm parameters. |
| InvalidKeyException | This is the exception for invalid Keys (invalid encoding, wrong length, uninitialized, etc). |
| InvalidParameterException | This exception, designed for use by the JCA/JCE engine classes, is thrown when an invalid parameter is passed to a method. |
| KeyException | This is the basic key exception. |
| KeyManagementException | This is the general key management exception for all operations dealing with key management. |
| KeyStoreException | This is the generic KeyStore exception. |
| NoSuchAlgorithmException | This exception is thrown when a particular cryptographic algorithm is requested but is not available in the environment. |
| NoSuchProviderException | This exception is thrown when a particular security provider is requested but is not available in the environment. |
| PrivilegedActionException | Legacy security code; do not use. |
| ProviderException | A runtime exception for Provider exceptions (such as misconfiguration errors or unrecoverable internal errors), which may be subclassed by Providers to throw specialized, provider-specific runtime errors. |
| SignatureException | This is the generic Signature exception. |
| UnrecoverableEntryException | This exception is thrown if an entry in the keystore cannot be recovered. |
| UnrecoverableKeyException | This exception is thrown if a key in the keystore cannot be recovered. |