Module java.base

Package java.security

Provides the classes and interfaces for the security framework. This includes classes that implement an easily configurable, fine-grained access control security architecture. This package also supports the generation and storage of cryptographic public key pairs, as well as a number of exportable cryptographic operations including those for message digest and signature generation. Finally, this package provides classes that support signed/guarded objects and secure random number generation. Many of the classes provided in this package (the cryptographic and secure random number generator classes in particular) are provider-based. The class itself defines a programming interface to which applications may write. The implementations themselves may then be written by independent third-party vendors and plugged in seamlessly as needed. Therefore application developers may take advantage of any number of provider-based implementations without having to add or rewrite code.

Package Specification

Related Documentation

For further documentation, please see:
Since:
1.1
  • Interface Summary 
    Interface Description
    AlgorithmConstraints
    This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters.
    Certificate Deprecated, for removal: This API element is subject to removal in a future version.
    This class is deprecated and subject to removal in a future version of Java SE.
    DomainCombiner
    A DomainCombiner provides a means to dynamically update the ProtectionDomains associated with the current AccessControlContext.
    Guard
    This interface represents a guard, which is an object that is used to protect access to another object.
    Key
    The Key interface is the top-level interface for all keys.
    KeyStore.Entry
    A marker interface for KeyStore entry types.
    KeyStore.Entry.Attribute
    An attribute associated with a keystore entry.
    KeyStore.LoadStoreParameter
    A marker interface for KeyStore load and store parameters.
    KeyStore.ProtectionParameter
    A marker interface for keystore protection parameters.
    Policy.Parameters
    This represents a marker interface for Policy parameters.
    Principal
    This interface represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id.
    PrivateKey
    A private key.
    PrivilegedAction<T>
    A computation to be performed with privileges enabled.
    PrivilegedExceptionAction<T>
    A computation to be performed with privileges enabled, that throws one or more checked exceptions.
    PublicKey
    A public key.
    SecureRandomParameters
    A marker interface for parameters used in various SecureRandom methods.
  • Class Summary 
    Class Description
    AccessControlContext
    An AccessControlContext is used to make system resource access decisions based on the context it encapsulates.
    AccessController
    The AccessController class is used for access control operations and decisions.
    AlgorithmParameterGenerator
    The AlgorithmParameterGenerator class is used to generate a set of parameters to be used with a certain algorithm.
    AlgorithmParameterGeneratorSpi
    This class defines the Service Provider Interface (SPI) for the AlgorithmParameterGenerator class, which is used to generate a set of parameters to be used with a certain algorithm.
    AlgorithmParameters
    This class is used as an opaque representation of cryptographic parameters.
    AlgorithmParametersSpi
    This class defines the Service Provider Interface (SPI) for the AlgorithmParameters class, which is used to manage algorithm parameters.
    AllPermission
    The AllPermission is a permission that implies all other permissions.
    AuthProvider
    This class defines login and logout methods for a provider.
    BasicPermission
    The BasicPermission class extends the Permission class, and can be used as the base class for permissions that want to follow the same naming convention as BasicPermission.
    CodeSigner
    This class encapsulates information about a code signer.
    CodeSource
    This class extends the concept of a codebase to encapsulate not only the location (URL) but also the certificate chains that were used to verify signed code originating from that location.
    DigestInputStream
    A transparent stream that updates the associated message digest using the bits going through the stream.
    DigestOutputStream
    A transparent stream that updates the associated message digest using the bits going through the stream.
    DomainLoadStoreParameter
    Configuration data that specifies the keystores in a keystore domain.
    DrbgParameters
    This class specifies the parameters used by a DRBG (Deterministic Random Bit Generator).
    DrbgParameters.Instantiation
    DRBG parameters for instantiation.
    DrbgParameters.NextBytes
    DRBG parameters for random bits generation.
    DrbgParameters.Reseed
    DRBG parameters for reseed.
    GuardedObject
    A GuardedObject is an object that is used to protect access to another object.
    Identity Deprecated, for removal: This API element is subject to removal in a future version.
    This class is deprecated and subject to removal in a future version of Java SE.
    IdentityScope Deprecated, for removal: This API element is subject to removal in a future version.
    This class is deprecated and subject to removal in a future version of Java SE.
    KeyFactory
    Key factories are used to convert keys (opaque cryptographic keys of type Key) into key specifications (transparent representations of the underlying key material), and vice versa.
    KeyFactorySpi
    This class defines the Service Provider Interface (SPI) for the KeyFactory class.
    KeyPair
    This class is a simple holder for a key pair (a public key and a private key).
    KeyPairGenerator
    The KeyPairGenerator class is used to generate pairs of public and private keys.
    KeyPairGeneratorSpi
    This class defines the Service Provider Interface (SPI) for the KeyPairGenerator class, which is used to generate pairs of public and private keys.
    KeyRep
    Standardized representation for serialized Key objects.
    KeyStore
    This class represents a storage facility for cryptographic keys and certificates.
    KeyStore.Builder
    A description of a to-be-instantiated KeyStore object.
    KeyStore.CallbackHandlerProtection
    A ProtectionParameter encapsulating a CallbackHandler.
    KeyStore.PasswordProtection
    A password-based implementation of ProtectionParameter.
    KeyStore.PrivateKeyEntry
    A KeyStore entry that holds a PrivateKey and corresponding certificate chain.
    KeyStore.SecretKeyEntry
    A KeyStore entry that holds a SecretKey.
    KeyStore.TrustedCertificateEntry
    A KeyStore entry that holds a trusted Certificate.
    KeyStoreSpi
    This class defines the Service Provider Interface (SPI) for the KeyStore class.
    MessageDigest
    This MessageDigest class provides applications the functionality of a message digest algorithm, such as SHA-1 or SHA-256.
    MessageDigestSpi
    This class defines the Service Provider Interface (SPI) for the MessageDigest class, which provides the functionality of a message digest algorithm, such as MD5 or SHA.
    Permission
    Abstract class for representing access to a system resource.
    PermissionCollection
    Abstract class representing a collection of Permission objects.
    Permissions
    This class represents a heterogeneous collection of Permissions.
    PKCS12Attribute
    An attribute associated with a PKCS12 keystore entry.
    Policy
    A Policy object is responsible for determining whether code executing in the Java runtime environment has permission to perform a security-sensitive operation.
    PolicySpi
    This class defines the Service Provider Interface (SPI) for the Policy class.
    ProtectionDomain
    The ProtectionDomain class encapsulates the characteristics of a domain, which encloses a set of classes whose instances are granted a set of permissions when being executed on behalf of a given set of Principals.
    Provider
    This class represents a "provider" for the Java Security API, where a provider implements some or all parts of Java Security.
    Provider.Service
    The description of a security service.
    SecureClassLoader
    This class extends ClassLoader with additional support for defining classes with an associated code source and permissions which are retrieved by the system policy by default.
    SecureRandom
    This class provides a cryptographically strong random number generator (RNG).
    SecureRandomSpi
    This class defines the Service Provider Interface (SPI) for the SecureRandom class.
    Security
    This class centralizes all security properties and common security methods.
    SecurityPermission
    This class is for security permissions.
    Signature
    The Signature class is used to provide applications the functionality of a digital signature algorithm.
    SignatureSpi
    This class defines the Service Provider Interface (SPI) for the Signature class, which is used to provide the functionality of a digital signature algorithm.
    SignedObject
    SignedObject is a class for the purpose of creating authentic runtime objects whose integrity cannot be compromised without being detected.
    Signer Deprecated, for removal: This API element is subject to removal in a future version.
    This class is deprecated and subject to removal in a future version of Java SE.
    Timestamp
    This class encapsulates information about a signed timestamp.
    UnresolvedPermission
    The UnresolvedPermission class is used to hold Permissions that were "unresolved" when the Policy was initialized.
    URIParameter
    A parameter that contains a URI pointing to data intended for a PolicySpi or ConfigurationSpi implementation.
  • Enum Summary 
    Enum Description
    CryptoPrimitive
    An enumeration of cryptographic primitives.
    DrbgParameters.Capability
    The reseedable and prediction resistance capabilities of a DRBG.
    KeyRep.Type
    Key type.
  • Exception Summary 
    Exception Description
    AccessControlException
    This exception is thrown by the AccessController to indicate that a requested access (to a critical system resource such as the file system or the network) is denied.
    DigestException
    This is the generic Message Digest exception.
    GeneralSecurityException
    The GeneralSecurityException class is a generic security exception class that provides type safety for all the security-related exception classes that extend from it.
    InvalidAlgorithmParameterException
    This is the exception for invalid or inappropriate algorithm parameters.
    InvalidKeyException
    This is the exception for invalid Keys (invalid encoding, wrong length, uninitialized, etc).
    InvalidParameterException
    This exception, designed for use by the JCA/JCE engine classes, is thrown when an invalid parameter is passed to a method.
    KeyException
    This is the basic key exception.
    KeyManagementException
    This is the general key management exception for all operations dealing with key management.
    KeyStoreException
    This is the generic KeyStore exception.
    NoSuchAlgorithmException
    This exception is thrown when a particular cryptographic algorithm is requested but is not available in the environment.
    NoSuchProviderException
    This exception is thrown when a particular security provider is requested but is not available in the environment.
    PrivilegedActionException
    This exception is thrown by doPrivileged(PrivilegedExceptionAction) and doPrivileged(PrivilegedExceptionAction, AccessControlContext context) to indicate that the action being performed threw a checked exception.
    ProviderException
    A runtime exception for Provider exceptions (such as misconfiguration errors or unrecoverable internal errors), which may be subclassed by Providers to throw specialized, provider-specific runtime errors.
    SignatureException
    This is the generic Signature exception.
    UnrecoverableEntryException
    This exception is thrown if an entry in the keystore cannot be recovered.
    UnrecoverableKeyException
    This exception is thrown if a key in the keystore cannot be recovered.