java.security
Provides the classes and interfaces for the security framework. This includes classes that implement an easily configurable, fine-grained access control security architecture. This package also supports the generation and storage of cryptographic public key pairs, as well as a number of exportable cryptographic operations including those for message digest and signature generation. Finally, this package provides classes that support signed/guarded objects and secure random number generation. Many of the classes provided in this package (the cryptographic and secure random number generator classes in particular) are provider-based. The class itself defines a programming interface to which applications may write. The implementations themselves may then be written by independent third-party vendors and plugged in seamlessly as needed. Therefore application developers may take advantage of any number of provider-based implementations without having to add or rewrite code.Package Specification
- Java™ Cryptography Architecture (JCA) Reference Guide
- PKCS #8: Private-Key Information Syntax Standard, Version 1.2, November 1993
- Java™ Cryptography Architecture Standard Algorithm Name Documentation
Related Documentation
For further documentation, please see:- Java™ SE Platform Security Architecture
- How to Implement a Provider in the Java™ Cryptography Architecture
- Default Policy Implementation and Policy File Syntax
- Permissions in the Java™ SE Development Kit (JDK)
- Summary of Tools for Java™ Platform Security
- keytool ( for Solaris/Linux) ( for Windows)
- jarsigner ( for Solaris/Linux) ( for Windows)
Interfaces
AlgorithmConstraints | This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters. |
Certificate |
This interface was deprecated
in API level 3.
This class is deprecated and subject to removal in a future
version of Java SE. It has been replaced by
java.security.cert.Certificate and related classes.
|
DomainCombiner | Legacy security code; do not use. |
Guard |
This interface represents a guard, which is an object that is used to protect access to another object. |
Key | The Key interface is the top-level interface for all keys. |
KeyStore.Entry |
A marker interface for KeyStore entry types.
|
KeyStore.Entry.Attribute | An attribute associated with a keystore entry. |
KeyStore.LoadStoreParameter |
A marker interface for KeyStore
load
and
store
parameters.
|
KeyStore.ProtectionParameter | A marker interface for keystore protection parameters. |
Policy.Parameters | |
Principal | This interface represents the abstract notion of a principal, which can be used to represent any entity, such as an individual, a corporation, and a login id. |
PrivateKey | A private key. |
PrivilegedAction<T> |
Android doesn't support SecurityManager .
|
PrivilegedExceptionAction<T> |
Android doesn't support SecurityManager .
|
PublicKey |
A public key. |
SecureRandomParameters |
A marker interface for parameters used in various SecureRandom
methods.
|
Classes
AccessControlContext |
Android doesn't support SecurityManager .
|
AccessController |
Android doesn't support SecurityManager .
|
AlgorithmParameterGenerator |
The AlgorithmParameterGenerator class is used to generate a
set of
parameters to be used with a certain algorithm.
|
AlgorithmParameterGeneratorSpi |
This class defines the Service Provider Interface (SPI)
for the AlgorithmParameterGenerator class, which
is used to generate a set of parameters to be used with a certain algorithm.
|
AlgorithmParameters | This class is used as an opaque representation of cryptographic parameters. |
AlgorithmParametersSpi |
This class defines the Service Provider Interface (SPI)
for the AlgorithmParameters class, which is used to manage
algorithm parameters.
|
AllPermission |
Android doesn't support SecurityManager .
|
AuthProvider | Legacy security code; do not use. |
BasicPermission |
Android doesn't support SecurityManager .
|
CodeSigner | This class encapsulates information about a code signer. |
CodeSource | Legacy security code; do not use. |
DigestInputStream | A transparent stream that updates the associated message digest using the bits going through the stream. |
DigestOutputStream | A transparent stream that updates the associated message digest using the bits going through the stream. |
DomainLoadStoreParameter | Configuration data that specifies the keystores in a keystore domain. |
DrbgParameters | This class specifies the parameters used by a DRBG (Deterministic Random Bit Generator). |
DrbgParameters.Instantiation | DRBG parameters for instantiation. |
DrbgParameters.NextBytes | DRBG parameters for random bits generation. |
DrbgParameters.Reseed | DRBG parameters for reseed. |
GuardedObject | A GuardedObject is an object that is used to protect access to another object. |
Identity |
This class was deprecated
in API level 3.
This class is deprecated and subject to removal in a future
version of Java SE. It has been replaced by
java.security.KeyStore , the java.security.cert package,
and java.security.Principal .
|
IdentityScope |
This class was deprecated
in API level 3.
This class is deprecated and subject to removal in a future
version of Java SE. It has been replaced by
java.security.KeyStore , the java.security.cert package,
and java.security.Principal .
|
KeyFactory |
Key factories are used to convert keys (opaque
cryptographic keys of type Key ) into key specifications
(transparent representations of the underlying key material), and vice
versa.
|
KeyFactorySpi |
This class defines the Service Provider Interface (SPI)
for the KeyFactory class.
|
KeyPair | This class is a simple holder for a key pair (a public key and a private key). |
KeyPairGenerator | The KeyPairGenerator class is used to generate pairs of public and private keys. |
KeyPairGeneratorSpi |
This class defines the Service Provider Interface (SPI)
for the |
KeyRep | Standardized representation for serialized Key objects. |
KeyStore | This class represents a storage facility for cryptographic keys and certificates. |
KeyStore.Builder | A description of a to-be-instantiated KeyStore object. |
KeyStore.CallbackHandlerProtection | A ProtectionParameter encapsulating a CallbackHandler. |
KeyStore.PasswordProtection |
A password-based implementation of ProtectionParameter .
|
KeyStore.PrivateKeyEntry |
A KeyStore entry that holds a PrivateKey
and corresponding certificate chain.
|
KeyStore.SecretKeyEntry |
A KeyStore entry that holds a SecretKey .
|
KeyStore.TrustedCertificateEntry |
A KeyStore entry that holds a trusted
Certificate .
|
KeyStoreSpi |
This class defines the Service Provider Interface (SPI)
for the KeyStore class.
|
MessageDigest | This MessageDigest class provides applications the functionality of a message digest algorithm, such as SHA-1 or SHA-256. |
MessageDigestSpi |
This class defines the Service Provider Interface (SPI)
for the MessageDigest class, which provides the functionality
of a message digest algorithm, such as MD5 or SHA.
|
Permission |
Android doesn't support SecurityManager .
|
PermissionCollection |
Android doesn't support SecurityManager .
|
Permissions |
Android doesn't support SecurityManager .
|
PKCS12Attribute | An attribute associated with a PKCS12 keystore entry. |
Policy |
Android doesn't support SecurityManager .
|
PolicySpi |
This class defines the Service Provider Interface (SPI)
for the Policy class.
|
ProtectionDomain | Legacy security code; do not use. |
Provider | This class represents a "provider" for the Java Security API, where a provider implements some or all parts of Java Security. |
Provider.Service | The description of a security service. |
SecureClassLoader | This class extends ClassLoader with additional support for defining classes with an associated code source and permissions which are retrieved by the system policy by default. |
SecureRandom | This class provides a cryptographically strong random number generator (RNG). |
SecureRandomSpi |
This class defines the Service Provider Interface (SPI)
for the SecureRandom class.
|
Security |
This class centralizes all security properties and common security methods. |
SecurityPermission | Legacy security code; do not use. |
Signature | The Signature class is used to provide applications the functionality of a digital signature algorithm. |
SignatureSpi |
This class defines the Service Provider Interface (SPI)
for the Signature class, which is used to provide the
functionality of a digital signature algorithm.
|
SignedObject |
SignedObject is a class for the purpose of creating authentic runtime objects whose integrity cannot be compromised without being detected. |
Signer |
This class was deprecated
in API level 3.
This class is deprecated and subject to removal in a future
version of Java SE. It has been replaced by
java.security.KeyStore , the java.security.cert package,
and java.security.Principal .
|
Timestamp | This class encapsulates information about a signed timestamp. |
UnresolvedPermission | Legacy security code; do not use. |
Enums
CryptoPrimitive | An enumeration of cryptographic primitives. |
DrbgParameters.Capability | The reseedable and prediction resistance capabilities of a DRBG. |
KeyRep.Type | Key type. |
Exceptions
AccessControlException |
This exception is thrown by the AccessController to indicate that a requested access (to a critical system resource such as the file system or the network) is denied. |
DigestException | This is the generic Message Digest exception. |
GeneralSecurityException |
The GeneralSecurityException class is a generic
security exception class that provides type safety for all the
security-related exception classes that extend from it.
|
InvalidAlgorithmParameterException | This is the exception for invalid or inappropriate algorithm parameters. |
InvalidKeyException | This is the exception for invalid Keys (invalid encoding, wrong length, uninitialized, etc). |
InvalidParameterException | This exception, designed for use by the JCA/JCE engine classes, is thrown when an invalid parameter is passed to a method. |
KeyException | This is the basic key exception. |
KeyManagementException | This is the general key management exception for all operations dealing with key management. |
KeyStoreException | This is the generic KeyStore exception. |
NoSuchAlgorithmException | This exception is thrown when a particular cryptographic algorithm is requested but is not available in the environment. |
NoSuchProviderException | This exception is thrown when a particular security provider is requested but is not available in the environment. |
PrivilegedActionException | Legacy security code; do not use. |
ProviderException | A runtime exception for Provider exceptions (such as misconfiguration errors or unrecoverable internal errors), which may be subclassed by Providers to throw specialized, provider-specific runtime errors. |
SignatureException | This is the generic Signature exception. |
UnrecoverableEntryException | This exception is thrown if an entry in the keystore cannot be recovered. |
UnrecoverableKeyException | This exception is thrown if a key in the keystore cannot be recovered. |
Interfaces
Classes
- AccessControlContext
- AccessController
- AlgorithmParameterGenerator
- AlgorithmParameterGeneratorSpi
- AlgorithmParameters
- AlgorithmParametersSpi
- AllPermission
- AuthProvider
- BasicPermission
- CodeSigner
- CodeSource
- DigestInputStream
- DigestOutputStream
- DomainLoadStoreParameter
- DrbgParameters
- DrbgParameters.Instantiation
- DrbgParameters.NextBytes
- DrbgParameters.Reseed
- GuardedObject
- Identity
- IdentityScope
- KeyFactory
- KeyFactorySpi
- KeyPair
- KeyPairGenerator
- KeyPairGeneratorSpi
- KeyRep
- KeyStore
- KeyStore.Builder
- KeyStore.CallbackHandlerProtection
- KeyStore.PasswordProtection
- KeyStore.PrivateKeyEntry
- KeyStore.SecretKeyEntry
- KeyStore.TrustedCertificateEntry
- KeyStoreSpi
- MessageDigest
- MessageDigestSpi
- Permission
- PermissionCollection
- Permissions
- PKCS12Attribute
- Policy
- PolicySpi
- ProtectionDomain
- Provider
- Provider.Service
- SecureClassLoader
- SecureRandom
- SecureRandomSpi
- Security
- SecurityPermission
- Signature
- SignatureSpi
- SignedObject
- Signer
- Timestamp
- UnresolvedPermission
Enums
Exceptions
- AccessControlException
- DigestException
- GeneralSecurityException
- InvalidAlgorithmParameterException
- InvalidKeyException
- InvalidParameterException
- KeyException
- KeyManagementException
- KeyStoreException
- NoSuchAlgorithmException
- NoSuchProviderException
- PrivilegedActionException
- ProviderException
- SignatureException
- UnrecoverableEntryException
- UnrecoverableKeyException