API and SPI
The methods in the
cryptographic
concept classes are divided into two groups. The first group of
methods is the Application Programming
Interface, or API. It consists of all public
methods that you can use to work with an instance of a concept class.
The second group of methods is the Service Provider Interface, or SPI. This
is the set of methods that subclasses must implement. By convention,
SPI method names all begin with engine
.
In JDK 1.1, the SPI and API methods were mixed together in the
cryptographic concept classes. The
java.security.Signature
class, for example,
contained API methods like initSign()
and
verify()
as well as SPI methods like
engineInitSign()
and
engineVerify()
. To implement a signature
algorithm, you would create a subclass of
Signature
and define all the SPI methods.
In JDK 1.2, API methods and SPI methods are split into separate
classes. Signature
, for example, now contains only
API methods. A separate class, java.security.SignatureSpi
, contains all the SPI methods. To
implement a signature algorithm now, create a subclass of
SignatureSpi
and define the SPI methods. Whenever
you implement a cryptographic algorithm, you’ll need to follow
a similar process. In Chapter 7, and Chapter 9, we’ll create implementations for
KeyPairGenerator
, Signature
,
and other concept classes by implementing the SPI of those classes.
Get Java Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.