Chapter 10. Keys and Certificates
In this chapter, we discuss the classes in the Java security package that handle keys and certificates. Keys are a necessary component of many cryptographic algorithms—in particular, keys are required to create and verify digital signatures. The keys we’re going to discuss in this chapter are public keys and private keys, since those are the keys most often used in a digital signature. Secret keys—used for encryption algorithms—are discussed in Chapter 13. We defer that discussion because secret keys do not come with standard Java implementations; they come only with the Java Cryptography Extension.
We also cover the implementation of certificates in this chapter. Certificates are used to authenticate keys; when keys are transmitted electronically, they are often embedded within certificates.
Keys and certificates are normally associated with some person or organization, and the way in which keys are stored, transmitted, and shared is an important topic in the security package. Management of keys is left for the next chapter, however; right now, we’re just concerned about the APIs that implement keys and certificates. As usual, we’ll show how a programmer interacts with keys and certificates, as well as how you might implement your own versions of each.
The classes and engines we discuss in this chapter are outlined in Figure 10.1. There are two engines that operate on keys:
The
KeyPairGenerator
class generates keys from scratch. With no input (or, ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.