Keys are a basic feature of any cryptographic system; they provide one of the inputs required to produce a digital signature (as well as other potential cryptographic operations). In this chapter, we looked at the basic classes that implement the notion of a key within the Java security package.
Keys are closely tied to the notion of certificates; a certificate contains a public key as well as an assurance from some known entity that the public key belongs to a specific entity. In a general sense, there are a great many things you can do with certificates, but for our purposes, we’re interested in certificates only from the perspective of the certificate’s user—that is, we want to be able to import and verify a certificate, but we’re not too interested in creating our own certificates or in becoming a certificate authority.
Given that the operations we want to perform on keys and certificates are simple—importing and exporting those certificates—you’d expect that we could leave our discussion of keys for the time being. Unfortunately, the topic of finding a key for a particular entity (which is really just a case of importing a key) is a particularly troublesome topic, which we’ll examine in the next chapter.