Comparison with Previous Releases
There are no changes in the
security provider infrastructure between
1.2 and 1.3. However, the
SunRsaSign
security provider is available only
with 1.3; although 1.2 defines interfaces for RSA keys, you must
obtain a third-party security provider to use them. The
SunJSSE
and
SunJCE
security providers may be installed into
1.3.
The security provider infrastructure works essentially the same in 1.1, but 1.1 supplies fewer engines. In 1.1, there are only engines to perform key pair generation, message digests, and digital signatures. There are no SPI classes in 1.1, so to implement an engine you extend the engine class directly (1.2 is backward-compatible with these classes, which is why the class hierarchy differs for these engines). If you must provide a engine that can be used in both 1.1 and 1.2, you should extend the engine class rather than the SPI.
In 1.1, the Provider
class does not override the
clear( )
, put( )
, and
remove( )
methods. In the
Security
class, certain methods still call the
security manager to see if their operation should continue, but the
string passed to the security manager is always simply the string
“java.” In addition, the getProviders( )
, getProvider( )
, and getProperty( )
methods also
perform this check in 1.1.
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.