Summary

The digital signatures we’ve examined in this chapter form a key piece of the Java security architecture since they are the mechanism by which the parameters of the Java security sandbox can be extended: a digital signature gives the user the assurance that particular Java classes were provided by known entities. The user is then free to adopt a security policy for those classes based on the user’s assessment of the trustworthiness of the entity that provided the classes. Digital signatures have many other uses, of course, and in conjunction with the SignedObject class they allow you to send and verify arbitrary pieces of data.

The digital signature engine is interesting also because it requires the use of the other engines we’ve looked at in earlier chapters -- the message digest engine to generate the fingerprint of the data that the digital signature will sign and the key pair engine (and its related classes) to provide the necessary keys to feed into this engine.

Get Java Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.