We’ve now completed our look at the basic engines that comprise the default security architecture on the Java platform. The digital signatures we’ve examined in this chapter form the pinnacle of that architecture, since they are the mechanism by which the parameters of the Java security sandbox can be extended: a digital signature gives the user the assurance that particular Java classes were provided by known entities. The user is then free to adopt a security policy for those classes based on the user’s assessment of the trustworthiness of the entity that provided the classes.

The digital signature engine is interesting also because it requires the use of the other engines we’ve looked at in earlier chapters—the message digest engine to generate the fingerprint of the data that the digital signature will sign, and the key pair engine (and its related classes) to provide the necessary keys to feed into this engine. In sum, then, the engines provided with Java can really be thought of as having a single purpose: creating and verifying digital signatures. A digital signature thus becomes the basis of the advanced Java security model.

Important as digital signatures are, however, they do not complete what many people would expect from a security provider, in that the data communicated with a digital signature is itself not encrypted. This data is therefore vulnerable to being read by anyone. In the next chapter, we’ll delve into an optional engine that can be loaded into the ...