So far, we’ve examined the basic level of Java’s security paradigm—essentially, those features that make up the Java sandbox. We’re now going to shift gears somewhat and begin our examination of the cryptographic features in the Java security package itself. The Java security package is a set of classes that were added to Java 1.1 (and expanded in 1.2^[25]); these classes provide additional layers of security beyond the layers we’ve examined so far. Although these classes do play a role in the Java sandbox—they are the basis by which Java classes may be signed, and expanding the sandbox based on signed classes is a key goal of Java security—they may play other roles in secure applications.

A digital signature, for example, can authenticate a Java class so that the security policy can allow that class greater latitude in the operations it can perform, but a digital signature is a useful thing in its own right. An HR department may want to use a digital signature to verify requests to change payroll data, an online subscription service might require a digital signature to process a change order, and so on. Thus, while we’ll examine the classes of the Java security package from the perspective of what we’ll be able to do with a signed class, the techniques we’ll show will have broader applicability.

In order to use the classes of the security package, you don’t need a deep understanding of cryptographic theory. This chapter will explain the basic ...