The JavaTM Tutorial
Previous Page Trail Contents Next Page Start of Tutorial Search

Trail: Security in JDK 1.1

by Mary Dageforde

Your feedback is important to us! If you have comments about this trail, send them to: In your message, put security1.1 in the subject header.
The Java Security API is a new Java core API, built around the package (and its subpackages). The first release of Java Security in JDK 1.1 contains a subset of cryptography functionality, including APIs for digital signatures and message digests. In addition, there are abstract interfaces for key management and certificate management.

The lessons in this trail describe and show you how to use the main aspects of the Java Security API.

You will learn the definitions of various cryptography terms, and see an overview of the Java Security API and its core classes. You will then learn how to produce "digital signatures" for data, and how to verify the authenticity of such signatures.

WARNING!: The Java Security API in JDK 1.1 is incomplete and will change in future releases. For example, it is not possible to import or export public or private keys used to generate and verify digital signatures. Support for specific certificate formats is also not available. Use the JDK 1.1 Java Security API interfaces and classes at your own risk and in full knowledge that some will be modified, expanded, replaced, or eliminated in future releases.

For information about implementing your own security manager in JDK 1.1, refer to Providing Your Own Security Manager(in the Essential Java Classes trail) .

For information about the security features available in JDK 1.2, see Security in JDK 1.2(in the Learning the Java Language trail) .

Java Security API Overview provides an overview of the Java Security API. It also includes definitions of important terms, such as "digital signature," "public key," and "private key," and an indication of their use.

Using the Security API to Generate and Verify a Signature walks you step by step through an example of writing a Java program using the Security API to generate a digital signature for data and to verify the authenticity of the signature.
Previous Page Trail Contents Next Page Start of Tutorial Search