Skip to main content

Security Algorithms






java.security

Provides the classes and interfaces for the security framework that implements. 
  1. fine-grained access control security architecture.
  2. Generation and storage of cryptographic public key pairs,
  3. A number of exportable cryptographic operations including those for message digest and signature generation. 
  4. Signed/guarded objects and secure random number generation. 
  5. The cryptographic and secure random number generator classes in particular


java.security.cert

classes and interfaces for 
  1. parsing and managing certificates, 
  2. certificate revocation lists (CRLs), 
  3. and certification paths

java.security.AccessController
  1. to decide whether an access to a critical system resource is to be allowed or denied,
  2. based on the security policy currently in effect,
  3. to mark code as being "privileged", thus affecting subsequent 
  4. access determinations, and
  5. to obtain a "snapshot" of the current calling context so access-control
  6. decisions from a different context can be made with respect to 
  7. the saved context.
  8. The checkPermission method determines whether the access request indicated 
  9. by a specified permission should be granted or denied.
  10.  FilePermission perm = new FilePermission("/temp/testFile", "read");
  11.  AccessController.checkPermission(perm);
  12. true=true
  13. false= AccessControlException
java.security.messageDigest

This MessageDigest class provides applications the functionality of a message digest algorithm, such as SHA-1 or SHA-256. Message digests are secure one-way hash functions that take arbitrary-sized data and output a fixed-length hash value.

A MessageDigest object starts out initialized. The data is processed through it using the update methods. At any point reset can be called to reset the digest. Once all the data to be updated has been updated, one of the digest methods should be called to complete the hash computation.

The digest method can be called once for a given number of updates. After digest has been called, the MessageDigest object is reset to its initialized state.

Implementations are free to implement the Cloneable interface. Client applications can test cloneability by attempting cloning and catching the CloneNotSupportedException:


 MessageDigest md = MessageDigest.getInstance("SHA");

 try {
     md.update(toChapter1);
     MessageDigest tc1 = md.clone();
     byte[] toChapter1Digest = tc1.digest();
     md.update(toChapter2);
     ...etc.
  catch (CloneNotSupportedException cnse) {
     throw new DigestException("couldn't make digest of partial content");
 }
 }

Note that if a given implementation is not cloneable, it is still possible to compute intermediate digests by instantiating several instances, if the number of digests is known in advance.

Note that this class is abstract and extends from MessageDigestSpi for historical reasons. Application developers should only take notice of the methods defined in this MessageDigest class; all the methods in the superclass are intended for cryptographic service providers who wish to supply their own implementations of message digest algorithms.

Every implementation of the Java platform is required to support the following standard MessageDigest algorithms:

  • MD5
  • SHA-1
  • SHA-256
These algorithms are described in the MessageDigest section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other algorithms are supported.

extends MessageDigestSpi

See also:
DigestInputStream, DigestOutputStream






Abstract class for representing access to a system resource. All permissions have a name (whose interpretation depends on the subclass), as well as abstract functions for defining the semantics of the particular Permission subclass.

Most Permission objects also include an "actions" list that tells the actions that are permitted for the object. For example, for java.io.FilePermission object, the permission name is the pathname of a file (or directory), and the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory). The actions list is optional for Permission objects, such as java.lang.RuntimePermission, that don't need such a list; you either have the named permission (such as "system.exit") or you don't.

An important method that must be implemented by each subclass is the implies method to compare Permissions. Basically, "permission p1 implies permission p2" means that if one is granted permission p1, one is naturally granted permission p2. Thus, this is not an equality test, but rather more of a subset test.

Permission objects are similar to String objects in that they are immutable once they have been created. Subclasses should not provide methods that can change the state of a permission once it has been created.

implements GuardSerializable

See also:
Permissions, PermissionCollection




Comments

Post a Comment

Popular posts from this blog

Microservices Design patterns

What are microservices? Microservices - also known as the microservice architecture - is an architectural style that structures an application as a collection of services that are Highly maintainable and testable Loosely coupled Independently deployable Organized around business capabilities Owned by a small team The microservice architecture enables the rapid, frequent and reliable delivery of large, complex applications. It also enables an organization to evolve its technology stack. You are developing a server-side enterprise application. It must support a variety of different clients including desktop browsers, mobile browsers and native mobile applications. The application might also expose an API for 3rd parties to consume. It might also integrate with other applications via either web services or a message broker. The application handles requests (HTTP requests and messages) by executing business logic; accessing a database; exchanging messages with other systems; and returni...
Post a Comment
Read more

GraphQL

What is GraphQL  API Standard invented & open-sourced by Facebook Alternative to  REST API  enables declarative data fetching  exposes single endpoint & responds to queries How it works?  Why Graphql? Improvises performance by reducing the data that is to be transferred over the internet Variety of different frontend frameworks and platforms on client-side Fast development speed & expectation for rapid feature development Why Graphql is better than REST? Flexibility & efficient  No more over /under fetching of data Over fetching : Under fetching: Insightful analytics  Schema serves as contract between client and server CORE CONCEPTS : SDL :SCHEMA DEFINITION LANGUAGE Writing Data with mutations 3 kinds of mutations creating new data updating existing data deleting existing data
Post a Comment
Read more

Jackson

<dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-core </artifactId> <version>2.9.6</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-annotations </artifactId> <version>2.9.6</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-databind </artifactId> <version>2.9.6</version> </dependency> CBOR encoded data with Jackson <dependency> <groupId>com.fasterxml.jackson.dataformat</groupId> <artifactId>jackson-dataformat-cbor</artifactId> <version>2.9.6</version> </dependency> In order to read and write MessagePack encoded data <dependency> <groupId>org.msgpack</groupId> <artifactId>jackson-dataformat-msgp...
Post a Comment
Read more