/*
 * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package java.security;

The Key interface is the top-level interface for all keys. It defines the functionality shared by all key objects. All keys have three characteristics:
  • An Algorithm

    This is the key algorithm for that key. The key algorithm is usually an encryption or asymmetric operation algorithm (such as DSA or RSA), which will work with those algorithms and with related algorithms (such as MD5 with RSA, SHA-1 with RSA, Raw DSA, etc.) The name of the algorithm of a key is obtained using the getAlgorithm method.

  • An Encoded Form

    This is an external encoded form for the key used when a standard representation of the key is needed outside the Java Virtual Machine, as when transmitting the key to some other party. The key is encoded according to a standard format (such as X.509 SubjectPublicKeyInfo or PKCS#8), and is returned using the getEncoded method. Note: The syntax of the ASN.1 type SubjectPublicKeyInfo is defined as follows:

    SubjectPublicKeyInfo ::= SEQUENCE {
      algorithm AlgorithmIdentifier,
      subjectPublicKey BIT STRING }
    AlgorithmIdentifier ::= SEQUENCE {
      algorithm OBJECT IDENTIFIER,
      parameters ANY DEFINED BY algorithm OPTIONAL }
    
    For more information, see RFC 3280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile.

  • A Format

    This is the name of the format of the encoded key. It is returned by the getFormat method.

Keys are generally obtained through key generators, certificates, or various Identity classes used to manage keys. Keys may also be obtained from key specifications (transparent representations of the underlying key material) through the use of a key factory (see KeyFactory).

A Key should use KeyRep as its serialized representation. Note that a serialized Key may contain sensitive information which should not be exposed in untrusted environments. See the Security Appendix of the Serialization Specification for more information.

Author:Benjamin Renaud
See Also:
/** * The Key interface is the top-level interface for all keys. It * defines the functionality shared by all key objects. All keys * have three characteristics: * * <UL> * * <LI>An Algorithm * * <P>This is the key algorithm for that key. The key algorithm is usually * an encryption or asymmetric operation algorithm (such as DSA or * RSA), which will work with those algorithms and with related * algorithms (such as MD5 with RSA, SHA-1 with RSA, Raw DSA, etc.) * The name of the algorithm of a key is obtained using the * {@link #getAlgorithm() getAlgorithm} method.<P> * * <LI>An Encoded Form * * <P>This is an external encoded form for the key used when a standard * representation of the key is needed outside the Java Virtual Machine, * as when transmitting the key to some other party. The key * is encoded according to a standard format (such as * X.509 <code>SubjectPublicKeyInfo</code> or PKCS#8), and * is returned using the {@link #getEncoded() getEncoded} method. * Note: The syntax of the ASN.1 type <code>SubjectPublicKeyInfo</code> * is defined as follows: * * <pre> * SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } * * AlgorithmIdentifier ::= SEQUENCE { * algorithm OBJECT IDENTIFIER, * parameters ANY DEFINED BY algorithm OPTIONAL } * </pre> * * For more information, see * <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: * Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a>. * <P> * * <LI>A Format * * <P>This is the name of the format of the encoded key. It is returned * by the {@link #getFormat() getFormat} method.<P> * * </UL> * * Keys are generally obtained through key generators, certificates, * or various Identity classes used to manage keys. * Keys may also be obtained from key specifications (transparent * representations of the underlying key material) through the use of a key * factory (see {@link KeyFactory}). * * <p> A Key should use KeyRep as its serialized representation. * Note that a serialized Key may contain sensitive information * which should not be exposed in untrusted environments. See the * <a href="../../../platform/serialization/spec/security.html"> * Security Appendix</a> * of the Serialization Specification for more information. * * @see PublicKey * @see PrivateKey * @see KeyPair * @see KeyPairGenerator * @see KeyFactory * @see KeyRep * @see java.security.spec.KeySpec * @see Identity * @see Signer * * @author Benjamin Renaud */
public interface Key extends java.io.Serializable { // Declare serialVersionUID to be compatible with JDK1.1
The class fingerprint that is set to indicate serialization compatibility with a previous version of the class.
/** * The class fingerprint that is set to indicate * serialization compatibility with a previous * version of the class. */
static final long serialVersionUID = 6603384152749567654L;
Returns the standard algorithm name for this key. For example, "DSA" would indicate that this key is a DSA key. See Appendix A in the Java Cryptography Architecture API Specification & Reference for information about standard algorithm names.
Returns:the name of the algorithm associated with this key.
/** * Returns the standard algorithm name for this key. For * example, "DSA" would indicate that this key is a DSA key. * See Appendix A in the <a href= * "../../../technotes/guides/security/crypto/CryptoSpec.html#AppA"> * Java Cryptography Architecture API Specification &amp; Reference </a> * for information about standard algorithm names. * * @return the name of the algorithm associated with this key. */
public String getAlgorithm();
Returns the name of the primary encoding format of this key, or null if this key does not support encoding. The primary encoding format is named in terms of the appropriate ASN.1 data format, if an ASN.1 specification for this key exists. For example, the name of the ASN.1 data format for public keys is SubjectPublicKeyInfo, as defined by the X.509 standard; in this case, the returned format is "X.509". Similarly, the name of the ASN.1 data format for private keys is PrivateKeyInfo, as defined by the PKCS #8 standard; in this case, the returned format is "PKCS#8".
Returns:the primary encoding format of the key.
/** * Returns the name of the primary encoding format of this key, * or null if this key does not support encoding. * The primary encoding format is * named in terms of the appropriate ASN.1 data format, if an * ASN.1 specification for this key exists. * For example, the name of the ASN.1 data format for public * keys is <I>SubjectPublicKeyInfo</I>, as * defined by the X.509 standard; in this case, the returned format is * <code>"X.509"</code>. Similarly, * the name of the ASN.1 data format for private keys is * <I>PrivateKeyInfo</I>, * as defined by the PKCS #8 standard; in this case, the returned format is * <code>"PKCS#8"</code>. * * @return the primary encoding format of the key. */
public String getFormat();
Returns the key in its primary encoding format, or null if this key does not support encoding.
Returns:the encoded key, or null if the key does not support encoding.
/** * Returns the key in its primary encoding format, or null * if this key does not support encoding. * * @return the encoded key, or null if the key does not support * encoding. */
public byte[] getEncoded(); }