1.1 Java and Cryptography
From its humble birth through its present day incarnation, the Java language continues to offer developers a computing platform that swells with cryptographic functionality. Because of U.S. export laws at the time, the functionality is split between two different libraries, the JAVA Cryptography Architecture (JCA) and the Java Cryptography Extensions (JCE). Figure 1.1 shows the relationship between these two cryptographic libraries, displaying some of the capabilities covered throughout this book. The first library, JCA, is tightly integrated with the core Java APIs. The second library, JCE, builds off of the concepts and capabilities found in the JCA. The JCE houses many of the advanced cryptographic operations that were previously under U.S. export control. However, the political landscape has changed, and as of JDK 1.4, the JCA and JCE are present "out of the box" without requiring a separate download of the JCE. JCE 1.2.2 remains available as a separate download for JDK 1.2 and 1.3 installations, and it supports the same suite of engines found in JDK 1.4.
Cryptography is often associated with the sole process of encryption/decryption; however, the true scope of the field is actually much larger than this, encompassing a wide array of operations to include:
■ Message digests or hashing
■ Message authentication codes
■ Digital signatures
■ Digital certificates
■ Cryptographically secure random numbers
■ Secret key generation and storage
■ Key agreements
Clearly the field of cryptology spans much more than just encryption/decryption. One notable absence is Base64 encoding, which is not encryption and not considered part of the field of cryptography. The act of applying a Base64 encoding to a document does not suffice as a form of hiding sensitive data. Base64 encoding is documented in an RFC , and was designed to convert 8-bit binary data into a 6-bit printable representation. For more details on Base64 encoding, see Appendix A.
Before we can adequately discuss calling cryptography operations from within a Java class, it is imperative developers have a firm grasp on the infrastructure Java provides to make these operations possible. The JCA serves as the proverbial cornerstone of Java's cryptographic architecture, and it is the most logical place to start.