About Me
Oracle Certified Professional Java SE 11 Developer
1 Java Fundamentals
1-1 Java Basics
1-1 1 Java Platform Overview
1-1 2 Java Development Environment
1-1 3 Java Program Structure
1-1 4 Java Virtual Machine (JVM)
1-1 5 Java Development Kit (JDK)
1-1 6 Java Runtime Environment (JRE)
1-2 Object-Oriented Programming (OOP) Concepts
1-2 1 Classes and Objects
1-2 2 Inheritance
1-2 3 Polymorphism
1-2 4 Encapsulation
1-2 5 Abstraction
1-2 6 Interfaces
1-2 7 Abstract Classes
1-3 Data Types and Variables
1-3 1 Primitive Data Types
1-3 2 Reference Data Types
1-3 3 Variable Declaration and Initialization
1-3 4 Type Conversion and Casting
1-3 5 Arrays
1-4 Control Flow
1-4 1 Conditional Statements (if, else, switch)
1-4 2 Looping Constructs (for, while, do-while)
1-4 3 Break and Continue Statements
1-4 4 Exception Handling
2 Java Collections Framework
2-1 Collections Overview
2-1 1 Collection Interfaces
2-1 2 Collection Classes
2-1 3 Collection Algorithms
2-2 Lists
2-2 1 ArrayList
2-2 2 LinkedList
2-2 3 List Operations
2-3 Sets
2-3 1 HashSet
2-3 2 TreeSet
2-3 3 LinkedHashSet
2-4 Maps
2-4 1 HashMap
2-4 2 TreeMap
2-4 3 LinkedHashMap
2-5 Queues and Deques
2-5 1 PriorityQueue
2-5 2 ArrayDeque
3 Java Streams and Lambda Expressions
3-1 Lambda Expressions
3-1 1 Lambda Syntax
3-1 2 Functional Interfaces
3-1 3 Method References
3-2 Streams
3-2 1 Stream Creation
3-2 2 Intermediate Operations
3-2 3 Terminal Operations
3-2 4 Parallel Streams
4 Java Concurrency
4-1 Threads
4-1 1 Thread Creation
4-1 2 Thread States
4-1 3 Thread Synchronization
4-1 4 Thread Communication
4-2 Concurrency Utilities
4-2 1 Executor Framework
4-2 2 Concurrent Collections
4-2 3 Atomic Variables
4-2 4 Locks
5 Java IO and NIO
5-1 Input and Output Streams
5-1 1 Byte Streams
5-1 2 Character Streams
5-1 3 Buffered Streams
5-2 File IO
5-2 1 File Class
5-2 2 FileReader and FileWriter
5-2 3 FileInputStream and FileOutputStream
5-3 NIO (New IO)
5-3 1 Path Interface
5-3 2 Files Class
5-3 3 Channels and Buffers
5-3 4 Asynchronous IO
6 Java Date and Time API
6-1 Date and Time Classes
6-1 1 LocalDate
6-1 2 LocalTime
6-1 3 LocalDateTime
6-1 4 ZonedDateTime
6-2 Period and Duration
6-2 1 Period Class
6-2 2 Duration Class
6-3 Time Zones and Calendars
6-3 1 TimeZone Class
6-3 2 Calendar Class
7 Java Modules
7-1 Module System Overview
7-1 1 Module Declaration
7-1 2 Module Path
7-1 3 Module Dependencies
7-2 Module Resolution
7-2 1 Automatic Modules
7-2 2 Named Modules
7-2 3 Unnamed Modules
7-3 Module Services
7-3 1 Service Provider Interface (SPI)
7-3 2 ServiceLoader Class
8 Java Security
8-1 Security Basics
8-1 1 Security Manager
8-1 2 Permissions
8-1 3 Policy Files
8-2 Cryptography
8-2 1 Key Generation
8-2 2 Encryption and Decryption
8-2 3 Digital Signatures
8-3 Secure Coding Practices
8-3 1 Input Validation
8-3 2 Secure Communication
8-3 3 Authentication and Authorization
9 Java Networking
9-1 Networking Basics
9-1 1 InetAddress Class
9-1 2 URL and URLConnection Classes
9-2 Sockets
9-2 1 Socket Class
9-2 2 ServerSocket Class
9-2 3 DatagramSocket Class
9-3 Networking Protocols
9-3 1 TCPIP
9-3 2 UDP
9-3 3 HTTP
10 Java Database Connectivity (JDBC)
10-1 JDBC Basics
10-1 1 JDBC Architecture
10-1 2 JDBC Drivers
10-1 3 Establishing a Connection
10-2 Executing SQL Statements
10-2 1 Statement Interface
10-2 2 PreparedStatement Interface
10-2 3 CallableStatement Interface
10-3 ResultSet
10-3 1 ResultSet Interface
10-3 2 ResultSetMetaData Interface
10-4 Transaction Management
10-4 1 Commit and Rollback
10-4 2 Savepoints
11 Java Annotations
11-1 Annotation Basics
11-1 1 Annotation Types
11-1 2 Meta-Annotations
11-1 3 Annotation Processing
11-2 Standard Annotations
11-2 1 @Override
11-2 2 @Deprecated
11-2 3 @SuppressWarnings
11-3 Custom Annotations
11-3 1 Annotation Creation
11-3 2 Annotation Usage
12 Java Reflection
12-1 Reflection Basics
12-1 1 Class Class
12-1 2 Field Class
12-1 3 Method Class
12-2 Dynamic Class Loading
12-2 1 ClassLoader Class
12-2 2 Dynamic Proxy
12-3 Reflection API
12-3 1 Accessing Class Members
12-3 2 Modifying Class Members
13 Java Internationalization (I18N)
13-1 I18N Basics
13-1 1 Locale Class
13-1 2 ResourceBundle Class
13-2 Formatting
13-2 1 NumberFormat Class
13-2 2 DateFormat Class
13-2 3 MessageFormat Class
13-3 Character Encoding
13-3 1 Charset Class
13-3 2 String Encoding and Decoding
14 Java Platform Module System (JPMS)
14-1 Module System Overview
14-1 1 Module Declaration
14-1 2 Module Path
14-1 3 Module Dependencies
14-2 Module Resolution
14-2 1 Automatic Modules
14-2 2 Named Modules
14-2 3 Unnamed Modules
14-3 Module Services
14-3 1 Service Provider Interface (SPI)
14-3 2 ServiceLoader Class
15 Java 11 New Features
15-1 New String Methods
15-1 1 isBlank()
15-1 2 lines()
15-1 3 repeat()
15-2 New File Methods
15-2 1 writeString()
15-2 2 readString()
15-3 Local-Variable Syntax for Lambda Parameters
15-3 1 var Keyword in Lambda Expressions
15-4 HTTP Client API
15-4 1 HttpClient Class
15-4 2 HttpRequest Class
15-4 3 HttpResponse Class
15-5 Nest-Based Access Control
15-5 1 Nest Host and Nest Members
15-5 2 Nest Access Control
15-6 Epsilon Garbage Collector
15-6 1 Epsilon GC Overview
15-6 2 Epsilon GC Use Cases
15-7 Flight Recorder
15-7 1 Flight Recorder Overview
15-7 2 Flight Recorder Use Cases
15-8 Application Class-Data Sharing (CDS)
15-8 1 CDS Overview
15-8 2 CDS Use Cases
15-9 Deprecations and Removals
15-9 1 Deprecated Features
15-9 2 Removed Features
8.2.3 Digital Signatures Explained

8.2.3 Digital Signatures Explained

Digital Signatures are a critical component of secure communication and data integrity in Java SE 11. They provide a way to verify the authenticity and integrity of digital messages or documents. Understanding Digital Signatures is essential for creating secure Java applications.

Key Concepts

1. Digital Signature Definition

A Digital Signature is a mathematical scheme for verifying the authenticity of digital messages or documents. It ensures that the message has not been altered and that it was indeed sent by the claimed sender.

2. Cryptographic Hash Functions

Cryptographic Hash Functions are used to generate a fixed-size hash value from a variable-size message. This hash value is unique to the message and changes if the message is altered. Digital Signatures use hash functions to create a digest of the message, which is then signed.

Example

        MessageDigest md = MessageDigest.getInstance("SHA-256");
        byte[] messageDigest = md.digest(message.getBytes());

3. Asymmetric Cryptography

Asymmetric Cryptography, also known as Public Key Cryptography, uses a pair of keys: a public key and a private key. The private key is used to sign the message, and the public key is used to verify the signature. This ensures that only the holder of the private key can sign the message, and anyone with the public key can verify it.

Example

        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
        keyGen.initialize(2048);
        KeyPair keyPair = keyGen.generateKeyPair();
        
        PrivateKey privateKey = keyPair.getPrivate();
        PublicKey publicKey = keyPair.getPublic();

4. Signing and Verifying

Signing a message involves creating a hash of the message and then encrypting this hash with the private key. Verifying a signature involves decrypting the signature with the public key and comparing the resulting hash with a newly computed hash of the message.

Example

        // Signing
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(message.getBytes());
        byte[] digitalSignature = signature.sign();
        
        // Verifying
        Signature verifier = Signature.getInstance("SHA256withRSA");
        verifier.initVerify(publicKey);
        verifier.update(message.getBytes());
        boolean verified = verifier.verify(digitalSignature);

5. Certificate Authorities (CAs)

Certificate Authorities are trusted entities that issue digital certificates. These certificates bind a public key to an identity, such as a person, organization, or server. CAs play a crucial role in establishing trust in digital communications.

Example

When you visit a secure website, your browser verifies the website's certificate issued by a CA to ensure the site is legitimate.

Examples and Analogies

Think of Digital Signatures as a tamper-proof seal on a package. When you send a package, you apply a seal that can only be created with a special tool (private key). The recipient can verify the seal with a public key to ensure the package hasn't been tampered with and that it was indeed sent by you.

By mastering Digital Signatures, you can ensure the authenticity and integrity of digital communications in your Java SE 11 applications, providing a secure and trustworthy environment for your users.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.