Alphabet Soup
The Java Security API is a set of packages that are used for writing secure programs in Java. In particular, the classes and interfaces in the following packages are part of the Security API:
java.security
java.security.cert
java.security.interfaces
java.security.spec
javax.crypto
javax.crypto.interfaces
javax.crypto.spec
Here are the major pieces and their acronyms:
- JCA
The overall design of the cryptography classes is governed by the Java Cryptography Architecture (JCA). The JCA specifies design patterns and an extensible architecture for defining cryptographic concepts and algorithms. The JCA is designed to separate cryptographic concepts from implementations. The concepts are encapsulated by classes in the
java.security
andjavax .crypto
packages. Implementations are supplied by cryptographic providers. (There’s more on this later, in the section on the provider architecture.) The JDK 1.2 comes with a default provider, named SUN, that implements a few cryptographic algorithms.- JCE
The U. S. government considers certain types of cryptographic software to be weapons and limits their export. Sun, therefore, split its cryptography classes into two groups. The first group is included in the
java.security.*
packages that are part of JDK 1.2. These classes can be exported without restriction. The second group, the Java Cryptography Extension, is for U.S. and Canadian distribution only. The JCE is an extension of the JCA and includes another cryptographic provider, called ...
Get Java Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.