O'Reilly logo

Java Security, 2nd Edition by Scott Oaks

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 8. Security Providers

The cryptographic engines in Java that provide for digital signatures, message digests, and the like are provided as a set of abstract classes in the Java security package. Concrete implementations of these classes are provided by Sun in the SDK, and you have the option of obtaining third-party implementations of these engines. All of this is made possible through the security provider infrastructure. The provider infrastructure allows concrete implementations of various classes in the security package to be found at runtime, without any changes to the code. This provides a consistent API that can be used by all programs, regardless of who provides the actual implementation.

Java 2, version 1.3 comes with two security providers: one performs operations that implement DSA-based algorithms (plus some other default operations) and one performs operations that implement RSA-based algorithms. Sun supplies two additional security providers: one with JCE and one with JSSE. We’ll discuss how to install those additional providers in this chapter and then look at the Java classes that comprise the security provider architecture.

In terms of actual programming, the classes we’re going to examine in this chapter are rarely used -- hence, we will not delve much into programming. To meet the needs of most developers, end users, and administrators, this chapter focuses on the architecture of the security provider since that gives us the ability to substitute new ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required