In this chapter, we’ve explored the architecture that forms the
basis of the Java security API. This architecture is based on the
classes, which together form a set of mappings that allow the
security API to determine dynamically the set of classes it should
use to implement certain operations.
Implementing a provider is trivial, but implementing the set of classes that must accompany a provider is much harder. We’ve shown a simple provider class in this chapter. Although we’ll show the engine classes in the next few chapters, the mathematics behind designing and implementing a successful cryptographic algorithm are beyond the scope of this book. However, this architecture also allows users and administrators to buy or download third-party implementations of the security architecture and plug those implementations seamlessly into the Java virtual machine; a partial list of available third-party implementations appears in Appendix C.
In the next few chapters, we’ll examine the specifics of the engine classes—that is, the operations—that this security provider architecture makes possible. In those chapters, we’ll see how the engines are used, and the benefits each engine provides.