The JCE follows the same security provider infrastructure as does the rest of the Java security architecture; the JCE comes with an additional security provider that includes implementations of the engines of the JCE. In normal use, this security provider supplements the default security provider of the JDK; the security provider within the JCE contains implementations only of the engines of the JCE. Hence, to use the Sun JCE security provider, you need to add the SunJCE class (com.sun.crypto.provider.SunJCE) to your java.security file like this:

security.provider.2=com.sun.crypto.provider.SunJCE

Alternately, you may use the addProvider() or insertProviderAt() methods of the Security class. You may, of course, insert this provider at any position in the list of providers.

There are five new engine classes in the JCE: the Cipher, KeyAgreement, KeyGenerator, Mac, and SecretKeyFactory engines. Table 13.1 lists the engines and algorithms that are provided by the SunJCE security provider. In addition to implementations of the new engines, the SunJCE security provider gives us a key factory and a key pair generator for Diffie-Hellman (DH) keys as well as a new engine for working with keystores. As always, there may be additional algorithm names in third-party security providers. Also note that the algorithm name for the cipher engine may be more complex than we’ve shown here.