O'Reilly logo

Java Security by Scott Oaks

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Sun Security Provider in the JCE

The JCE follows the same security provider infrastructure as does the rest of the Java security architecture; the JCE comes with an additional security provider that includes implementations of the engines of the JCE. In normal use, this security provider supplements the default security provider of the JDK; the security provider within the JCE contains implementations only of the engines of the JCE. Hence, to use the Sun JCE security provider, you need to add the SunJCE class (com.sun.crypto.provider.SunJCE) to your java.security file like this:

security.provider.2=com.sun.crypto.provider.SunJCE

Alternately, you may use the addProvider() or insertProviderAt() methods of the Security class. You may, of course, insert this provider at any position in the list of providers.

There are five new engine classes in the JCE: the Cipher, KeyAgreement, KeyGenerator, Mac, and SecretKeyFactory engines. Table 13.1 lists the engines and algorithms that are provided by the SunJCE security provider. In addition to implementations of the new engines, the SunJCE security provider gives us a key factory and a key pair generator for Diffie-Hellman (DH) keys as well as a new engine for working with keystores. As always, there may be additional algorithm names in third-party security providers. Also note that the algorithm name for the cipher engine may be more complex than we’ve shown here.

Table 13-1. Engine Classes of the JCE

Engine Name

Algorithm ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required