Book Home Java Security Search this book

13.2. The Sun Security Provider in the JCE

The JCE follows the same security provider infrastructure as does the rest of the Java security architecture; the JCE comes with an additional security provider that includes implementations of the engines of the JCE. In normal use, this security provider supplements the default security provider of the JDK; the security provider within the JCE contains implementations only of the engines of the JCE. Hence, to use the Sun JCE security provider, you need to add the SunJCE class (com.sun.crypto.provider.SunJCE) to your java.security file like this:

Class Definition

security.provider.2=com.sun.crypto.provider.SunJCE

Alternately, you may use the addProvider() or insertProviderAt() methods of the Security class. You may, of course, insert this provider at any position in the list of providers.

There are five new engine classes in the JCE: the Cipher, KeyAgreement, KeyGenerator, Mac, and SecretKeyFactory engines. Table 13-1 lists the engines and algorithms that are provided by the SunJCE security provider. In addition to implementations of the new engines, the SunJCE security provider gives us a key factory and a key pair generator for Diffie-Hellman (DH) keys as well as a new engine for working with keystores. As always, there may be additional algorithm names in third-party security providers. Also note that the algorithm name for the cipher engine may be more complex than we've shown here.

Table 13-1. Engine Classes of the JCE

Engine Name

Algorithm

Class Definition

Cipher

Class Definition

DES

Class Definition

Cipher

Class Definition

DESede

Class Definition

Cipher

Class Definition

PBEWithMD5AndDES

Class Definition

KeyAgreement

Class Definition

DH

Class Definition

KeyFactory

Class Definition

DH

Class Definition

KeyGenerator

Class Definition

DES

Class Definition

KeyGenerator

Class Definition

DESede

Class Definition

KeyPairGenerator

Class Definition

DH

Class Definition

SecretKeyFactory

Class Definition

DES

Class Definition

SecretKeyFactory

Class Definition

DESede

Class Definition

SecretKeyFactory

Class Definition

PBE

Class Definition

Mac

Class Definition

HmacSHA1

Class Definition

Mac

Class Definition

HmacMD5

Class Definition

KeyStore

Class Definition

JCEKS


Library Navigation Links

Copyright © 2001 O'Reilly & Associates. All rights reserved.