Architecture

Java Security is a collection of application programming interfaces (APIs), some of them are part of the Java Development Kit (JDK), that underlies the Toolkit and provides the base for its cryptographic services. These APIs include:

• the built-in security packages of the JDK

• the Java Cryptography Extension (JCE)

• the Java Secure Sockets Extension (JSSE)

The Java Cryptography Architecture (JCA), which governs the design of the security packages of the JDK, is extended by the JCE to include APIs for digital signatures, hash functions, encryption, key exchange, and Message Authentication Codes (MAC).

Using the Service Provider Interface (SPI) of the JCA, custom cryptographic service providers (usually a package or set of packages), such as those provided by the Toolkit, can implement the cryptographic features of the JCA to invoke their own message digests, encryption algorithms, and other utilities that a security application might require.