In Java-based applications, cryptography plays a vital role for ensuring confidentiality and integrity of Java objects, data and trusted communication. To support cryptographic services, the Java platform facilitates an extensible security architectural model via standard API mechanisms for integrating cryptography providers. There is support for digital signatures, message digests, encryption/decryption algorithms, PKI, Certificate authorities (CA), SSL/TLS based communication and PKCS#11 devices such as cryptographic hardware accelerators and smart cards.
To work with Java cryptographic services in your Java applications, the Java platform offers the following set of API frameworks and their implementations:
- Java Cryptographic Architecture (JCA) :
JCA provides basic cryptographic services and algorithms, which include support for digital signatures and message digests.
- Java Cryptography Extension (JCE):
JCE augments JCA functionalities with added cryptographic services that are subjected to U.S. export control regulations and includes support for encryption and decryption operations, secret key generation and agreement, and message authentication code (MAC) algorithms.
- Java Certification Path (CertPath):
CertPath provides the functionality of checking, verifying and validating the authenticity of certificate chains.
- Java Secure Socket Communication (JSSE):
JSSE facilitates secure communication by protecting the integrity and confidentiality of data exchanged using SSL/TLS protocols.
This was first published in October 2006