Introduction

The Security API is a core API of the Java™ programming language, built around the java.security package (and its subpackages). This API is designed to allow developers to incorporate both low-level and high-level security functionality into their programs.

The Security API in the SDK includes the Java Cryptography Architecture (JCA), a framework for accessing and developing cryptographic functionality for the Java platform. The JCA includes, for example, APIs for digital signatures, message digests, keys, and certificates, and a Java Security Architecture for fine-grained, highly configurable, flexible, and extensible access control.

The Java Cryptography Architecture encompasses the parts of the Java Security API related to cryptography, as well as a set of conventions and specifications described in this section. JCA includes a provider architecture that allows for multiple and interoperable cryptography implementations.

The Java Cryptography Extension (JCE) extends the JCA API to include APIs for encryption, key exchange, and Message Authentication Code (MAC). Together, the JCE and the cryptography aspects of the SDK provide a complete, platform-independent cryptography API.

This section is both a high-level description and a specification of the Java Cryptography Architecture API and its default providers, as included in the product. See the Java Cryptography Extension API Specification and Reference for information about the IBM® JCE provider. See the Java Security Architecture Specification for information about the Java Security Architecture aspects of the Security API.