Installing Providers for JCE
There are two parts to installing a provider: installing the provider package classes, and configuring the provider.
Installing the Provider Classes
The first thing you must do is make the provider classes available so that they can be found when requested. Provider classes are shipped as a JAR file.
There are a couple of possible ways of installing other provider classes:
- Place a JAR file containing the provider classes anywhere on your CLASSPATH.
- Install the provider JAR file as an "installed" or "bundled" optional package (extension).
For more information on "installed" extensions, see Installed Optional Packages.
For more information on "bundled" extensions, see Bundled Optional Packages.
Configuring the Provider
The next step is to add the provider to your list of approved providers. This step is done statically by editing the following security properties file
<install_dir>\jre\lib\security\java.security [Windows] <install_dir>/jre/security/java.security [UNIX]
<install_dir> refers to the directory where the
runtime environment was installed.
For each provider, this file should have a statement of the following form:
This statement declares a provider, and specifies its preference order n. The preference order is the order in which providers are searched for requested algorithms when no specific provider is requested. The order is 1-based; 1 is the most preferred, followed by 2, and so on.
masterClassName must specify the fully qualified name of the provider's "master class". The provider vendor should supply you this name.
J2SE comes standard with a number
of providers, which are automatically configured as static providers
java.security properties file, as follows:
security.provider.1=com.ibm.jsse.IBMJSSEProvider2 security.provider.2=com.ibm.crypto.provider.IBMJCE security.provider.3=com.ibm.security.jgss.IBMJGSSProvider security.provider.4=com.ibm.security.cert.IBMCertPath
"JCE" provider's master class is the
order to statically add a new provider to your list of providers,
you need to edit the security properties file to contain a line of
the format shown previously. For example, suppose that a provider's
master class is the
CryptoX class in the
and that you would like to make this provider the fifth preferred
provider. To do so, add the following line to the
after the line for the "IBMCertPath" provider:
can also be registered dynamically. To do so, a program can call either
Security class. This type of registration
is not persistent and can be done only by "trusted" programs. See
the Security class section of the Java™ Cryptography Architecture API
Specification and Reference.
An example of dynamic registration of the "CryptoX" provider is the following:
Provider cx = new com.cryptox.provider.CryptoX(); Security.addProvider(cx);