Java Cryptography Architecture (JCA)

The Java Cryptography Architecture (JCA) is a major piece of the platform, and contains a "Provider" architecture and a set of APIs for digital signatures, message digests (hashes), certificates and certificate validation, encryption (symmetric/asymmetric block/stream ciphers), key generation and management, and secure random number generation, to name a few. These APIs allow developers to easily integrate security into their application code.

The JDK exposes several settings which allows end users to tweak the behavior of the JCA. Learn about all aspects of services offered via the JCA here.

Learning the Basics of the JCA

The JCA is the bedrock for the Java SE Platform Security Architecture. See Java SE Platform Security Architecture in the JDK 21 Java Platform, Standard Edition Security Developer"s Guide.

Knowledge of how to install, configure and debug the Providers that form part of the JCA is a great asset for understanding how the cryptography framework behaves in the JDK. Learn more in the "Java Cryptography (JCA) Reference Guide" in Java Platform, Standard Edition Security Developer"s Guide for your version:

• JDK 25 (LTS)
• JDK 21 (LTS)
• JDK 17 (LTS)
• JDK 11 (LTS)
• JDK 8 (LTS)

Information on the Providers that ship by default in the JDK can be found in the Java Platform, Standard Edition Security Developer"s Guide for your version:

• JDK 25 (LTS)
• JDK 21 (LTS)
• JDK 17 (LTS)
• JDK 11 (LTS)
• JDK 8 (LTS)

Learn how to inspect Provider operations in detail via use of the java.security.debug=provider system property.