Examples of java.security.Provider

• java.security.Provider
  This class represents a "provider" for the Java Security API, where a provider implements some or all parts of Java Security. Services that a provider may implement include:

  • Algorithms (such as DSA, RSA, MD5 or SHA-1).
  • Key generation, conversion, and management facilities (such as for algorithm-specific keys).

  Each provider has a name and a version number, and is configured in each runtime it is installed in.

  See The Provider Class in the "Java Cryptography Architecture API Specification & Reference" for information about how a particular type of provider, the cryptographic service provider, works and is installed. However, please note that a provider can be used to implement any security service in Java that uses a pluggable architecture with a choice of implementations that fit underneath.

  Some provider implementations may encounter unrecoverable internal errors during their operation, for example a failure to communicate with a security token. A {@link ProviderException} should be used to indicate such errors.

  The service type Provider is reserved for use by the security framework. Services of this type cannot be added, removed, or modified by applications. The following attributes are automatically placed in each Provider object:

  Name	Value
  Provider.id name	String.valueOf(provider.getName())
  Provider.id version	String.valueOf(provider.getVersion())
  Provider.id info	String.valueOf(provider.getInfo())
  Provider.id className	provider.getClass().getName()

  @version 1.77, 08/07/06 @author Benjamin Renaud @author Andreas Sterbenz

    SunJCE = checkUse("use.SunJCE") ? Security.getProvider("SunJCE") : null;
  }
  static private class BouncyCastleLoader {
    private BouncyCastleLoader() {}
    private Provider load() throws Throwable {
      Provider p = Security.getProvider("BC");
      if (p == null) {
        try {
          Class<?> c = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
          p = (Provider)c.newInstance();
          Security.addProvider(p);

    }
  }
  static private class NSSLoader {
    private NSSLoader() {}
    private Provider load(boolean atfirst) throws Throwable {
      Provider nssProvider = null;
      for(Provider p: java.security.Security.getProviders()) {
        if (p.getName().matches("^SunPKCS11-(?i)NSS.*$")) {
          nssProvider = p;
          break;
        }

  /** @return null if JCA is crippled (restricted to 128-bit) so we need
   * to use this class. */
  private static Provider getAesCtrProvider() {
    try {
      final String algo = "AES/CTR/NOPADDING";
      final Provider bcastle = JceLoader.BouncyCastle;
      final Class<?> clazz = Rijndael.class;

      byte[] key = new byte[32]; // Test for whether 256-bit works.
      byte[] iv = new byte[16];
      byte[] plaintext = new byte[16];
      SecretKeySpec k = new SecretKeySpec(key, "AES");
      IvParameterSpec IV = new IvParameterSpec(iv);

      Cipher c = Cipher.getInstance(algo);
      c.init(Cipher.ENCRYPT_MODE, k, IV);
      // ^^^ resolve provider
      Provider provider = c.getProvider();
      if (bcastle != null) {
        // BouncyCastle provider is faster (in some configurations)
        try {
          Cipher bcastle_cipher = Cipher.getInstance(algo, bcastle);
          bcastle_cipher.init(Cipher.ENCRYPT_MODE, k, IV);
          Provider bcastle_provider = bcastle_cipher.getProvider();
          if (provider != bcastle_provider) {
            long time_def = benchmark(c, k, IV);
            long time_bcastle = benchmark(bcastle_cipher, k, IV);
            System.out.println(algo + " (" + provider + "): " + time_def + "ns");
            System.out.println(algo + " (" + bcastle_provider + "): " + time_bcastle + "ns");

     * @throws NoSuchProviderException
     */
    public static PublicKey publicToExplicitParameters(PublicKey key, String providerName)
        throws IllegalArgumentException, NoSuchAlgorithmException, NoSuchProviderException
    {
        Provider provider = Security.getProvider(providerName);

        if (provider == null)
        {
            throw new NoSuchProviderException("cannot find provider: " + providerName);
        }

     * @throws NoSuchProviderException
     */
    public static PrivateKey privateToExplicitParameters(PrivateKey key, String providerName)
        throws IllegalArgumentException, NoSuchAlgorithmException, NoSuchProviderException
    {
        Provider provider = Security.getProvider(providerName);

        if (provider == null)
        {
            throw new NoSuchProviderException("cannot find provider: " + providerName);
        }

     * return a more "meaningful" representation for the signature algorithm used in
     * the certficate.
     */
    public String getSigAlgName()
    {
        Provider    prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);

        if (prov != null)
        {
            String      algName = prov.getProperty("Alg.Alias.Signature." + this.getSigAlgOID());

            if (algName != null)
            {
                return algName;
            }

     * return a more "meaningful" representation for the signature algorithm used in
     * the certficate.
     */
    public String getSigAlgName()
    {
        Provider    prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);

        if (prov != null)
        {
            String      algName = prov.getProperty("Alg.Alias.Signature." + this.getSigAlgOID());

            if (algName != null)
            {
                return algName;
            }

    }

    static Provider getProvider(String provider)
        throws NoSuchProviderException
    {
        Provider prov = Security.getProvider(provider);

        if (prov == null)
        {
            throw new NoSuchProviderException("Provider " + provider + " not found");
        }

    @SuppressWarnings("PMD.EmptyCatchBlock")
    public void loadKeyStore() throws Exception
    {
        if ( Strings.isEmpty( keystoreFile ) )
        {
            Provider provider = Security.getProvider( "SUN" );
            LOG.debug( "provider = {}", provider );
            CoreKeyStoreSpi coreKeyStoreSpi = new CoreKeyStoreSpi( getDirectoryService() );
            keyStore = new KeyStore( coreKeyStoreSpi, provider, "JKS" )
            {
            };

    public void setLdapServer( LdapServer ldapServer )
    {
        LOG.debug( "Setting LDAP Service" );
        Provider provider = Security.getProvider( "SUN" );
        LOG.debug( "provider = {}", provider );

        try
        {
            sslContext = SSLContext.getInstance( "TLS" );