JCA uses a provider-based architecture, where one can specify a cryptography provider (like BouncyCastle) which will provide the implementations of JCA APIs.
[ ] Investigate if we can often identify the provider when tracking JCA crypto calls
[ ] If so, restructure the JCA rules to make them depend on the provider
[ ] Add BouncyCastle as a cryptography provider for JCA
JCA uses a provider-based architecture, where one can specify a cryptography provider (like BouncyCastle) which will provide the implementations of JCA APIs.