问题
I have a a piece of hardware which realises some crypto functions like random number generation (e.g a SmartCard). I would like to use this hardware during my TLS hadshake. Is it possible to do this, without implementing the TLS-Handshake by my own?
I tried to extend the class "SecureRandom" but the "next" methode is final so I can't override it so that it will return 'my' genetrated numbers.
So basically I would like to "outsource" all the crypto functions without implementing the TLS handshake in JAVA.
Thanks
回答1:
Extend SecureRandomSpi instead. Then either implement a Provider or do a cheap SecureRandom as
public MySecureRandom()
throws NoSuchAlgorithmException, NoSuchProviderException {
super(new MySecureRandom(),null);
}
(The implementation of next relies on the given SPI)
Then pass your SecureRandom as an argument to SSLContext.init.
来源:https://stackoverflow.com/questions/15502544/tls-handshake-with-own-random-numbers-in-java