1、开发环境ubuntu+eclipse+openJDK
本来想在xp下开发,但是JDK1.6中有层层限制:JCA对外出口但是JCE对外不出口,当你实现后调用Cipher会报如下错误:
Exception in thread "main" java.lang.SecurityException: JCE cannot authenticate the provider SecureProvider
at javax.crypto.Cipher.getInstance(DashoA13*..)
at com.ligson.test.SimpleTest.main(SimpleTest.java:19)
Caused by: java.util.jar.JarException: Cannot parse file:/E:/code/itrusca/MyProvider/target/classes/
at javax.crypto.SunJCE_c.a(DashoA13*..)
at javax.crypto.SunJCE_b.b(DashoA13*..)
at javax.crypto.SunJCE_b.a(DashoA13*..)
... 2 more
意思是让你去用自己产生的CSR提交到SUN的CA中心(IBM旗下也有)产生一张证书,进行代码签名(据我找到的信息,他一般是不会向你颁发证书的,也许你会说BouncyCastle就有自己的Provider,但是人家不是中国的)
2、Provider的实现
package com.ligson.provider;
import java.io.IOException;
import java.net.URL;
import java.security.AccessController;
import java.security.AuthProvider;
import java.security.CodeSource;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.SecurityPermission;
import java.util.jar.JarException;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import com.ligson.jce.impl.SM3MessageDigest;
public final class SecureProvider extends AuthProvider {
private static String name = "SecureProvider";
private static String info = "this is a test provider for sm2/sm3";
private static double version = 1.0d;
public SecureProvider() {
super(name, version, info);
// this.putService(s);
//授权
AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
//放入自己的基础实现类
//格式:类型.算法
put("Cipher.SM2", "com.ligson.jce.impl.SM2Cipher");
put(&#