我认为 JCA 代替 JCE 很简单。然而,编写一些测试代码来获取我系统上的所有提供程序表明情况并非如此。
我注意到以下内容:
- 一些算法有多个提供者(例如:
MD5withRSA
is inSunRsaSign
以及SunJSSE
) - JCA 似乎拥有
type
超越 JCE 的算法
第 1 项是有道理的,因为 JCA(对我来说)是一个可供选择的 JCE 提供程序库/数组。
第 2 项有点令人困惑,因为它表明 JCA 并不完全是一组“相同”的 JCE 提供者。对于任何和每一种“类型”的提供者来说,这都是某种水坑,无论是否有 JCE 接口。
那么,JCA、它的提供者和 JCE 之间的工作关系是什么?提供者是否也存在于独立的孤岛中,还是它们相互“构建”/相互依赖?
对于对代码和提示此问题的结果感兴趣的人,它在下面列出
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
public class ConsoleListJca
{
public static void main(String[] args)
{
for (Provider provider : Security.getProviders())
{
System.out.println("Provider: " + provider.getName() + " (ver " + provider.getVersion() + ")");
System.out.print(" Algorithms: ");
ArrayList<String> algos = new ArrayList<String>();
for (Provider.Service service : provider.getServices())
{
algos.add(String.format( "%s (%s)", service.getAlgorithm(), service.getType()));
}
java.util.Collections.sort(algos);
String algorsStr = algos.toString();
// remove [ and ] from ArrayList's toString()
algorsStr = algorsStr.substring(1, algorsStr.length()-1);
System.out.println(algorsStr);
System.out.println();
}
}
}
结果(格式化为SO)是
Provider: SUN (ver 1.7)
Algorithms: CaseExactJKS (KeyStore), Collection (CertStore), DSA (AlgorithmParameterGenerator),
DSA (AlgorithmParameters), DSA (KeyFactory), DSA (KeyPairGenerator),
JKS (KeyStore), JavaLoginConfig (Configuration), JavaPolicy (Policy),
LDAP (CertStore), MD2 (MessageDigest), MD5 (MessageDigest), NONEwithDSA (Signature),
NativePRNG (SecureRandom), PKIX (CertPathBuilder), PKIX (CertPathValidator),
SHA (MessageDigest), SHA-256 (MessageDigest), SHA-384 (MessageDigest),
SHA-512 (MessageDigest), SHA1PRNG (SecureRandom), SHA1withDSA (Signature),
X.509 (CertificateFactory), com.sun.security.IndexedCollection (CertStore)
Provider: SunRsaSign (ver 1.7)
Algorithms: MD2withRSA (Signature), MD5withRSA (Signature), RSA (KeyFactory), RSA (KeyPairGenerator),
SHA1withRSA (Signature), SHA256withRSA (Signature), SHA384withRSA (Signature),
SHA512withRSA (Signature)
Provider: SunEC (ver 1.7)
Algorithms: EC (AlgorithmParameters), EC (KeyFactory), EC (KeyPairGenerator), ECDH (KeyAgreement),
NONEwithECDSA (Signature), SHA1withECDSA (Signature), SHA256withECDSA (Signature),
SHA384withECDSA (Signature), SHA512withECDSA (Signature)
Provider: SunJSSE (ver 1.7)
Algorithms: Default (SSLContext), MD2withRSA (Signature), MD5andSHA1withRSA (Signature),
MD5withRSA (Signature), NewSunX509 (KeyManagerFactory), PKCS12 (KeyStore),
PKIX (TrustManagerFactory), RSA (KeyFactory), RSA (KeyPairGenerator),
SHA1withRSA (Signature), SunX509 (KeyManagerFactory), SunX509 (TrustManagerFactory),
TLSv1 (SSLContext), TLSv1.1 (SSLContext), TLSv1.2 (SSLContext)
Provider: SunJCE (ver 1.7)
Algorithms: AES (AlgorithmParameters), AES (Cipher), AES (KeyGenerator), AESWrap (Cipher),
ARCFOUR (Cipher), ARCFOUR (KeyGenerator), Blowfish (AlgorithmParameters),
Blowfish (Cipher), Blowfish (KeyGenerator), DES (AlgorithmParameters),
DES (Cipher), DES (KeyGenerator), DES (SecretKeyFactory), DESede (AlgorithmParameters),
DESede (Cipher), DESede (KeyGenerator), DESede (SecretKeyFactory), DESedeWrap (Cipher),
DiffieHellman (AlgorithmParameterGenerator), DiffieHellman (AlgorithmParameters),
DiffieHellman (KeyAgreement), DiffieHellman (KeyFactory),
DiffieHellman (KeyPairGenerator), HmacMD5 (KeyGenerator), HmacMD5 (Mac),
HmacPBESHA1 (Mac), HmacSHA1 (KeyGenerator), HmacSHA1 (Mac), HmacSHA256 (KeyGenerator),
HmacSHA256 (Mac), HmacSHA384 (KeyGenerator), HmacSHA384 (Mac), HmacSHA512 (KeyGenerator),
HmacSHA512 (Mac), JCEKS (KeyStore), OAEP (AlgorithmParameters), PBE (AlgorithmParameters),
PBEWithMD5AndDES (AlgorithmParameters), PBEWithMD5AndDES (Cipher),
PBEWithMD5AndDES (SecretKeyFactory), PBEWithMD5AndTripleDES (AlgorithmParameters),
PBEWithMD5AndTripleDES (Cipher), PBEWithMD5AndTripleDES (SecretKeyFactory),
PBEWithSHA1AndDESede (AlgorithmParameters), PBEWithSHA1AndDESede (Cipher),
PBEWithSHA1AndDESede (SecretKeyFactory), PBEWithSHA1AndRC2_40 (AlgorithmParameters),
PBEWithSHA1AndRC2_40 (Cipher), PBEWithSHA1AndRC2_40 (SecretKeyFactory),
PBKDF2WithHmacSHA1 (SecretKeyFactory), RC2 (AlgorithmParameters), RC2 (Cipher),
RC2 (KeyGenerator), RSA (Cipher), SslMacMD5 (Mac), SslMacSHA1 (Mac),
SunTls12Prf (KeyGenerator), SunTlsKeyMaterial (KeyGenerator), SunTlsMasterSecret (KeyGenerator),
SunTlsPrf (KeyGenerator), SunTlsRsaPremasterSecret (KeyGenerator)
Provider: SunJGSS (ver 1.7)
Algorithms: 1.2.840.113554.1.2.2 (GssApiMechanism), 1.3.6.1.5.5.2 (GssApiMechanism)
Provider: SunSASL (ver 1.7)
Algorithms: CRAM-MD5 (SaslClientFactory), CRAM-MD5 (SaslServerFactory), DIGEST-MD5 (SaslClientFactory),
DIGEST-MD5 (SaslServerFactory), EXTERNAL (SaslClientFactory), GSSAPI (SaslClientFactory),
GSSAPI (SaslServerFactory), NTLM (SaslClientFactory), NTLM (SaslServerFactory), PLAIN (SaslClientFactory)
Provider: XMLDSig (ver 1.0)
Algorithms: DOM (KeyInfoFactory), DOM (XMLSignatureFactory),
http://www.w3.org/2000/09/xmldsig#base64 (TransformService),
http://www.w3.org/2000/09/xmldsig#enveloped-signature (TransformService),
http://www.w3.org/2001/10/xml-exc-c14n# (TransformService),
http://www.w3.org/2001/10/xml-exc-c14n#WithComments (TransformService),
http://www.w3.org/2002/06/xmldsig-filter2 (TransformService),
http://www.w3.org/2006/12/xml-c14n11 (TransformService),
http://www.w3.org/2006/12/xml-c14n11#WithComments (TransformService),
http://www.w3.org/TR/1999/REC-xpath-19991116 (TransformService),
http://www.w3.org/TR/1999/REC-xslt-19991116 (TransformService),
http://www.w3.org/TR/2001/REC-xml-c14n-20010315 (TransformService),
http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments (TransformService)
Provider: SunPCSC (ver 1.7)
Algorithms: PC/SC (TerminalFactory)
Provider: Apple (ver 1.1)
Algorithms: KeychainStore (KeyStore)