Question
I have a a piece of hardware which realises some crypto functions like random number generation (e.g a SmartCard). I would like to use this hardware during my TLS hadshake. Is it possible to do this, without implementing the TLS-Handshake by my own?
I tried to extend the class "SecureRandom" but the "next" methode is final so I can't override it so that it will return 'my' genetrated numbers.
So basically I would like to "outsource" all the crypto functions without implementing the TLS handshake in JAVA.
Thanks
Solution
Extend SecureRandomSpi instead. Then either implement a Provider or do a cheap SecureRandom as
https://stackoverflow.com/questions/15502544
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian public MySecureRandom()
throws NoSuchAlgorithmException, NoSuchProviderException {
super(new MySecureRandom(),null);
}
(The implementation of next relies on the given SPI)
Then pass your SecureRandom as an argument to SSLContext.init.
