>我设法使用BouncyCastleProvider发出https请求,以适应"TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"密码套件
Security.addProvider(new BouncyCastleProvider());
Security.addProvider(new BouncyCastleJsseProvider());
SSLContext sslContext = SSLContext.getInstance("TLS", BouncyCastleJsseProvider.PROVIDER_NAME);
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
"PKIX"
,BouncyCastleJsseProvider.PROVIDER_NAME
);
KeyStore clientStore = KeyStore.getInstance("PKCS12");
InputStream instream =Thread.currentThread().getContextClassLoader().getResourceAsStream(PFX_PATH);
sslContext.init(
wrapKeyManagers(keyManagerFactory.getKeyManagers()),
new TrustManager[]{trustManager},
// tmf.getTrustManagers(),
SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME) );
并且我试图在包装密钥管理器方法中自定义keyManagerFactory。
private KeyManager[] wrapKeyManagers(KeyManager[] managers) {
return Arrays.stream(managers)
.map(manager -> {
if (manager instanceof X509KeyManager) {
X509KeyManager wrappedManager = (X509KeyManager) manager;
return new X509KeyManager() {
@Override
public String[] getClientAliases(String s, Principal[] principals) {
return wrappedManager.getClientAliases(replaceRsaWithEc(s), principals);
}
我发现它不起作用,我不能遇到这些覆盖方法
@Override
public String[] getClientAliases(String s, Principal[] principals) {
return wrappedManager.getClientAliases(replaceRsaWithEc(s), principals);
}
@Override
public String chooseClientAlias(String[] strings, Principal[] principals, Socket socket) {
return wrappedManager.chooseClientAlias(replaceRsaWithEc(strings), principals, socket);
}
@Override
public String[] getServerAliases(String s, Principal[] principals) {
return wrappedManager.getServerAliases(replaceRsaWithEc(s), principals);
}
我很真实,这是关于BouncyCastle的一些错误 是否有任何 api 或其他东西来自定义 keyManagerFactory?
急需帮助
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15on</artifactId>
<version>1.65</version>
</dependency>
将版本更改为 1.64 问题已解决