replaced by the name of the provider itself e.g., Sun for the standard security provider. Since the interface to this class is simple, we wont actually show how it is used, although we will use some of these methods later in this chapter. Note also that there is no public constructor for the Provider class −− a provider can only be constructed under special circumstances well discuss later.

8.2.2 Implementing the Provider Class

If youre going to provide your own set of classes to perform security operations, you must extend the Provider class and register that class with the security infrastructure. In this section, well explore how to do that. Most of the time, of course, you will not implement your own Provider class −− youll just use the default providers or perhaps install a third−party provider using the techniques that we explore in the next section. Although the Provider class is abstract, none of its methods are abstract. This means that implementing a provider is, at first blush, simple: all you need do is subclass the Provider class and provide an appropriate constructor. The subclass must provide a constructor since there is no default constructor within the Provider class. The only constructor available to us is: protected ProviderString name, double version, String info Construct a provider with the given name, version number, and information string. Hence, the basic implementation of a security provider is: public class XYZProvider extends Provider { public XYZProvider { superXYZ, 1.0, XYZ Security Provider v1.0; } } Here were defining the skeleton of a provider that is going to provide certain facilities based on various algorithms of the XYZ Corporation. Throughout the remainder of this book, well be developing the classes that apply to the XYZs cryptographic methods, but they will be examples only −− they lack the rigorous mathematical properties that these algorithms must have. In practice, you might choose to implement algorithms that correspond to the RSA algorithms for the cryptographic engines. Good examples of implementing cryptographic algorithms can be found in Jonathan Knudsens Java Cryptography OReilly. Note we used a default constructor in this class rather than providing a constructor similar to the one found in the Provider class itself. The reason for this has to do with the way providers are constructed, which we discuss at the end of this section. When you write a provider, it must provide a constructor with no arguments. This is a complete, albeit useless, implementation of a provider. In order to add some functionality to our provider, we must put some associations into the provider. The associations will perform the mapping that we mentioned earlier; it is necessary for the provider to map the name of an engine and algorithm with the name of a class that implements that operation. This is why the Provider class itself is a subclass of the Properties class −− so that we can make each of those associations into a property. The operations that our provider will be consulted about are listed in Table 8−2. In this example, were going to be providing an SHA algorithm for performing message digests since that would be needed as part of the signature generation algorithm we want to implement. Theres no absolute requirement for this; we could have depended on the default Sun security provider to supply this algorithm for us. On the other hand, theres no guarantee that the default security provider will be in place when our security provider is installed, so its a good idea for a provider to include all the algorithms it will need. Table 8−2. Properties Included by Our Sample Provider Property Corresponding Class KeyGenerator.XOR javasec.samples.ch09.XORKeyGenerator KeyPairGenerator.XYZ javasec.samples.ch09.XYZKeyPairGenerator KeyFactory.XYZ javasec.samples.ch09.XYZKeyFactory MessageDigest.XYZ javasec.samples.ch11.XYZMessageDigest Signature.XYZwithSHA javasec.samples.ch12.XYZSignature Cipher.XOR javasec.samples.ch13.XORCipher KeyManagerFactory.XYZ javasec.samples.ch14.SSLKeyManagerFactory In order to make the associations from this table, then, our XYZProvider class needs to look like this: package javasec.samples.ch08; import java.security.; public class XYZProvider extends Provider { public XYZProvider { superXYZ, 1.0, XYZ Security Provider v1.0; These are examples well demonstrate throughout the next chapters. putKeyGenerator.XOR, javasec.samples.ch09.XORKeyGenerator; putKeyPairGenerator.XYZ, javasec.samples.ch09.XYZKeyPairGenerator; putKeyFactory.XYZ, javasec.samples.ch09.XYZKeyFactory; putMessageDigest.XYZ, javasec.samples.ch11.XYZMessageDigest; putSignature.XYZwithSHA, javasec.samples.ch12.XYZSignature; putCipher.XOR, javasec.samples.ch13.XORCipher; putKeyManagerFactory.XYZ, javasec.samples.ch14.SSLKeyManagerFactory; Now include any aliases