难道一个Android加密提供商需要签名? [英] Does an android cryptography provider need to be signed?
问题描述
在从Oracle的Java SE,它需要的加密功能的提供者签署。这个签名需要使用属于已经由Oracle签署的证书的私人密钥发生。如果的.jar 提供者未签名,那么供应商不能插入Java加密体系结构(JCA)作为Java加密扩展(JCE)。
In Java SE from Oracle, it is required for a provider of cryptographic functions to be signed. This signing needs to occur using a private key belonging to a certificate that has been signed by Oracle. If the .jar of the provider is not signed, then the provider cannot be plugged into the Java Cryptography Architecture (JCA) as a Java Cryptography Extension (JCE).
Android版是否需要4.0-4.4的供应商签署呢?如果是这样,在那里创建用于签名密钥/证书对具体规定?
Does Android 4.0-4.4 require the providers to be signed as well? If so, are there specific regulations to creating a key/certificate pair that is used for signing?
推荐答案
没有,没有。您的应用程序在Android沙箱中运行的唯一的事情,所以对SecurityManager接口没有任何意义。作为一个警告,你不应该加载和运行不可信code(请参见在SecurityManager的 Android电子文档)
No, it does not. Your application is the only thing running in the Android sandbox, so the SecurityManager interface doesn't make any sense. As a caveat, you shouldn't load and run untrusted code (see the Android docs on SecurityManager)
这篇关于难道一个Android加密提供商需要签名?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
