我们有一个应用程序,它使用PBEWITHSHA256AND128BITAES-CBC-BC
算法使用Bouncy Castle
对数据进行加密。它在运行OpenJDK 1.7
的Ubuntu
上运行良好。但是,当我们将它移到同时运行OpenJDK 1.7
的RedHat 6.4
上时,我们会得到以下异常:
java.security.NoSuchAlgorithmException
有没有想过是什么原因造成的。如何在RedHat 6.4
中添加PBEWITHSHA256AND128BITAES-CBC-BC
算法
p.s.应用程序在JBoss
中运行。
private String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
// load passPhrase from configured external file to char array.
char[] passPhrase = null;
try {
passPhrase = loadPassPhrase(passPhraseFile);
} catch (FileNotFoundException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The file not found: " + passPhraseFile, e));
} catch (IOException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("Error in reading file: " + passPhraseFile, e));
}
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm);
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
return newSecretKey;
} catch (NoSuchAlgorithmException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The algorithm is not found: " + cryptoAlgorithm, e));
} catch (InvalidKeySpecException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The key spec is invalid", e));
}
( RH 6.4上的)
#java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
(Ubuntu12.04上的)
#java version "1.7.0_15"
OpenJDK Runtime Environment (IcedTea7 2.3.7) (7u15-2.3.7-0ubuntu1~12.04)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
发布于 2013-06-09 12:00:59
您的类路径中是否有BouncyCastle提供者JAR (例如bcprov-jdk15on-149.jar)?
我使用最小的CentOS 6.4 (64位)安装、OpenJDK 1.7和BouncyCastle 1.49测试了您的场景,没有发现任何问题。
我将JAR放在JRE lib/ext目录中:
/usr/lib/jvm/java-1.7.0-openjdk.x86_64/jre/lib/ext
发布于 2013-06-07 20:43:27
我尝试确认您的问题,并且在您的环境中看起来有问题。下面是我在clean OpenJDK 1.7、1.6、Oracle JDK1.7和1.6上成功运行的代码示例
$ java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode):
命令行:java -cp bcprov-jdk15on-149.jar:. Test
输出:OK
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
public class Test {
public static void main(String[] args) throws Exception{
String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
char[] passPhrase = null;
passPhrase = "12321".toCharArray();
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm, "BC");
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
assert newSecretKey != null;
System.out.println("OK");
} catch (NoSuchAlgorithmException e) {
System.out.println("The algorithm is not found: " + cryptoAlgorithm);
} catch (InvalidKeySpecException e) {
System.out.println("The key spec is invalid");
}
}
}
尝试在您的环境中运行该程序。您可以从此处http://downloads.bouncycastle.org/java/bcprov-jdk15on-149.jar下载BouncyCastle jar
发布于 2013-06-04 19:05:57
我猜在这两个环境中,安全提供者的顺序是不同的。
for (Provider provider : Security.getProviders())
{
System.out.println("Name: " + provider.getName() + " Version: " + provider.getVersion());
}
您可以尝试在提供程序链中的特定位置插入bouncy castle提供程序。例如,在第一个位置,如果没有使用其他安全提供商,这应该不会导致问题。
Security.insertProviderAt(new BouncyCastleProvider(), 1);
不建议对算法使用特定的提供程序
SecretKeyFactory.getInstance(cryptoAlgorithm, provider)
https://stackoverflow.com/questions/16857723
复制相似问题