PBEWITHSHA256AND128BITAES-CBC-BC 在 RedHat 6.4 上创建 java.security.NoSuchAlgorithmException
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16857723/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PBEWITHSHA256AND128BITAES-CBC-BC creating java.security.NoSuchAlgorithmException on RedHat 6.4
提问by Saqib Ali
We have an application that uses Bouncy Castleto encrypt data using PBEWITHSHA256AND128BITAES-CBC-BCalgorithm. It works fine on Ubunturunning OpenJDK 1.7. But when when we move it to RedHat 6.4also running OpenJDK 1.7, we get the following exception:
我们有一个应用程序,用于Bouncy Castle使用PBEWITHSHA256AND128BITAES-CBC-BC算法加密数据。它在Ubuntu运行时运行良好OpenJDK 1.7。但是当我们将它移动到RedHat 6.4also running 时OpenJDK 1.7,我们得到以下异常:
java.security.NoSuchAlgorithmException
java.security.NoSuchAlgorithmException
Any thoughts on what could be causing this. How can we add PBEWITHSHA256AND128BITAES-CBC-BCalgorithm to RedHat 6.4?
关于可能导致这种情况的任何想法。我们如何将PBEWITHSHA256AND128BITAES-CBC-BC算法添加到RedHat 6.4?
p.s.the application is running in JBoss.
ps应用程序正在运行JBoss。
private String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
// load passPhrase from configured external file to char array.
char[] passPhrase = null;
try {
passPhrase = loadPassPhrase(passPhraseFile);
} catch (FileNotFoundException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The file not found: " + passPhraseFile, e));
} catch (IOException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("Error in reading file: " + passPhraseFile, e));
}
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm);
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
return newSecretKey;
} catch (NoSuchAlgorithmException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The algorithm is not found: " + cryptoAlgorithm, e));
} catch (InvalidKeySpecException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The key spec is invalid", e));
}
(On RH 6.4)
(在 RH 6.4 上)
#java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
(On Ubuntu 12.04)
(在 Ubuntu 12.04 上)
#java version "1.7.0_15"
OpenJDK Runtime Environment (IcedTea7 2.3.7) (7u15-2.3.7-0ubuntu1~12.04)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
采纳答案by Jukka
Do you have the BouncyCastle provider JAR (e.g. bcprov-jdk15on-149.jar) in your classpath?
您的类路径中是否有 BouncyCastle 提供程序 JAR(例如 bcprov-jdk15on-149.jar)?
I tested your scenario with a minimal CentOS 6.4 (64-bit) installation, OpenJDK 1.7 and BouncyCastle 1.49, and found no issues with it.
我使用最小的 CentOS 6.4(64 位)安装、OpenJDK 1.7 和 BouncyCastle 1.49 测试了您的场景,并没有发现任何问题。
I placed the JAR in the JRE lib/ext directory:
我将 JAR 放在 JRE lib/ext 目录中:
/usr/lib/jvm/java-1.7.0-openjdk.x86_64/jre/lib/ext
回答by user1516873
I try to confirm your issue and looks like problem in your environment. Here is sample of code i successfully run on clean OpenJDK 1.7, 1.6, Oracle JDK 1.7 and 1.6
我尝试确认您的问题,并且在您的环境中看起来有问题。这是我在干净的 OpenJDK 1.7、1.6、Oracle JDK 1.7 和 1.6 上成功运行的代码示例
$ java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode):
Command line: java -cp bcprov-jdk15on-149.jar:. Test
命令行: java -cp bcprov-jdk15on-149.jar:. Test
Output: OK
输出: OK
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
public class Test {
public static void main(String[] args) throws Exception{
String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
char[] passPhrase = null;
passPhrase = "12321".toCharArray();
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm, "BC");
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
assert newSecretKey != null;
System.out.println("OK");
} catch (NoSuchAlgorithmException e) {
System.out.println("The algorithm is not found: " + cryptoAlgorithm);
} catch (InvalidKeySpecException e) {
System.out.println("The key spec is invalid");
}
}
}
Try to run that program on your environment. BouncyCastle jar you can download from here http://downloads.bouncycastle.org/java/bcprov-jdk15on-149.jar
尝试在您的环境中运行该程序。BouncyCastle jar 你可以从这里下载http://downloads.bouncycastle.org/java/bcprov-jdk15on-149.jar
回答by SubOptimal
I guess the order of the security providers is different in both environments.
我猜这两种环境中安全提供者的顺序是不同的。
for (Provider provider : Security.getProviders())
{
System.out.println("Name: " + provider.getName() + " Version: " + provider.getVersion());
}
you can try to insert the bouncy castle provider at a specific position in the chain of providers. Here for example at the first position, if no other security provider is used this should not lead into problems.
您可以尝试在提供者链中的特定位置插入充气城堡提供者。例如在第一个位置,如果没有使用其他安全提供程序,这应该不会导致问题。
Security.insertProviderAt(new BouncyCastleProvider(), 1);
the use of a specific provider for an algorithm is not recommended
不建议为算法使用特定的提供者
SecretKeyFactory.getInstance(cryptoAlgorithm, provider)
