{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 相关推荐>> 的问题《PBEWITHSHA256AND128BITAES-CBC-BC creating java.sec》','https://www.manongdao.com/q-1351718.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
We have an application that uses Bouncy Castle to encrypt data using PBEWITHSHA256AND128BITAES-CBC-BC algorithm. It works fine on Ubuntu running OpenJDK 1.7. But when when we move it to RedHat 6.4 also running OpenJDK 1.7, we get the following exception:
java.security.NoSuchAlgorithmException
Any thoughts on what could be causing this. How can we add PBEWITHSHA256AND128BITAES-CBC-BC algorithm to RedHat 6.4?
p.s. the application is running in JBoss.
private String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
// load passPhrase from configured external file to char array.
char[] passPhrase = null;
try {
passPhrase = loadPassPhrase(passPhraseFile);
} catch (FileNotFoundException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The file not found: " + passPhraseFile, e));
} catch (IOException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("Error in reading file: " + passPhraseFile, e));
}
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm);
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
return newSecretKey;
} catch (NoSuchAlgorithmException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The algorithm is not found: " + cryptoAlgorithm, e));
} catch (InvalidKeySpecException e) {
throw BeanHelper.logException(LOG, methodName, new EJBException("The key spec is invalid", e));
}
(On RH 6.4)
#java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
(On Ubuntu 12.04)
#java version "1.7.0_15"
OpenJDK Runtime Environment (IcedTea7 2.3.7) (7u15-2.3.7-0ubuntu1~12.04)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
I guess the order of the security providers is different in both environments.
you can try to insert the bouncy castle provider at a specific position in the chain of providers. Here for example at the first position, if no other security provider is used this should not lead into problems.
the use of a specific provider for an algorithm is not recommended
see: Java ™ Cryptography Architecture(JCA) Reference Guide
I try to confirm your issue and looks like problem in your environment. Here is sample of code i successfully run on clean OpenJDK 1.7, 1.6, Oracle JDK 1.7 and 1.6
Command line:
java -cp bcprov-jdk15on-149.jar:. TestOutput:
OKTry to run that program on your environment. BouncyCastle jar you can download from here http://downloads.bouncycastle.org/java/bcprov-jdk15on-149.jar
Do you have the BouncyCastle provider JAR (e.g. bcprov-jdk15on-149.jar) in your classpath?
I tested your scenario with a minimal CentOS 6.4 (64-bit) installation, OpenJDK 1.7 and BouncyCastle 1.49, and found no issues with it.
I placed the JAR in the JRE lib/ext directory: