我在Java / Tomcat应用程序中遇到以下错误。
尝试更改java JRM和JDK中的安全策略文件,仍然相同......
Tomcat控制台输出:
java.security.InvalidKeyException: Wrong algorithm: AES or Rijndael required
at com.sun.crypto.provider.SunJCE_c.a(DashoA13*..)
at com.sun.crypto.provider.SunJCE_g.a(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineInit(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at com.illuminati.safemail.util.Util.encryptPrivateKey(Util.java:115)
at com.illuminati.safemail.service.DefaultBusinessServiceImpl.send(DefaultBusinessServiceImpl.java:122)
at com.illuminati.safemail.web.Controller.performAction(Controller.java:83)
at com.illuminati.safemail.web.Controller.doPost(Controller.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)
此功能导致错误:
public static synchronized byte[] encryptPrivateKey(
ElGamalPrivateKey privateKey, byte[] hashedAnsBytes)
throws NoSuchAlgorithmException, NoSuchPaddingException,
InvalidKeyException, IllegalBlockSizeException,
BadPaddingException, NoSuchProviderException, IOException {
Cipher c = Cipher.getInstance("AES");
SecretKeySpec key = new SecretKeySpec(hashedAnsBytes, "SHA256");
c.init(Cipher.ENCRYPT_MODE, key);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
ObjectOutput out = new ObjectOutputStream(bos);
out.writeObject(privateKey);
out.close();
bos.close();
byte[] pvtKeyBytes = c.doFinal(bos.toByteArray());
return pvtKeyBytes;
}
有什么建议吗?有趣的是,这个代码在CentOS机器上运行良好......这个代码有Ubuntu。
答案 0 :(得分:2)
你需要无限的力量加密。请注意,我只修复了许多编程错误,实际执行了散列,实际上将生成的密文写入流中,并使用随机IV的CBC模式。
public static synchronized byte[] encryptPrivateKey(
ElGamalPrivateKey privateKey, byte[] hashedAnsBytes)
throws GeneralSecurityException, IOException {
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
MessageDigest digest = MessageDigest.getInstance("SHA256");
final byte[] reallyHashed = digest.digest(hashedAnsBytes);
System.out.println(reallyHashed.length);
SecretKeySpec key = new SecretKeySpec(reallyHashed, "AES");
SecureRandom rnd = SecureRandom.getInstance("SHA1PRNG");
final byte[] iv = new byte[c.getBlockSize()];
rnd.nextBytes(iv);
IvParameterSpec spec = new IvParameterSpec(iv);
c.init(Cipher.ENCRYPT_MODE, key, spec);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
ObjectOutput out = new ObjectOutputStream(bos);
out.write(iv);
out.write(c.doFinal(privateKey.getEncoded()));
out.close();
bos.close();
byte[] pvtKeyBytes = c.doFinal(bos.toByteArray());
return pvtKeyBytes;
}