我有一个示例代码,其中我只是使用公钥解密数据,我得到了" org.bouncycastle.crypto.fips.FipsOperationError:模块校验和失败:条目" ERROR
当我尝试创建Cipher
的实例时,它会抛出异常 private static boolean checkHashPadding(PublicKey key, byte[]
signature) {
if(key.getAlgorithm().equalsIgnoreCase("RSA")) {
try {
// Unencrypt the data to get the hash (as in PKCS#1 format)
Cipher c = Cipher.getInstance("RSA/NONE/PKCS1Padding", new
BouncyCastleFipsProvider()); // -- IT is Failing here
c.init(Cipher.DECRYPT_MODE, key);
byte[] hashDER = c.doFinal(signature);
System.out.println(hashDER);
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
return true;
}
mainFunction:
public static void main(String s []){
byte[] signature = {
41, 9, 86, 109, -67, 82, -61, -60, -1, -46, 26, 65, 20, -112, 23, -16, -25, 115, 21, 39, -49,
11, -98, 44, 96, -51, 24, -97, -38, -72, 27, -119, 16, -43, 38, -49, -116, 3, 62, 12, -7, 102, 67, -37,
-128, -10, 3, 122, -22, -2, -58, 97, 104, 74, 76, -45, 19, 50, 34, 33, -74, 54, 44, -60, 23, -109, -6,
-3, -31, -98, -58, 12, -94, -72, -15, -72, 22, 88, -54, 5, 122, -29, -27, -74, 47, -127, 26, 120, 64,
59, 53, -82, -97, -80, -66, 48, -16, 26, 17, 60, 104, 78, -91, 2, 78, 33, -18, -60, 30, -118, -51, 29,
0, -48, 87, -112, 23, 70, 127, -80, 116, -93, -1, 51, -56, -110, 86, -68
};
byte[] signatureBytes = {48, -126, 4, 6, 6, 9, 42, -122, 72, -122, -9, 13, 1, 7, 2, -96, -126, 3, -9, 48, -126, 3, -13, 2, 1, 1, 49, 15, 48, 13, 6, 9, 96,
-122, 72, 1, 101, 3, 4, 2, 1, 5, 0, 48, 11, 6, 9, 42, -122, 72, -122, -9, 13, 1, 7, 1, -96, -126, 2, -116, 48, -126, 2, -120, 48, -126, 1, -15, 2,
4, 68, 42, 24, 78, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 4, 5, 0, 48, -127, -118, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 85, 83, 49, 11,
48, 9, 6, 3, 85, 4, 8, 19, 2, 67, 65, 49, 17, 48, 15, 6, 3, 85, 4, 7, 19, 8, 83, 97, 110, 32, 74, 111, 115, 101, 49, 28, 48, 26, 6, 3, 85, 4, 10,
19, 19, 65, 100, 111, 98, 101, 32, 83, 121, 115, 116, 101, 109, 115, 44, 32, 73, 110, 99, 46, 49, 17, 48, 15, 6, 3, 85, 4, 11, 19, 8, 67, 111, 114,
101, 74, 97, 118, 97, 49, 42, 48, 40, 6, 3, 85, 4, 3, 19, 33, 74, 111, 101, 32, 67, 111, 111, 108, 32, 40, 83, 101, 108, 102, 83, 105, 103, 110, 101,
100, 45, 49, 48, 50, 52, 66, 105, 116, 45, 82, 83, 65, 41, 48, 30, 23, 13, 48, 54, 48, 51, 50, 57, 48, 53, 49, 55, 48, 50, 90, 23, 13, 49, 54, 48,
51, 50, 54, 48, 53, 49, 55, 48, 50, 90, 48, -127, -118, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 85, 83, 49, 11, 48, 9, 6, 3, 85, 4, 8, 19, 2, 67, 65,
49, 17, 48, 15, 6, 3, 85, 4, 7, 19, 8, 83, 97, 110, 32, 74, 111, 115, 101, 49, 28, 48, 26, 6, 3, 85, 4, 10, 19, 19, 65, 100, 111, 98, 101, 32, 83,
121, 115, 116, 101, 109, 115, 44, 32, 73, 110, 99, 46, 49, 17, 48, 15, 6, 3, 85, 4, 11, 19, 8, 67, 111, 114, 101, 74, 97, 118, 97, 49, 42, 48, 40,
6, 3, 85, 4, 3, 19, 33, 74, 111, 101, 32, 67, 111, 111, 108, 32, 40, 83, 101, 108, 102, 83, 105, 103, 110, 101, 100, 45, 49, 48, 50, 52, 66, 105,
116, 45, 82, 83, 65, 41, 48, -127, -97, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 3, -127, -115, 0, 48, -127, -119, 2, -127, -127, 0,
-48, -82, 98, -106, -36, -91, -33, -39, 37, 83, -27, 66, -78, -31, -67, 18, 60, -108, -121, -41, 10, -70, 104, -98, -54, -93, 110, 46, 64, -10, -86,
28, -29, 127, 4, -66, -24, 54, 38, 119, -93, 127, 107, 80, 6, 23, 115, 76, 0, 103, -127, 39, 98, -69, -36, -47, -89, -97, 73, -69, -83, 96, 68, 20, 67, 64, -39, -57, -124, 92, -77, 33, 47, 46, -4, -36, 123, 92, -117, 57, -38, -108, -16, -112, -19, 106, 87, -90, -49, -60, 18, -61, 80, 66, 78, 102, -121, -37, 31, 42, -51, 113, 24, 123, 50, 8, 41, 101, -53, 48, 89, 28, 61, 64, 104, -73, 110, -10, 125, 6, 94, -126, 101, -50, -73, 66, -119, 13, 2, 3, 1, 0, 1, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 4, 5, 0, 3, -127, -127, 0, 19, 25, -55, -23, 18, -13, -64, -9, -75, 74, -106, 78, -55, 23, -29, 18, -3, -37, 30, 77, -4, -13, -120, -1, -103, 34, -12, 65, 69, 7, 94, -124, 104, 90, -4, -86, -27, 0, 16, 97, 104, 116, 118, 117, -99, 78, 75, 23, 58, -121, 66, -72, -6, -16, -21, -8, 2, -44, 22, -9, -54, 100, 104, 14, 125, 96, 37, 98, 82, -123, 109, 47, -14, -35, 114, 27, -65, 11, 28, -77, -90, 40, -112, -13, 99, 44, 125, 99, -23, -17, -77, 58, 20, 21, -98, -78, 39, -120, -103, 119, -24, 8, 123, 69, 26, -107, 65, 98, 100, 0, 20, 79, -119, 93, 29, 68, 95, 102, 19, 112, -89, 122, -47, 95, -35, -61, 35, -119, 49, -126, 1, 62, 48, -126, 1, 58, 2, 1, 1, 48, -127, -109, 48, -127, -118, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 85, 83, 49, 11, 48, 9, 6, 3, 85, 4, 8, 19, 2, 67, 65, 49, 17, 48, 15, 6, 3, 85, 4, 7, 19, 8, 83, 97, 110, 32, 74, 111, 115, 101, 49, 28, 48, 26, 6, 3, 85, 4, 10, 19, 19, 65, 100, 111, 98, 101, 32, 83, 121, 115, 116, 101, 109, 115, 44, 32, 73, 110, 99, 46, 49, 17, 48, 15, 6, 3, 85, 4, 11, 19, 8, 67, 111, 114, 101, 74, 97, 118, 97, 49, 42, 48, 40, 6, 3, 85, 4, 3, 19, 33, 74, 111, 101, 32, 67, 111, 111, 108, 32, 40, 83, 101, 108, 102, 83, 105, 103, 110, 101, 100, 45, 49, 48, 50, 52, 66, 105, 116, 45, 82, 83, 65, 41, 2, 4, 68, 42, 24, 78, 48, 13, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 1, 5, 0, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 4, -127, -128, 41, 9, 86, 109, -67, 82, -61, -60, -1, -46, 26, 65, 20, -112, 23, -16, -25, 115, 21, 39, -49, 11, -98, 5, 96, -51, 24, -97, -38, -72, 27, -119, 16, -43, 38, -49, -116, 3, 62, 12, -7, 102, 67, -37, -128, -10, 3, 122, -22, -2, -58, 97, 104, 74, 76, -45, 19, 50, 34, 33, -74, 54, 44, -60, 23, -109, -6, -3, -31, -98, -58, 12, -94, -72, -15, -72, 22, 88, -54, 5, 122, -29, -27, -74, 47, -127, 26, 120, 64, 59, 53, -82, -97, -80, -66, 48, -16, 26, 17, 60, 104, 78, -91, 2, 78, 33, -18, -60, 30, -118, -51, 29, 0, -48, 87, -112, 23, 70, 127, -80, 116, -93, -1, 51, -56, -110, 86, -68};
InputStream signatureStream = null;
signatureStream = new ByteArrayInputStream(signatureBytes, 0,signatureBytes.length);
CMSSignedData signedData = new CMSSignedData(signatureStream);
JcaCertStoreBuilder storeBuilder = new JcaCertStoreBuilder();
storeBuilder.addCertificates(signedData.getCertificates());
storeBuilder.addCRLs(signedData.getCRLs());
CertStore certStore = storeBuilder.build();
SignerInformationStore signers = signedData.getSignerInfos();
Iterator it = signers.getSigners().iterator();
SignerInformation signer = (SignerInformation) it.next();
SignerId signer_id = signer.getSID();
JcaX509CertSelectorConverter conv = new JcaX509CertSelectorConverter();
X509CertificateHolderSelector sel = new X509CertificateHolderSelector(signer_id.getIssuer(),
signer_id.getSerialNumber());
X509CertSelector signerConstraints = conv.getCertSelector(sel);
X509Certificate cert = (X509Certificate) certStore.getCertificates(signerConstraints).iterator().next();
PublicKey key = cert.getPublicKey();
checkHashPadding(key, signature);
}
添加堆栈跟踪:
Exception in thread "main"
org.bouncycastle.crypto.fips.FipsOperationError: Module checksum
failed: entry
at org.bouncycastle.crypto.fips.FipsStatus.checksumValidate(Unknown
Source)
at org.bouncycastle.crypto.fips.FipsStatus.isReady(Unknown Source)
at
org.bouncycastle.crypto.CryptoServicesRegistrar.getDefaultMode(Unknown
Source)
at org.bouncycastle.crypto.CryptoServicesRegistrar.<clinit>(Unknown
Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>
(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>
(未知来源) 在org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider。 (未知来源) 在
Caused by: java.lang.NullPointerException: entry
at java.util.zip.ZipFile.getInputStream(ZipFile.java:342)
at java.util.jar.JarFile.getInputStream(JarFile.java:412)
... 9 more
答案 0 :(得分:1)
抛出异常:
当BC FIPS jar损坏时,因为有一种方法可以计算jar的校验和并用META-INF/HMAC.SHA256验证它;
例如,当它与其他一些罐子一起使用时,在我的情况下,我有bc-fips-source.jar。当我在eclipse中从构建路径中删除它时,我的示例代码开始工作。