NoSuchAlgorithmException:无此类算法:提供程序SunPKCS11-NSS的SHA-256

时间:2018-10-12 06:07:49

标签: java ssl fips nss sunpkcs11

我的应用程序具有FIPS配置,并且我正在使用@RestController @Api(tags = "My api") @RequestMapping(path = "v1/{apiKey}/myKey") public class TestController implements TestApi { @Override public ResponseEntity<GenericResponse> saveAction( @ApiParam(value = "Authorization", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @RequestBody SomeDTO someDto, @PathVariable String apiKey, @PathVariable String someId, HttpServletRequest request){ // can I perform some sort of check here if(isFromSwagger()){ performValidation(someDto); } GenericResponse responseDTO = new GenericResponse(); return new ResponseEntity<>(responseDTO, responseDTO.getHttpStatusCode()); } 库。

当我使用FIPS配置通过NSS 3.39开始初始通信时,收到错误消息:TLS 1.2

当我使用TLS 1.1与相同的配置进行通信时,出现错误:

java.security.NoSuchAlgorithmException: no such algorithm: SHA-256 for provider SunPKCS11-NSS

它可与常规java.security.NoSuchAlgorithmException: no such algorithm: MD5 for provider SunPKCS11-NSS 设置(非FIPS)配合使用。

有人遇到这个问题吗? NSS是否需要任何更改?

注意:它与带有相同设置的NSS 3.23的TLS 1.1一起使用。我正在将JRE 8用于NSS 3.23和3.39配置。

以下是完整的堆栈跟踪: NSS 3.39,带有TLS 1.2的JRE 8: 

SSL

具有 NSS 3.39,具有TLS 1.0和TLS 1.1的JRE 8的堆栈跟踪

java.lang.RuntimeException: Algorithm SHA-256 not available
19:10:45,315 INFO  [STDOUT] %% Invalidated:  [Session-7, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
19:10:45,315 INFO  [STDOUT] MultiProtocolServer
19:10:45,315 INFO  [STDOUT] , SEND TLSv1.2 ALERT:
19:10:45,316 INFO  [STDOUT] fatal,
19:10:45,316 INFO  [STDOUT] description = internal_error
19:10:45,316 INFO  [STDOUT] MultiProtocolServer, WRITE: TLSv1.2 Alert, length = 2
19:10:45,316 INFO  [STDOUT] [Raw write]: length = 7
19:10:45,316 INFO  [STDOUT] 48
19:10:45,316 INFO  [STDOUT] 48
19:10:45,316 INFO  [STDOUT] 48
19:10:45,317 INFO  [STDOUT] 48
19:10:45,317 INFO  [STDOUT] :
Caused by: java.lang.RuntimeException: Algorithm SHA-256 not available
        at sun.security.ssl.JsseJce.getMessageDigest(JsseJce.java:342)
        at sun.security.ssl.CloneableDigest.getDigest(HandshakeHash.java:310)
        at sun.security.ssl.HandshakeHash.setFinishedAlg(HandshakeHash.java:229)
        at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:753)
        at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:224)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
        at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
        at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1416)
        ... 1 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: SHA-256 for provider SunPKCS11-NSS
        at sun.security.jca.GetInstance.getService(GetInstance.java:101)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:218)
        at java.security.Security.getImpl(Security.java:724)
        at java.security.MessageDigest.getInstance(MessageDigest.java:275)
        at sun.security.ssl.JsseJce.getMessageDigest(JsseJce.java:339)
        ... 11 more

0 个答案:

没有答案
相关问题
最新问题