2

我正在使用 Java Web 应用程序,我需要使用 3DES 算法生成 MAC。代码在 Weblogic 10.3 上运行没有问题,但是当我尝试在不同的 Weblogic 类似版本(10.3.1)中运行应用程序时出现问题。

这是我的代码:

public String getMac(String inkey, String data) throws Exception {

    byte[] out = new byte[8];

    try {

        // if I commend this line, the result is the same
        Security.addProvider(new BouncyCastleProvider());

        // this loop proves the BC provider is there
        for (Provider p : Security.getProviders()) {

            log.debug("--");
            log.debug(p.getName());
            log.debug(p.getInfo());
        }

        try {

            BouncyCastleProvider bc = new BouncyCastleProvider();

            // class is there, no problem
            log.debug("info" + bc.getInfo());

            DES9797Alg3 alg3 = new DES9797Alg3();

            // class is there, no problem
            log.debug("alg3" + alg3.toString());

        } catch (Exception e) {
            log.error("error BouncyCastleProvider classes");
        }

        log.debug("length: " + inkey.length());

        if (inkey.length() < 48)
            inkey += inkey.substring(0, 16);

        byte[] rawkey = hexStringToByteArray(inkey);
        DESedeKeySpec keyspec = new DESedeKeySpec(rawkey);
        SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede");
        SecretKey key = keyfactory.generateSecret(keyspec);

        Mac mac = Mac.getInstance("ISO9797Alg3Mac");

        mac.init(key);

        mac.update(data.getBytes());

        mac.doFinal(out, 0);

    } catch (Exception e) {

        log.error("Error generating MAC X9_19", e);

        throw new Exception("Error generating MAC X9_19", e);

    }

这是我得到的错误:

Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.crypto.provider.DESedeKey
    at javax.crypto.Mac.a(DashoA13*..)
    at javax.crypto.Mac.init(DashoA13*..)
    at es.indra.netplus.sec.services.util.UtilMac.getMac(UtilMac.java:180)
    ... 73 more
Caused by: java.security.NoSuchAlgorithmException: class configured for Mac(provider: BC)cannot be found.
    at java.security.Provider$Service.getImplClass(Provider.java:1268)
    at java.security.Provider$Service.newInstance(Provider.java:1220)
    ... 76 more
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.JCEMac$DES9797Alg3
    at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:283)
    at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:256)
    at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:54)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
    at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:176)
    at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:35)
    at java.security.Provider$Service.getImplClass(Provider.java:1262)

我不明白为什么错误说不org.bouncycastle.jce.provider.JCEMac$DES9797Alg3存在。'java.security' 有可能在另一个地方寻找吗?我已请求服务器管理员将库复制到背书目录中,但我不确定这是否会起作用以及发生的方式。

请注意,即使我删除了 'Security.addProvider(new BouncyCastleProvider());' 行,在可用提供者列表中,列出了 BC。

这是我得到的提供者列表:

-- -- --
CSSX509CertificateFactoryProvider
CSS JDK CertPath provider
1.0
-- -- --
SUN
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
1.6
-- -- --
SunRsaSign
Sun RSA signature provider
1.5
-- -- --
SunJSSE
Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
1.6
-- -- --
SunJCE
SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
1.6
-- -- --
SunJGSS
Sun (Kerberos v5, SPNEGO)
1.0
-- -- --
SunSASL
Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
1.5
-- -- --
XMLDSig
XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory)
1.0
-- -- --
SunPCSC
Sun PC/SC provider
1.6
-- -- --
WebLogicCertPathProvider
WebLogic CertPath Provider JDK CertPath provider
1.0
-- -- --
WLSJDKCertPathProvider
WebLogic JDK CertPath provider
1.0
-- -- --
BC
BouncyCastle Security Provider v1.46
1.46

此外,BC 在那里,与我在战争文件中获得的版本相同。

我已经用谷歌搜索了很多小时,但没有运气,希望有人能指出我正确的方向。

4

1 回答 1

5

在谷歌上花了很多时间试图修复代码更改的错误后,在服务器域 lib 目录中添加库解决了问题。无论如何,我仍然不明白为什么会这样。

于 2012-06-06T18:36:14.853 回答