我正在使用 Java Web 应用程序,我需要使用 3DES 算法生成 MAC。代码在 Weblogic 10.3 上运行没有问题,但是当我尝试在不同的 Weblogic 类似版本(10.3.1)中运行应用程序时出现问题。
这是我的代码:
public String getMac(String inkey, String data) throws Exception {
byte[] out = new byte[8];
try {
// if I commend this line, the result is the same
Security.addProvider(new BouncyCastleProvider());
// this loop proves the BC provider is there
for (Provider p : Security.getProviders()) {
log.debug("--");
log.debug(p.getName());
log.debug(p.getInfo());
}
try {
BouncyCastleProvider bc = new BouncyCastleProvider();
// class is there, no problem
log.debug("info" + bc.getInfo());
DES9797Alg3 alg3 = new DES9797Alg3();
// class is there, no problem
log.debug("alg3" + alg3.toString());
} catch (Exception e) {
log.error("error BouncyCastleProvider classes");
}
log.debug("length: " + inkey.length());
if (inkey.length() < 48)
inkey += inkey.substring(0, 16);
byte[] rawkey = hexStringToByteArray(inkey);
DESedeKeySpec keyspec = new DESedeKeySpec(rawkey);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = keyfactory.generateSecret(keyspec);
Mac mac = Mac.getInstance("ISO9797Alg3Mac");
mac.init(key);
mac.update(data.getBytes());
mac.doFinal(out, 0);
} catch (Exception e) {
log.error("Error generating MAC X9_19", e);
throw new Exception("Error generating MAC X9_19", e);
}
这是我得到的错误:
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.crypto.provider.DESedeKey
at javax.crypto.Mac.a(DashoA13*..)
at javax.crypto.Mac.init(DashoA13*..)
at es.indra.netplus.sec.services.util.UtilMac.getMac(UtilMac.java:180)
... 73 more
Caused by: java.security.NoSuchAlgorithmException: class configured for Mac(provider: BC)cannot be found.
at java.security.Provider$Service.getImplClass(Provider.java:1268)
at java.security.Provider$Service.newInstance(Provider.java:1220)
... 76 more
Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.JCEMac$DES9797Alg3
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:283)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:256)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:54)
at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:176)
at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:35)
at java.security.Provider$Service.getImplClass(Provider.java:1262)
我不明白为什么错误说不org.bouncycastle.jce.provider.JCEMac$DES9797Alg3存在。'java.security' 有可能在另一个地方寻找吗?我已请求服务器管理员将库复制到背书目录中,但我不确定这是否会起作用以及发生的方式。
请注意,即使我删除了 'Security.addProvider(new BouncyCastleProvider());' 行,在可用提供者列表中,列出了 BC。
这是我得到的提供者列表:
-- -- --
CSSX509CertificateFactoryProvider
CSS JDK CertPath provider
1.0
-- -- --
SUN
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
1.6
-- -- --
SunRsaSign
Sun RSA signature provider
1.5
-- -- --
SunJSSE
Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
1.6
-- -- --
SunJCE
SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
1.6
-- -- --
SunJGSS
Sun (Kerberos v5, SPNEGO)
1.0
-- -- --
SunSASL
Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
1.5
-- -- --
XMLDSig
XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory)
1.0
-- -- --
SunPCSC
Sun PC/SC provider
1.6
-- -- --
WebLogicCertPathProvider
WebLogic CertPath Provider JDK CertPath provider
1.0
-- -- --
WLSJDKCertPathProvider
WebLogic JDK CertPath provider
1.0
-- -- --
BC
BouncyCastle Security Provider v1.46
1.46
此外,BC 在那里,与我在战争文件中获得的版本相同。
我已经用谷歌搜索了很多小时,但没有运气,希望有人能指出我正确的方向。