2

我在 Java/Tomcat 应用程序中收到以下错误。

尝试更改 java JRM 和 JDK 中的安全策略文件,仍然一样...

Tomcat 控制台输出:

java.security.InvalidKeyException: Wrong algorithm: AES or Rijndael required
    at com.sun.crypto.provider.SunJCE_c.a(DashoA13*..)
    at com.sun.crypto.provider.SunJCE_g.a(DashoA13*..)
    at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
    at com.sun.crypto.provider.SunJCE_f.a(DashoA13*..)
    at com.sun.crypto.provider.AESCipher.engineInit(DashoA13*..)
    at javax.crypto.Cipher.a(DashoA13*..)
    at javax.crypto.Cipher.a(DashoA13*..)
    at javax.crypto.Cipher.init(DashoA13*..)
    at javax.crypto.Cipher.init(DashoA13*..)
    at com.illuminati.safemail.util.Util.encryptPrivateKey(Util.java:115)
    at com.illuminati.safemail.service.DefaultBusinessServiceImpl.send(DefaultBusinessServiceImpl.java:122)
    at com.illuminati.safemail.web.Controller.performAction(Controller.java:83)
    at com.illuminati.safemail.web.Controller.doPost(Controller.java:53)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
    at java.lang.Thread.run(Thread.java:662)

错误源于此函数:

public static synchronized byte[] encryptPrivateKey(
        ElGamalPrivateKey privateKey, byte[] hashedAnsBytes)
        throws NoSuchAlgorithmException, NoSuchPaddingException,
        InvalidKeyException, IllegalBlockSizeException,
        BadPaddingException, NoSuchProviderException, IOException {
    Cipher c = Cipher.getInstance("AES");
    SecretKeySpec key = new SecretKeySpec(hashedAnsBytes, "SHA256");
    c.init(Cipher.ENCRYPT_MODE, key);

    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    ObjectOutput out = new ObjectOutputStream(bos);
    out.writeObject(privateKey);
    out.close();
    bos.close();
    byte[] pvtKeyBytes = c.doFinal(bos.toByteArray());
    return pvtKeyBytes;
}

有什么建议么?有趣的是,这段代码在 CentOS 机器上运行良好……这个有 Ubuntu。

4

1 回答 1

2

您将需要无限强度的加密货币。请注意,我只修复了许多编程错误,实际执行了散列,实际将生成的密文写入流,并使用随机 IV 的 CBC 模式。

public static synchronized byte[] encryptPrivateKey(
        ElGamalPrivateKey privateKey, byte[] hashedAnsBytes)
        throws GeneralSecurityException, IOException {
    Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
    MessageDigest digest = MessageDigest.getInstance("SHA256");
    final byte[] reallyHashed = digest.digest(hashedAnsBytes);
    System.out.println(reallyHashed.length);
    SecretKeySpec key = new SecretKeySpec(reallyHashed, "AES");
    SecureRandom rnd = SecureRandom.getInstance("SHA1PRNG");
    final byte[] iv = new byte[c.getBlockSize()];
    rnd.nextBytes(iv);
    IvParameterSpec spec = new IvParameterSpec(iv);
    c.init(Cipher.ENCRYPT_MODE, key, spec);

    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    ObjectOutput out = new ObjectOutputStream(bos);
    out.write(iv);
    out.write(c.doFinal(privateKey.getEncoded()));
    out.close();
    bos.close();
    byte[] pvtKeyBytes = c.doFinal(bos.toByteArray());
    return pvtKeyBytes;
}
于 2012-07-23T22:18:34.217 回答