PBEWITHSHA256AND128BITAES-CBC-BC creating java.security.NoSuchAlgorithmException on RedHat 6.4
Solution 1
Do you have the BouncyCastle provider JAR (e.g. bcprov-jdk15on-149.jar) in your classpath?
I tested your scenario with a minimal CentOS 6.4 (64-bit) installation, OpenJDK 1.7 and BouncyCastle 1.49, and found no issues with it.
I placed the JAR in the JRE lib/ext directory:
/usr/lib/jvm/java-1.7.0-openjdk.x86_64/jre/lib/ext
Solution 2
I try to confirm your issue and looks like problem in your environment. Here is sample of code i successfully run on clean OpenJDK 1.7, 1.6, Oracle JDK 1.7 and 1.6
$ java -version
java version "1.7.0_19"
OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64)
OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode):
Command line: java -cp bcprov-jdk15on-149.jar:. Test
Output: OK
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
public class Test {
public static void main(String[] args) throws Exception{
String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
Security.addProvider(new BouncyCastleProvider());
char[] passPhrase = null;
passPhrase = "12321".toCharArray();
PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
try {
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm, "BC");
SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
assert newSecretKey != null;
System.out.println("OK");
} catch (NoSuchAlgorithmException e) {
System.out.println("The algorithm is not found: " + cryptoAlgorithm);
} catch (InvalidKeySpecException e) {
System.out.println("The key spec is invalid");
}
}
}
Try to run that program on your environment. BouncyCastle jar you can download from here http://downloads.bouncycastle.org/java/bcprov-jdk15on-149.jar
Comments
-
Saqib Ali almost 2 years
We have an application that uses
Bouncy Castle
to encrypt data usingPBEWITHSHA256AND128BITAES-CBC-BC
algorithm. It works fine onUbuntu
runningOpenJDK 1.7
. But when when we move it toRedHat 6.4
also runningOpenJDK 1.7
, we get the following exception:java.security.NoSuchAlgorithmException
Any thoughts on what could be causing this. How can we add
PBEWITHSHA256AND128BITAES-CBC-BC
algorithm toRedHat 6.4
?p.s. the application is running in
JBoss
.private String cryptoAlgorithm = "PBEWITHSHA256AND128BITAES-CBC-BC"; Security.addProvider(new BouncyCastleProvider()); // load passPhrase from configured external file to char array. char[] passPhrase = null; try { passPhrase = loadPassPhrase(passPhraseFile); } catch (FileNotFoundException e) { throw BeanHelper.logException(LOG, methodName, new EJBException("The file not found: " + passPhraseFile, e)); } catch (IOException e) { throw BeanHelper.logException(LOG, methodName, new EJBException("Error in reading file: " + passPhraseFile, e)); } PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase); try { SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(cryptoAlgorithm); SecretKey newSecretKey = secretKeyFactory.generateSecret(pbeKeySpec); return newSecretKey; } catch (NoSuchAlgorithmException e) { throw BeanHelper.logException(LOG, methodName, new EJBException("The algorithm is not found: " + cryptoAlgorithm, e)); } catch (InvalidKeySpecException e) { throw BeanHelper.logException(LOG, methodName, new EJBException("The key spec is invalid", e)); }
(On RH 6.4)
#java -version java version "1.7.0_19" OpenJDK Runtime Environment (rhel-2.3.9.1.el6_4-x86_64) OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
(On Ubuntu 12.04)
#java version "1.7.0_15" OpenJDK Runtime Environment (IcedTea7 2.3.7) (7u15-2.3.7-0ubuntu1~12.04) OpenJDK 64-Bit Server VM (build 23.7-b01, mixed mode)
-
Maarten Bodewes almost 11 yearsThat cannot be it, as the providers will be questioned for the implemented algorithm strings. The whole bunch of providers will be tested unless a specific provider is given.
-
SubOptimal almost 11 yearsFor sure it should not be. But it doesn't work. And as I said "I guess". So at least it would be worth to first check the order of registered providers and then check if a manual insert of BC at first position would fix it. If not follow-up the investigation. But to find the issue you need to start at some point. ;-) And those above checks are done quick and if they are not the solution at least you can remove them from the list of possibilities.
-
Saqib Ali almost 11 yearsit is on the machine where ear file was compiled. does have to exist on the jboss server as well?
-
Jukka almost 11 yearsIf the BouncyCastle JAR is not within the EAR, then you need to copy the JAR to the JBoss machine. In fact I would recommend to not put the JAR in the EAR but to place it in the appropriate jre/lib/ext folder (see example path above).
-
Jukka almost 11 yearsTry and remove the JAR from the EAR and put it in the appropriate JBoss profile's lib directory (e.g. server/default/lib) or in the said JRE lib/ext directory . Also make sure JBoss isn't already packing (a possibly differing version of) BouncyCastle.