Java .security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available

2018-01-06 19:19:21 +08:00
 bfpiaoran
复现 CVE-2017-6327 的时候 需要个加密的数据
然后改了改就这样了 求救
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import sun.misc.BASE64Encoder;

public class BrightmailEncrypt {

private static BrightmailEncrypt instance = null;
private Cipher cipher;
private BASE64Encoder encoder;
private String saltString;


private BrightmailEncrypt() throws Exception {
byte[] salt;
try {
salt = new byte[8];
SecureRandom e = SecureRandom.getInstance("FIPS186PRNG");
e.nextBytes(salt);
PBEKeySpec keySpec = new PBEKeySpec("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./<>?;\':\"\\{}`~!@#$%^&*()_+-=".toCharArray());
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = keyFactory.generateSecret(keySpec);
PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 1000);
this.cipher = Cipher.getInstance("PBEWithMD5AndDES");
this.cipher.init(1, key, paramSpec);
} catch (Exception var7) {
// log.error(var7);
System.out.println(var7);
throw new Exception(var7);
}

this.encoder = new BASE64Encoder();
this.saltString = this.encoder.encode(salt);
}

public static synchronized BrightmailEncrypt getInstance() throws Exception {
if(instance == null) {
instance = new BrightmailEncrypt();
}

return instance;
}

public String fastEncrypt(String text) throws Exception {
try {
byte[] e = this.cipher.doFinal(text.getBytes());
String ciphertextString = this.encoder.encode(e);
return this.saltString + ciphertextString;
} catch (Exception var4) {
throw new Exception(var4);
}
}

public static String encrypt(String plaintext) throws Exception {
return (new BrightmailEncrypt()).fastEncrypt(plaintext);
}

public static boolean isEncrypted(String text) {
boolean encrypted = true;

try {
// BrightmailDecrypt.decrypt(text);
} catch (Exception var3) {
encrypted = false;
}

return encrypted;
}

public static void main(String[] args) {

try {
String pwd = BrightmailEncrypt.encrypt("12345678");

System.out.println(pwd);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}


}

}


运行报错
java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
java.lang.Exception: java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
at BrightmailEncrypt.<init>(BrightmailEncrypt.java:33)
at BrightmailEncrypt.encrypt(BrightmailEncrypt.java:59)
at BrightmailEncrypt.main(BrightmailEncrypt.java:77)
Caused by: java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.SecureRandom.getInstance(SecureRandom.java:288)
at BrightmailEncrypt.<init>(BrightmailEncrypt.java:22)
... 2 more
3842 次点击
所在节点    Java
5 条回复
misaka19000
2018-01-06 19:56:21 +08:00
哇 现在 V 站的伸手党也这么嚣张了啊
alvinbone88
2018-01-06 21:29:54 +08:00
SecureRandom 的用法不是这样的,正确的使用方法是直接 new 一个 SecureRandom 就行了,没啥特殊需求就没必要再 getInstance(),而且 FIPS186PRNG 根本不是 Java 自带的算法名
bfpiaoran
2018-01-06 22:01:22 +08:00
@alvinbone88 恩恩 多谢 但是现在问题是 他的源码里面是这么写的 我很尴尬
<img src="http://www.cuijianxiong.top/wp-content/uploads/2018/01/1-1.png" class="embedded_image">
<img src="http://www.cuijianxiong.top/wp-content/uploads/2018/01/1.png" class="embedded_image">
这个在 Symantec Messaging Gateway 程序代码里面
alvinbone88
2018-01-06 23:11:16 +08:00
@bfpiaoran #3 这段代码应该还差一个叫 JsafeJCE 的 Provider,这个 Provider 包含在 Java Cryptography Extension 里,需要单独下载
bfpiaoran
2018-01-06 23:15:23 +08:00
@alvinbone88 谢谢 我去好好找找

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/420657

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX