一、问题:
eclipse的环境下,直接跑,没有问题,通过Build fat Jar 打包出来的客户端,跑会爆java.SecurityException 的 错误,如下:
java.lang.SecurityException: JCE cannot authenticate the provider BC
at javax.crypto.Cipher.getInstance(Cipher.java:657)
at javax.crypto.Cipher.getInstance(Cipher.java:596)
at com.tidewater.psamQy.tools.RSATools.decryptByPrivateKey(RSATools.java:172)
at com.tidewater.psamQy.getPsamMsg.GetPsamMsgClient.logon(GetPsamMsgClient.java:429)
at com.tidewater.psamQy.getPsamMsg.GetPsamMsgClient.main(GetPsamMsgClient.java:62)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.simontuffs.onejar.Boot.run(Boot.java:306)
at com.simontuffs.onejar.Boot.main(Boot.java:159)
Caused by: java.util.jar.JarException: jar:file:/C:/Users/PIG/Desktop/PsamQueryClient/PsamQuery4GzClient4Test.jar!/lib/bcprov-jdk15on-1.57.jar has unsigned entries - com/simontuffs/onejar/Boot$1.class
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:464)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:160)
at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:186)
at javax.crypto.Cipher.getInstance(Cipher.java:653)
... 10 more
二、解决思路
百度。。。
期间去百度了好多帖子,但是符合的不多,再次写个笔记,希望帮助到有需要的IT精英伙伴。
三、参考文章:
a、http://bbs.csdn.net/topics/390690044?list=lz,这个跟我出现的情况大致相同,但是没有答案。。。。
b、https://stackoverflow.com/questions/22160780/java-jce-cannot-authenticate-provider-bc-in-jarsplice-created-jar# ,这个试了下,但是全英文的也是有点蒙B
c、http://blog.csdn.net/haihaa/article/details/77929874, 这个就符合要求啦。
四、诡异事件
其实刚刚开始是,爆一下这个错误,
========================================================================
java.lang.SecurityException: JCE cannot authenticate the provider BC
at javax.crypto.Cipher.getInstance(Cipher.java:642)
at javax.crypto.Cipher.getInstance(Cipher.java:580)
at com.tidewater.psamQy.tools.RSATools.decryptByPrivateKey(RSATools.java:172)
at com.tidewater.psamQy.getPsamMsg.GetPsamMsgClient.logon(GetPsamMsgClient.java:430)
at com.tidewater.psamQy.getPsamMsg.GetPsamMsgClient.main(GetPsamMsgClient.java:63)
Caused by: java.util.jar.JarException: file:/C:/Users/PIG/Desktop/PsamQueryClient/PsamQuery4GzClient4Test.jar has unsigned entries - com/tidewater/base/BufferedImageLuminanceSource.class
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:462)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:161)
at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:187)
at javax.crypto.Cipher.getInstance(Cipher.java:638)
... 4 more
这个就很蒙B了,第一个错误就知道是,java加密涉及的jar包 的问题,第二个就陷入是,“老子的JAR包打包错啦”??
之后纠结了好久,才爆出:/lib/bcprov-jdk15on-1.57.jar ,这个包的问题,这才进入正轨
========================================================================
五、解决方案:
1、 在系统使用的(JAVA_HOME 指向那个) jdk中,\jdk1.8.0_73\jre\lib\security目录下的,在文件“java.security” 添加如下:
security.provider.9=org.bouncycastle.jce.provider.BouncyCastleProvider //这里的9,视具体情况而定,你可能是是10,11...
2、将lib文件夹里面的“bcprov-jdk15on-1.57.jar”,然后放在\jdk1.8.0_73\jre\lib\ext 路径下
(步骤2是必要的,步骤1可有可无)
注意这个是针对于,jdk8,32位和64位都行。jdk7没有验证过
原创作品,转载请注明出处,谢谢