hutool的加解密模块无法加载(BouncyCastle报错)
详见Issue
https://github.com/spring-projects/spring-boot/issues/28837
Oracle JDK 17.0.10 已修复
https://www.oracle.com/java/technologies/javase/17-0-10-relnotes.html
问题发现:
公司有个系统需要做API加解密,使用Hutool的SecureUtil + Spring 的 RequestBodyAdvice & ResponseBodyAdvice实现。
测试环境使用Oracle JDK 17,我本地使用Azul Zulu JDK 17,开发完成后本地测试无异常,线上服务报错无法启动。
发现Github Spring社区 有人遇到同样的问题,提issue到了Spring社区,详见SpringBoot Issue #28837。
问题描述:
hutool的加解密引入了BouncyCastle包做功能增强
在引入BouncyCastle(一个加解密拓展包)时,必定会报错
Exception in thread "main" java.lang.reflect.InvocationTargetException
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:568)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:108)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:88)
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
at java.base/javax.crypto.Cipher.getInstance(Cipher.java:722)
at java.base/javax.crypto.Cipher.getInstance(Cipher.java:642)
at com.example.bctest.BctestApplication.main(BctestApplication.java:14)
... 8 more
Caused by: java.lang.IllegalStateException: zip file closed
at java.base/java.util.zip.ZipFile.ensureOpen(ZipFile.java:831)
at java.base/java.util.zip.ZipFile.getManifestName(ZipFile.java:1057)
at java.base/java.util.zip.ZipFile$1.getManifestName(ZipFile.java:1100)
at java.base/javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:461)
at java.base/javax.crypto.JarVerifier.verifyJars(JarVerifier.java:317)
at java.base/javax.crypto.JarVerifier.verify(JarVerifier.java:260)
at java.base/javax.crypto.ProviderVerifier.verify(ProviderVerifier.java:130)
at java.base/javax.crypto.JceSecurity.verifyProvider(JceSecurity.java:190)
at java.base/javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:218)
at java.base/javax.crypto.Cipher.getInstance(Cipher.java:718)
... 10 more
三种解决方案
- 换JDK,Azul Zulu JDK比较好用,目前没碰见什么坑。Open JDK 17某个版本 碰见了一个Maven指令无法启动的错误。
- 升级Oracle JDK到17.0.10
- hutool提供了
SecureUtil.disableBouncyCastle()
方法,使用此方法禁用BouncyCastle