Java .security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

For Existing Member Sign In

This topic created in 3035 days ago, the information mentioned may be changed or developed.

复现 CVE-2017-6327 的时候需要个加密的数据
然后改了改就这样了求救
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import sun.misc.BASE64Encoder;

public class BrightmailEncrypt {

private static BrightmailEncrypt instance = null;
private Cipher cipher;
private BASE64Encoder encoder;
private String saltString;

private BrightmailEncrypt() throws Exception {
byte[] salt;
try {
salt = new byte[8];
SecureRandom e = SecureRandom.getInstance("FIPS186PRNG");
e.nextBytes(salt);
PBEKeySpec keySpec = new PBEKeySpec("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ,./<>?;\':\"\\{}`~!@#$%^&*()_+-=".toCharArray());
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey key = keyFactory.generateSecret(keySpec);
PBEParameterSpec paramSpec = new PBEParameterSpec(salt, 1000);
this.cipher = Cipher.getInstance("PBEWithMD5AndDES");
this.cipher.init(1, key, paramSpec);
} catch (Exception var7) {
// log.error(var7);
System.out.println(var7);
throw new Exception(var7);
}

this.encoder = new BASE64Encoder();
this.saltString = this.encoder.encode(salt);
}

public static synchronized BrightmailEncrypt getInstance() throws Exception {
if(instance == null) {
instance = new BrightmailEncrypt();
}

return instance;
}

public String fastEncrypt(String text) throws Exception {
try {
byte[] e = this.cipher.doFinal(text.getBytes());
String ciphertextString = this.encoder.encode(e);
return this.saltString + ciphertextString;
} catch (Exception var4) {
throw new Exception(var4);
}
}

return (new BrightmailEncrypt()).fastEncrypt(plaintext);
}

public static boolean isEncrypted(String text) {
boolean encrypted = true;

try {
// BrightmailDecrypt.decrypt(text);
} catch (Exception var3) {
encrypted = false;
}

return encrypted;
}

public static void main(String[] args) {

try {
String pwd = BrightmailEncrypt.encrypt("12345678");

System.out.println(pwd);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

}

}

运行报错
java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
java.lang.Exception: java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
at BrightmailEncrypt.<init>(BrightmailEncrypt.java:33)
at BrightmailEncrypt.encrypt(BrightmailEncrypt.java:59)
at BrightmailEncrypt.main(BrightmailEncrypt.java:77)
Caused by: java.security.NoSuchAlgorithmException: FIPS186PRNG SecureRandom not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.SecureRandom.getInstance(SecureRandom.java:288)
at BrightmailEncrypt.<init>(BrightmailEncrypt.java:22)
... 2 more

5 replies 2018-01-06 23:15:23 +08:00

misaka19000

Jan 6, 2018

哇现在 V 站的伸手党也这么嚣张了啊

alvinbone88

Jan 6, 2018

SecureRandom 的用法不是这样的，正确的使用方法是直接 new 一个 SecureRandom 就行了，没啥特殊需求就没必要再 getInstance()，而且 FIPS186PRNG 根本不是 Java 自带的算法名

bfpiaoran

Jan 6, 2018

@alvinbone88 恩恩多谢但是现在问题是他的源码里面是这么写的我很尴尬
<img src="http://www.cuijianxiong.top/wp-content/uploads/2018/01/1-1.png" class="embedded_image">
<img src="http://www.cuijianxiong.top/wp-content/uploads/2018/01/1.png" class="embedded_image">
这个在 Symantec Messaging Gateway 程序代码里面

alvinbone88

Jan 6, 2018

@bfpiaoran #3 这段代码应该还差一个叫 JsafeJCE 的 Provider，这个 Provider 包含在 Java Cryptography Extension 里，需要单独下载

bfpiaoran

Jan 6, 2018

@alvinbone88 谢谢我去好好找找