java.security.NoSuchAlgorithmException:找不到签名MD5WITHRSA实现

Question

我在Websphere server8.5上遇到了问题，Java version = 1.6.0，Java Runtime Version = pap6460_26sr8fp7ifx-20151008_01 (SR8 FP7)

失败的代码是：

   Security.addProvider(new BouncyCastleProvider());
   Signature sign = Signature.getInstance("MD5withRSA", "BC");

我得到的错误是：

java.security.NoSuchAlgorithmException: Signature MD5WITHRSA implementation not found: java.lang.ClassNotFoundException: org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi$MD5

相同的代码适用于java版本稍有不同的开发环境(Java version = 1.6.0，Java Runtime version = pap6460_26sr8fp20-20160111_01 (SR8 FP20))

我已经用下面的代码列出了所有的签名算法：

新建(Security.addProvider BouncyCastleProvider())；

    TreeSet<String> algorithms = new TreeSet<String>();
    for (Provider provider : Security.getProviders())
        for (Service service : provider.getServices())
            if (service.getType().equals("Signature"))
                algorithms.add(service.getAlgorithm());
    for (String algorithm : algorithms)
        System.out.println(algorithm);

我得到了：

DSA
DSAforSSL
ECDSA
ECDSAforSSL
ECGOST3410
GOST3410
GOST3411WITHECGOST3410
MD2WITHRSA
MD2withRSA
MD4WITHRSA
MD5WITHRSA
MD5withRSA
MD5withRSA/ISO9796-2
NONEWITHDSA
NONEwithECDSA
OID.1.2.840.113549.1.1.10
RAWRSASSA-PSS
RIPEMD128WITHRSA
RIPEMD160WITHECDSA
RIPEMD160WITHRSA
RIPEMD160withRSA/ISO9796-2
RIPEMD256WITHRSA
RMD128WITHRSA
RMD160WITHRSA
RMD256WITHRSA
RSA
RSAPSS
RSASSA-PSS
RSAforSSL
SHA1WITHCVC-ECDSA
SHA1WITHECNR
SHA1WITHRSA
SHA1withDSA
SHA1withECDSA
SHA1withRSA
SHA1withRSA/ISO9796-2
SHA1withRSA/PSS
SHA224WITHCVC-ECDSA
SHA224WITHDSA
SHA224WITHECDSA
SHA224WITHECNR
SHA224WITHRSA
SHA224withECDSA
SHA224withRSA
SHA224withRSA/PSS
SHA256WITHCVC-ECDSA
SHA256WITHDSA
SHA256WITHECDSA
SHA256WITHECNR
SHA256WITHRSA
SHA256withDSA
SHA256withRSA
SHA256withRSA/PSS
SHA2withECDSA
SHA384WITHDSA
SHA384WITHECDSA
SHA384WITHECNR
SHA384WITHRSA
SHA384withRSA
SHA384withRSA/PSS
SHA3withECDSA
SHA512WITHDSA
SHA512WITHECDSA
SHA512WITHECNR
SHA512WITHRSA
SHA512withRSA
SHA512withRSA/PSS
SHA5withECDSA

所以，MD5withRSA就在那里。

类org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi$MD5位于应用程序内部，并且

 System.out.println("--->DigestSignatureSpi" + MD5.class.getResource("DigestSignatureSpi$MD5.class"));

正确返回类的位置。

那么问题会是什么呢？

Answer 1

请使用以下代码片段验证您的输出。

AlgoCheck.java

import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.Signature;
import org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class AlgoCheck {

public static void main(String[] args) throws NoSuchAlgorithmException,
    NoSuchProviderException, ClassNotFoundException {

Security.addProvider(new BouncyCastleProvider());
URL bcClassUrl = AlgoCheck.class.getClassLoader()
        .getResource("org/bouncycastle/jce/provider/BouncyCastleProvider.class");
System.out.println("BouncyCastleProvider class URL   = " + bcClassUrl);

ClassLoader loader = DigestSignatureSpi.MD5.class.getClassLoader();
URL md5ClassUrl = loader.getResource(
 "org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi$MD5.class");
System.out.println("DigestSignatureSpi.MD5 class URL = " + md5ClassUrl);

Signature sign = Signature.getInstance("MD5withRSA", "BC");
System.out.println("algorithm = " + sign.getAlgorithm());
    }
}

从中加载类BouncyCastleProvider和DigestSignatureSpi.MD5的库应该是相同的。

输出示例

BouncyCastleProvider class URL   = jar:file:/home/suboptimal/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.49/bcprov-jdk15on-1.49.jar!/org/bouncycastle/jce/provider/BouncyCastleProvider.class
DigestSignatureSpi.MD5 class URL = jar:file:/home/suboptimal/.m2/repository/org/bouncycastle/bcprov-jdk15on/1.49/bcprov-jdk15on-1.49.jar!/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi$MD5.class
algorithm = MD5withRSA

Answer 2

这是一个关于和谐的已知问题。将一个弹力jars放入appserver lib/ext目录中。