BouncyCastle没有找到它提供的算法？

Question

让我惊讶的是，我在玩BouncyCastle 1.46时，下面的片段中的catch块经常会被绊倒。

Security.addProvider(new BouncyCastleProvider());

final Set<String> found = new HashSet<String>();
final Set<String> missing = new HashSet<String>();

final DefaultSignatureAlgorithmIdentifierFinder finder = new DefaultSignatureAlgorithmIdentifierFinder();
for (Service service : new BouncyCastleProvider().getServices()) {
    if ("Signature".equals(service.getType())) {
        final String algorithm = service.getAlgorithm();
        try {
            finder.find(algorithm);
            found.add(algorithm);
        } catch (IllegalArgumentException ex) {
            missing.add(algorithm);
        }
    }
}

System.out.println("Found: " + found);
System.out.println("Missing: " + missing);

我似乎无法通过Finder使用大多数算法，尽管提供这些算法的服务是存在的。我做错了什么？

我已经修改了一些代码，以更好地说明这个问题。可能令人感兴趣的是，我正在使用JDK1.5版本的BouncyCastle。上面的代码提供了以下输出：

发现: RIPEMD256WithRSAEncryption，MD5WithRSAEncryption，MD2WithRSAEncryption，SHA384WithRSAEncryption，SHA224WITHECDSA，SHA384WITHDSA，SHA256WITHDSA，SHA512WithRSAEncryption，SHA512WITHDSA，RIPEMD160WithRSAEncryption，SHA224WithRSAEncryption，SHA256WITHECDSA，RIPEMD128WithRSAEncryption，SHA384WITHECDSA，SHA256WithRSAEncryption，SHA512WITHECDSA，SHA1WithRSAEncryption，SHA224WITHDSA

失踪: SHA1WITHECNR、NONEwithECDSA、ECDSA、SHA512 MD5withRSA/PSS、RIPEMD160WITHECDSA、RSA、GOST3410、SHA256WITHECNR、MD5withRSA/ DSA 9796-2、SHA1WITHCVC-ECDSA、SHA384withRSA/PSS、SHA1withRSA/PSS、MD4WithRSAEncryption、RSASSA、SHA512WITHECNR、SHA256WITHCVC-ECDSA、SHA1withRSA/DSA 9796-2、S224WITHCVC-ECDSA、SHA224WITHCVC-ECDSA、RAWRSASSA、SHA256withRSA/PSS、NONEWITHDSA、SHA384WITHECNR、RIPEMD160withRSA/9796/ ECGOST3410、SHA224WITHECNR、1.1.351.841.10

Answer 1

我认为DefaultSignatureAlgorithmIdentifierFinder是bcmail的一部分。它返回此API所识别的算法标识符。(检查密码信息语法)另一方面，弹性种姓提供者提供更多的算法。您可以检查DefaultSignatureAlgorithmIdentifierFinder的来源，在这里，已识别的算法是硬编码的：

algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption);
algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);

干杯!

Answer 2

您在安全提供者中添加了BouncyCastle吗？你可以用这一行来做：

Security.addProvider(new BouncyCastleProvider());

Answer 3

这个答案与BouncyCastle没有直接关系。但是，我认为这对其他人是有用的：

在我的例子中，我使用的是SpongyCastle。我遇到了类似的问题: org.e.h.p:无法创建签名者: Provider SC不提供org.e.h.a.a.a(SourceFile:101)上的SHA256WITHRSA。

结果证明，Pro卫兵正在删除一些所需的类。在proguard配置文件中添加以下内容后：-keep类org.spongy城堡.**{ *；}

问题解决了。