Look at the following line of java:
Mac.getInstance("HmacSHA1");
If I put this in a simple test program, it runs without problems on my server. However, if I use this line in a container, I get
java.security.NoSuchAlgorithmException: Algorithm HmacSHA1 not available
at javax.crypto.Mac.getInstance(DashoA13*..)
The same JDK installation is used in both cases.
After googling around a bit, I managed to get it to work by doing two things:
- Copying
sunjce_provider.jar
from $JAVA_HOME/jre/lib/ext
to the lib directory of the container.
Adding the following line to my code:
java.security.Security.addProvider(new com.sun.crypto.provider.SunJCE());
Specifically, this happens to me in an Apache James mailet, but I'm pretty sure this is has to do with JVM options. Here is the startup script that it uses.
Although I got it to work in the end, the solution feels too hacked to be the right one. I would appreciate an explanation of what is going on, as well as a more "proper" solution.
Related question: Using Java crypto leads to NoSuchAlgorithmException. However, in this case I'm pretty sure the HmacSHA1 algorithm should be supported out of the box. As evidence, this works without problems in a test program.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…