Bouncy Castle不在linux机器上工作 [英] Bouncy Castle not working on linux machine

问题描述

我为fips投诉签名生成和验证实现了boucnyCastle，这在Windows环境中运行良好，但在Linux环境中，代码卡在密钥对生成上。以下是我编写的代码：

  public static KeyPair generateKeyPair（）抛出GeneralSecurityException 
 {
 KeyPairGenerator keyPair = KeyPairGenerator.getInstance（RSA，BCFIPS）; 
 keyPair.initialize（new RSAKeyGenParameterSpec（3072，RSAKeyGenParameterSpec.F4））; 
返回keyPair.generateKeyPair（）; 
} 
  

Bouncy Castle

解决方案

首先检查rngd.service（硬件RNG） Entropy Gatherer Daemon）正在您的系统上运行。如果您正在使用虚拟机，那么它将无法运行并使用以下链接进行修复：

http://wiki.networksecuritytoolkit.org/index.php/HowTo_Fix_The_rngd.service

使用命令检查你的系统是否有足够的熵：

cat / proc / sys / kernel / random / entropy_avail

如果你的系统的熵没有足够的熵，那么增加它。您可以使用以下链接：

https://redhatlinux.guru/index.php/2016/04/03/increase-system-entropy-on-rhel-centos -6-和-7 /

在您的系统上安装Haveged以生成人工熵。要安装Haveged，您可以使用以下链接：

https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for -cloud-servers-using-hasged

I implemented boucnyCastle for fips complaint signature generation and verification, this worked fine on a windows environment but on a linux environment the code is stuck on keypair generation. Following is the code that i have written:

public static KeyPair generateKeyPair() throws GeneralSecurityException
{
    KeyPairGenerator keyPair = KeyPairGenerator.getInstance("RSA", "BCFIPS");
    keyPair.initialize(new RSAKeyGenParameterSpec(3072, RSAKeyGenParameterSpec.F4));
    return keyPair.generateKeyPair();
}

Bouncy Castle

解决方案

First Check if rngd.service (Hardware RNG Entropy Gatherer Daemon) is running on your system. If you are using Virtual Machine then it will not be running and to fix it use the following link:

http://wiki.networksecuritytoolkit.org/index.php/HowTo_Fix_The_rngd.service

Second check if your system has enough entropy using command:

cat /proc/sys/kernel/random/entropy_avail

if Entropy of your system has not enough Entropy then increase it. you can use the following link:

https://redhatlinux.guru/index.php/2016/04/03/increase-system-entropy-on-rhel-centos-6-and-7/

Also Install Haveged on your system to generate artificial entropy. To install Haveged you can use the following link:

https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged

这篇关于Bouncy Castle不在linux机器上工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！