我正在向我的J2EE应用程序添加对FIDO U2F的支持(这基本上是用硬件令牌保护登录).我正在使用来自yubico的库,u2flib-server-core,它使用BouncyCastleCrypto处理协议中的加密操作.Hovewer,在从持久存储解码公钥时,我不断收到消息异常
"关键规格未被承认"
我已经从库中缩小了这个功能的问题
public PublicKey decodePublicKey(byte[] encodedPublicKey) throws U2fBadInputException {
try {
X9ECParameters curve = SECNamedCurves.getByName("secp256r1");
ECPoint point;
try {
point = curve.getCurve().decodePoint(encodedPublicKey);
} catch (RuntimeException e) {
throw new U2fBadInputException("Could not parse user public key", e);
}
return KeyFactory.getInstance("ECDSA").generatePublic(
new ECPublicKeySpec(point,
new ECParameterSpec(
curve.getCurve(),
curve.getG(),
curve.getN(),
curve.getH()
)
)
);
} catch (GeneralSecurityException e) { //This should not happen
throw new RuntimeException(e);
}
}
方法generatePublic抛出异常,它被捕获并重新抛出为RuntimeException.
我已经验证KeyFactory.getInstance从BC提供程序返回KeyFactory.在Wildfly外部运行此代码非常有效.(我不得不把bcprov-ext-jdk15on-154.jar放到java的/ lib/ext中).
我已经尝试更新野生动物的bouncycastle模块,目前我已经添加了http://www.bouncycastle.org/latest_releases.html上发布的所有6个罐子
堆栈跟踪的有趣部分是
java.security.spec.InvalidKeySpecException: key spec not recognised
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown …