SecurityException with Bouncy Castle
16,905
Solution 1
- I got rid of bouncy castle (bcprov-jdk15-140.jar) from my local jre/jdk ext directory
- Copied bcprov-jdk15-140.jar under /jboss/jboss-5.1.0.GA/server/default/lib/
- Changed the dependency scope from default compile to provided bouncycastle bcprov-jdk15 140 provided
- Added "security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider" to java.security
Solution 2
Try the latest release. The provider jar of the current latest (1.48) can be found here. The version (1.40) you are trying is pretty old by now.
Author by
Himalay Majumdar
Updated on July 26, 2022Comments
-
Himalay Majumdar almost 2 years
I am on Mac OS and getting this issue after performing software update on my mac.
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.SunJCE_b.a(DashoA13*..) at javax.crypto.SecretKeyFactory.getInstance(DashoA13*..) at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667) ... 95 more Caused by: java.util.jar.JarException: Cannot parse jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-b5p2h4-hgi84jo1-1-hgi84qe5-w/csa.ear!/lib/bcprov-jdk15-140.jar at javax.crypto.SunJCE_c.a(DashoA13*..) at javax.crypto.SunJCE_b.b(DashoA13*..) at javax.crypto.SunJCE_b.a(DashoA13*..) ... 98 more
I tried these suggestions
- Added security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider to java.security
- Added bcprov-jdk15-140.jar under /Home/jre/lib/ext
but that dint help. I tried updating jdk6 to jdk7 and did the same, and got a slight different error of unsigned jar
at org.jboss.seam.Component.newInstance(Component.java:2132) ... 75 more Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC at javax.crypto.JceSecurity.getInstance(JceSecurity.java:114) at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:243) at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667) ... 95 more Caused by: java.util.jar.JarException: jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-4nf5e1-hgiayarg-1-hgiayihg-w/csa.ear!/lib/bcprov-jdk15-140.jar has unsigned entries - csa-ejb-3.45.0.8-SNAPSHOT.jar at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:462) at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322) at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
I have tried this with jdk16-140.jar, but same result. Can someone think of any other option to overcome this issue? Thank you.
-
Himalay Majumdar almost 11 yearsTried, that did not help me either.
-
Maarten Bodewes almost 11 yearsPlease make sure that there is absolutely no other BC provider in your class path. Check the
ext
folder of both your JDK(s) and JRE(s). If it finds one that it cannot authenticate you won't be able to add anything. Note that the latest provider has a different.jar
file name... -
Himalay Majumdar almost 11 yearsthank you owlstead for your comments, your comments took me to right direction. I added my solution.
-
Maarten Bodewes almost 11 yearsGlad to be of help, hmajumdar...
-
Hosein Aqajani almost 8 yearsDear @Himalay , what configuration is required in the jboss when you set provided scope?
-
Hosein Aqajani almost 8 yearsAlso, I am using jboss-eap-6.4 and it has not default directory!