SecurityException with Bouncy Castle [duplicate]

StackOverflow https://stackoverflow.com/questions/16469567

Question

I am on Mac OS and getting this issue after performing software update on my mac. 

Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
    at javax.crypto.SunJCE_b.a(DashoA13*..)
    at javax.crypto.SecretKeyFactory.getInstance(DashoA13*..)
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667)
    ... 95 more
Caused by: java.util.jar.JarException: Cannot parse jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-b5p2h4-hgi84jo1-1-hgi84qe5-w/csa.ear!/lib/bcprov-jdk15-140.jar
    at javax.crypto.SunJCE_c.a(DashoA13*..)
    at javax.crypto.SunJCE_b.b(DashoA13*..)
    at javax.crypto.SunJCE_b.a(DashoA13*..)
    ... 98 more

I tried these suggestions

  1. Added security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider to java.security
  2. Added bcprov-jdk15-140.jar under /Home/jre/lib/ext

but that dint help. I tried updating jdk6 to jdk7 and did the same, and got a slight different error of unsigned jar

    at org.jboss.seam.Component.newInstance(Component.java:2132)
    ... 75 more
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
    at javax.crypto.JceSecurity.getInstance(JceSecurity.java:114)
    at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:243)
    at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667)
    ... 95 more
Caused by: java.util.jar.JarException: jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-4nf5e1-hgiayarg-1-hgiayihg-w/csa.ear!/lib/bcprov-jdk15-140.jar has unsigned entries - csa-ejb-3.45.0.8-SNAPSHOT.jar
    at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:462)
    at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
    at javax.crypto.JarVerifier.verify(JarVerifier.java:250)

I have tried this with jdk16-140.jar, but same result. Can someone think of any other option to overcome this issue? Thank you.

Was it helpful?

Solution

  1. I got rid of bouncy castle (bcprov-jdk15-140.jar) from my local jre/jdk ext directory
  2. Copied bcprov-jdk15-140.jar under /jboss/jboss-5.1.0.GA/server/default/lib/
  3. Changed the dependency scope from default compile to provided bouncycastle bcprov-jdk15 140 provided
  4. Added "security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider" to java.security

This is my Reference

OTHER TIPS

Try the latest release. The provider jar of the current latest (1.48) can be found here. The version (1.40) you are trying is pretty old by now.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top