- I got rid of bouncy castle (bcprov-jdk15-140.jar) from my local jre/jdk ext directory
- Copied bcprov-jdk15-140.jar under /jboss/jboss-5.1.0.GA/server/default/lib/
- Changed the dependency scope from default compile to provided bouncycastle bcprov-jdk15 140 provided
- Added "security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider" to java.security
SecurityException with Bouncy Castle [duplicate]
-
21-04-2022 - |
Question
I am on Mac OS and getting this issue after performing software update on my mac.
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
at javax.crypto.SunJCE_b.a(DashoA13*..)
at javax.crypto.SecretKeyFactory.getInstance(DashoA13*..)
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667)
... 95 more
Caused by: java.util.jar.JarException: Cannot parse jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-b5p2h4-hgi84jo1-1-hgi84qe5-w/csa.ear!/lib/bcprov-jdk15-140.jar
at javax.crypto.SunJCE_c.a(DashoA13*..)
at javax.crypto.SunJCE_b.b(DashoA13*..)
at javax.crypto.SunJCE_b.a(DashoA13*..)
... 98 more
I tried these suggestions
- Added security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider to java.security
- Added bcprov-jdk15-140.jar under /Home/jre/lib/ext
but that dint help. I tried updating jdk6 to jdk7 and did the same, and got a slight different error of unsigned jar
at org.jboss.seam.Component.newInstance(Component.java:2132)
... 75 more
Caused by: java.lang.SecurityException: JCE cannot authenticate the provider BC
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:114)
at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:243)
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:667)
... 95 more
Caused by: java.util.jar.JarException: jar:file:/Users/himajumdar/Work/jboss/jboss-5.1.0.GA/server/default/tmp/a00c-4nf5e1-hgiayarg-1-hgiayihg-w/csa.ear!/lib/bcprov-jdk15-140.jar has unsigned entries - csa-ejb-3.45.0.8-SNAPSHOT.jar
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:462)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:322)
at javax.crypto.JarVerifier.verify(JarVerifier.java:250)
I have tried this with jdk16-140.jar, but same result. Can someone think of any other option to overcome this issue? Thank you.
La solution
Autres conseils
Try the latest release. The provider jar of the current latest (1.48) can be found here. The version (1.40) you are trying is pretty old by now.
Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow